pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/print
Module Name: pkgsrc
Committed By: wiz
Date: Sun Apr 19 14:52:23 UTC 2026
Modified Files:
pkgsrc/print/cups: Makefile Makefile.common
pkgsrc/print/cups-base: Makefile distinfo
pkgsrc/print/cups-base/patches: patch-scheduler-main.c
patch-scheduler_auth.c
pkgsrc/print/libcups: Makefile
Log Message:
*cups*: update to 2.4.17
Changes in CUPS v2.4.17 (2026-04-17)
------------------------------------
- CVE-2026-27447: The scheduler treated local user and group names as case-
insensitive.
- CVE-2026-34978: The RSS notifier could write outside the scheduler's RSS
directory.
- CVE-2026-34980: The scheduler did not filter control characters from option
values.
- CVE-2026-34979: The scheduler did not always allocate enough memory for a
job's options string.
- CVE-2026-34990: The scheduler incorrectly allowed local certificates over the
loopback interface.
- CVE-2026-39314: Fixed the range check for job password strings.
- CVE-2026-39316: Fixed a printer subscription bug in the scheduler.
- CVE-2026-NNNNN: Fixed a SNMP string conversion bug in the backends.
- The scheduler followed symbolic links when cleaning out its temporary
directory (Issue #1448)
- Updated `cupsFileGetConf` and `cupsFilePutConf` to escape more characters.
- Updated man page `cancel` (Issue #984)
- Updated `cupsRasterReadHeader` to validate more of the page header values
(Issue #1501)
- Fixed an issue with the class/printer CGI name checking.
- Fixed infinite loop in `http_write()` on busy print servers (Issue #827)
- Fixed potential TLS blocking issues (Issue #1128)
- Fixed a job history bug in the scheduler (Issue #1440)
- Fixed notifier logging bug that would result in nul bytes getting into the
log (Issue #1450)
- Fixed possible use-after-free in `cupsdReadClient()` (Issue #1454)
- Fixed a document format bug in the IPP backend (Issue #1457)
- Fixed DRAIN_OUTPUT race condition (Issue #1461)
- Fixed a bug when then `ippFindXxx` and `ippSetXxx` functions were mixed.
- Fixed the mapping of supply type keywords to SNMP names.
- Fixed a bug in the IPP backend when SNMP was disabled.
- Fixed a crash bug in the rastertoepson filter.
- Fixed a bug in cgiCheckVariables.
- Fixed handling read/write errors with OpenSSL (Issue #1506)
- Fixed handling rehandshake error in `_httpTLSRead` (Issue #1508)
- Fixed a debug printf bug on Windows (Issue #1529)
- Fixed a recursion issue with encoding of nested collections (Issue #1539)
- Fixed parsing of the `LimitRequestBody`, `MaxLogSize`, and `MaxRequestSize`
directives in "cupsd.conf" (Issue #1540)
- Fixed a parsing bug in `ipptool` (Issue #1542)
- Fixed blank line detection in the `rastertolabel` filter (Issue #1545)
- Fixed `httpPeek` edge case on compressed streams
To generate a diff of this commit:
cvs rdiff -u -r1.301 -r1.302 pkgsrc/print/cups/Makefile
cvs rdiff -u -r1.26 -r1.27 pkgsrc/print/cups/Makefile.common
cvs rdiff -u -r1.82 -r1.83 pkgsrc/print/cups-base/Makefile
cvs rdiff -u -r1.47 -r1.48 pkgsrc/print/cups-base/distinfo
cvs rdiff -u -r1.4 -r1.5 \
pkgsrc/print/cups-base/patches/patch-scheduler-main.c
cvs rdiff -u -r1.5 -r1.6 \
pkgsrc/print/cups-base/patches/patch-scheduler_auth.c
cvs rdiff -u -r1.48 -r1.49 pkgsrc/print/libcups/Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/print/cups/Makefile
diff -u pkgsrc/print/cups/Makefile:1.301 pkgsrc/print/cups/Makefile:1.302
--- pkgsrc/print/cups/Makefile:1.301 Fri Feb 6 10:05:41 2026
+++ pkgsrc/print/cups/Makefile Sun Apr 19 14:52:23 2026
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.301 2026/02/06 10:05:41 wiz Exp $
+# $NetBSD: Makefile,v 1.302 2026/04/19 14:52:23 wiz Exp $
-PKGREVISION= 2
