Subject: CVS commit: pkgsrc/doc
To: None <pkgsrc-changes@netbsd.org>
From: Johnny C. Lam <jlam@netbsd.org>
List: pkgsrc-changes
Date: 12/20/2002 09:00:48
Module Name:	pkgsrc
Committed By:	jlam
Date:		Fri Dec 20 07:00:47 UTC 2002

Modified Files:
	pkgsrc/doc: CHANGES

Log Message:
Updated print/cups to 1.1.18.  Changes from version 1.1.17 include:

- SECURITY FIX: The scheduler now provides a FileDevice directive to
  control whether new printers can be added using device URIs of the form
  "file:/filename".  The default is to not allow printers with these
  device URIs.
- SECURITY FIX: Potential underflow/overflow bug in web interface.
- SECURITY FIX: Race condition in certificate creation.
- SECURITY FIX: Bad URIs in browse packets could be used to exploit the
  web interface underflow/overflow bug.
- SECURITY FIX: Some types of Denial of Service attacks were not handled
  properly, so once the attack was over the scheduler did not close the
  connections immediately on all platforms.
- SECURITY FIXES: Added integer overflow/underflow checks for all image
  formats.
- Bug fixes to the scheduler.
- Upgraded pdftops filter to Xpdf 2.01 with fixes for TrueType fonts.
- Added a MaxClientsPerHost configuration directive to provide limited
  protection against Denial of Service attacks.


To generate a diff of this commit:
cvs rdiff -r1.848 -r1.849 pkgsrc/doc/CHANGES

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.