Subject: CVS commit: pkgsrc/doc
To: None <pkgsrc-changes@netbsd.org>
From: Johnny C. Lam <jlam@netbsd.org>
List: pkgsrc-changes
Date: 12/20/2002 09:00:48
Module Name: pkgsrc
Committed By: jlam
Date: Fri Dec 20 07:00:47 UTC 2002
Modified Files:
pkgsrc/doc: CHANGES
Log Message:
Updated print/cups to 1.1.18. Changes from version 1.1.17 include:
- SECURITY FIX: The scheduler now provides a FileDevice directive to
control whether new printers can be added using device URIs of the form
"file:/filename". The default is to not allow printers with these
device URIs.
- SECURITY FIX: Potential underflow/overflow bug in web interface.
- SECURITY FIX: Race condition in certificate creation.
- SECURITY FIX: Bad URIs in browse packets could be used to exploit the
web interface underflow/overflow bug.
- SECURITY FIX: Some types of Denial of Service attacks were not handled
properly, so once the attack was over the scheduler did not close the
connections immediately on all platforms.
- SECURITY FIXES: Added integer overflow/underflow checks for all image
formats.
- Bug fixes to the scheduler.
- Upgraded pdftops filter to Xpdf 2.01 with fixes for TrueType fonts.
- Added a MaxClientsPerHost configuration directive to provide limited
protection against Denial of Service attacks.
To generate a diff of this commit:
cvs rdiff -r1.848 -r1.849 pkgsrc/doc/CHANGES
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.