.include "../../print/cups/Makefile.common"
PKGNAME= cups-${CUPS_VERS}
Index: pkgsrc/print/cups/Makefile.common
diff -u pkgsrc/print/cups/Makefile.common:1.26 pkgsrc/print/cups/Makefile.common:1.27
--- pkgsrc/print/cups/Makefile.common:1.26 Fri Dec 12 09:27:39 2025
+++ pkgsrc/print/cups/Makefile.common Sun Apr 19 14:52:23 2026
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile.common,v 1.26 2025/12/12 09:27:39 wiz Exp $
+# $NetBSD: Makefile.common,v 1.27 2026/04/19 14:52:23 wiz Exp $
#
# used by print/cups/Makefile
# used by print/cups-base/Makefile
# used by print/libcups/Makefile
-CUPS_VERS= 2.4.16
+CUPS_VERS= 2.4.17
DISTNAME= cups-${CUPS_VERS}-source
CATEGORIES= print
Index: pkgsrc/print/cups-base/Makefile
diff -u pkgsrc/print/cups-base/Makefile:1.82 pkgsrc/print/cups-base/Makefile:1.83
--- pkgsrc/print/cups-base/Makefile:1.82 Fri Feb 6 10:05:41 2026
+++ pkgsrc/print/cups-base/Makefile Sun Apr 19 14:52:23 2026
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.82 2026/02/06 10:05:41 wiz Exp $
+# $NetBSD: Makefile,v 1.83 2026/04/19 14:52:23 wiz Exp $
-PKGREVISION= 2
.include "../../print/cups/Makefile.common"
PKGNAME= cups-base-${CUPS_VERS}
Index: pkgsrc/print/cups-base/distinfo
diff -u pkgsrc/print/cups-base/distinfo:1.47 pkgsrc/print/cups-base/distinfo:1.48
--- pkgsrc/print/cups-base/distinfo:1.47 Fri Dec 12 09:27:39 2025
+++ pkgsrc/print/cups-base/distinfo Sun Apr 19 14:52:23 2026
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.47 2025/12/12 09:27:39 wiz Exp $
+$NetBSD: distinfo,v 1.48 2026/04/19 14:52:23 wiz Exp $
-BLAKE2s (cups-2.4.16-source.tar.gz) = a8bc5711414a67e7aa837d95b03c50c0c4dcd4b31c81081c3bf01528a4597774
-SHA512 (cups-2.4.16-source.tar.gz) = ee0d2afdba7b713c8249912dd738c4fa87efb6f7cdb0a48a48be299d03ae4b1a02773418d6ffc4f7c5731bbae2c859bcc39695f9b93cc422ec6124b7ba179734
-Size (cups-2.4.16-source.tar.gz) = 8159166 bytes
+BLAKE2s (cups-2.4.17-source.tar.gz) = d16f0bb335d74ad6a6aa4dbb7d7f2cf1153c1451d45ad114a5c228862768cd4b
+SHA512 (cups-2.4.17-source.tar.gz) = a454a870f175327ff86e10bc8136ee1d0d939015953b6ebd12e9fce3cdfc91eb09c7553a85085611e884b864c62a6d16aac8e008b3484493211bdc6de2a370fa
+Size (cups-2.4.17-source.tar.gz) = 8161554 bytes
SHA1 (patch-ae) = 7f12aa886208f9e634d5c3fd3bc1fd4a385f22a6
SHA1 (patch-ai) = d4aa1b59c77fa2cbf614eb661d9a791311b399c2
SHA1 (patch-at) = 9517bff0bf2c892f0723a25f243ba188f7781393
@@ -18,7 +18,7 @@ SHA1 (patch-doc-help-man-cups-files.conf
SHA1 (patch-man_cups-files.conf.5) = 51c06d39e20bf8c39c784fec1f32f6c8100cf821
SHA1 (patch-scheduler-conf.c) = 3e8dda2dc04c31a58a902c70161724a57bdc3e43
SHA1 (patch-scheduler-conf.h) = cd5c49579795c69b50abbff2b0f9604ffe8bfa5a
-SHA1 (patch-scheduler-main.c) = 347df789f10b77e4594a3e1a6d586a4c5e7d3749
-SHA1 (patch-scheduler_auth.c) = 63309d001f541f309ff1111abd54fc6b6527e6e1
+SHA1 (patch-scheduler-main.c) = d0b944e4f283ef943241fb8b29ea2f278c28b7c8
+SHA1 (patch-scheduler_auth.c) = 5d6505917dd11e6fe71a3fa9217075d7248cfe23
SHA1 (patch-scheduler_dirsvc.c) = 1dba98dc171df733acb99e5f31ad838845a917bc
SHA1 (patch-tools_ippfind.c) = f0774fcf5ece380fd6fa09adb3c068910ddfa367
Index: pkgsrc/print/cups-base/patches/patch-scheduler-main.c
diff -u pkgsrc/print/cups-base/patches/patch-scheduler-main.c:1.4 pkgsrc/print/cups-base/patches/patch-scheduler-main.c:1.5
--- pkgsrc/print/cups-base/patches/patch-scheduler-main.c:1.4 Fri Jun 23 06:46:48 2023
+++ pkgsrc/print/cups-base/patches/patch-scheduler-main.c Sun Apr 19 14:52:23 2026
@@ -1,8 +1,8 @@
-$NetBSD: patch-scheduler-main.c,v 1.4 2023/06/23 06:46:48 wiz Exp $
+$NetBSD: patch-scheduler-main.c,v 1.5 2026/04/19 14:52:23 wiz Exp $
Add a PidFile configuration directive to write a PID file.
---- scheduler/main.c.orig 2023-06-22 10:17:14.000000000 +0000
+--- scheduler/main.c.orig 2026-04-17 12:22:45.000000000 +0000
+++ scheduler/main.c
@@ -63,6 +63,7 @@
* Local functions...
@@ -12,7 +12,7 @@ Add a PidFile configuration directive to
static void parent_handler(int sig);
static void process_children(void);
static void sigchld_handler(int sig);
-@@ -675,6 +676,13 @@ main(int argc, /* I - Number of comm
+@@ -673,6 +674,13 @@ main(int argc, /* I - Number of command-line args
#endif /* __APPLE__ */
/*
@@ -26,7 +26,7 @@ Add a PidFile configuration directive to
* Send server-started event...
*/
-@@ -1166,6 +1174,7 @@ main(int argc, /* I - Number of comm
+@@ -1164,6 +1172,7 @@ main(int argc, /* I - Number of command-line args
"Scheduler shutting down due to program error.");
}
@@ -34,7 +34,7 @@ Add a PidFile configuration directive to
/*
* Close all network clients...
*/
-@@ -1191,6 +1200,12 @@ main(int argc, /* I - Number of comm
+@@ -1189,6 +1198,12 @@ main(int argc, /* I - Number of command-line args
*/
cupsdDeleteTemporaryPrinters(1);
@@ -47,10 +47,14 @@ Add a PidFile configuration directive to
#ifdef __APPLE__
/*
-@@ -2127,6 +2142,36 @@ service_checkout(int shutdown)
-
-
- /*
+@@ -2136,6 +2151,36 @@ service_checkout(int shutdown) /* I - Shuttin
+ if (OnDemand && shutdown)
+ xpc_transaction_end();
+ # endif /* __APPLE__ */
++}
++
++
++/*
+ * 'create_pidfile()' - Create PID file.
+ */
+static int
@@ -77,10 +81,6 @@ Add a PidFile configuration directive to
+ }
+ (void)close(fd);
+ return (1);
-+}
-+
-+
-+/*
- * 'usage()' - Show scheduler usage.
- */
+ }
+
Index: pkgsrc/print/cups-base/patches/patch-scheduler_auth.c
diff -u pkgsrc/print/cups-base/patches/patch-scheduler_auth.c:1.5 pkgsrc/print/cups-base/patches/patch-scheduler_auth.c:1.6
--- pkgsrc/print/cups-base/patches/patch-scheduler_auth.c:1.5 Sun Nov 30 13:58:06 2025
+++ pkgsrc/print/cups-base/patches/patch-scheduler_auth.c Sun Apr 19 14:52:23 2026
@@ -1,10 +1,10 @@
-$NetBSD: patch-scheduler_auth.c,v 1.5 2025/11/30 13:58:06 wiz Exp $
+$NetBSD: patch-scheduler_auth.c,v 1.6 2026/04/19 14:52:23 wiz Exp $
- Don't pull in sys/ucred.h on Solaris as it results in procfs.h being
included and conflicts between _FILE_OFFSET_BITS=64 and 32-bit procfs.
- OpenBSD defines SO_PEERCRED, but it is different from Linux's one.
---- scheduler/auth.c.orig 2025-11-27 15:21:54.000000000 +0000
+--- scheduler/auth.c.orig 2026-04-17 12:22:45.000000000 +0000
+++ scheduler/auth.c
@@ -40,7 +40,7 @@
#ifdef HAVE_SYS_PARAM_H
@@ -15,16 +15,16 @@ $NetBSD: patch-scheduler_auth.c,v 1.5 20
# include <sys/ucred.h>
typedef struct xucred cupsd_ucred_t;
# define CUPSD_UCRED_UID(c) (c).cr_uid
-@@ -397,7 +397,7 @@ cupsdAuthorize(cupsd_client_t *con) /* I
+@@ -397,7 +397,7 @@ cupsdAuthorize(cupsd_client_t *con) /* I - Client conn
con->type = CUPSD_AUTH_BASIC;
}
#endif /* HAVE_AUTHORIZATION_H */
-#if defined(SO_PEERCRED) && defined(AF_LOCAL)
+#if defined(SO_PEERCRED) && defined(AF_LOCAL) && !defined(__OpenBSD__)
else if (PeerCred != CUPSD_PEERCRED_OFF && !strncmp(authorization, "PeerCred ", 9) &&
- con->http->hostaddr->addr.sa_family == AF_LOCAL && con->best)
+ httpAddrFamily(httpGetAddress(con->http)) == AF_LOCAL && con->best)
{
-@@ -852,7 +852,7 @@ cupsdAuthorize(cupsd_client_t *con) /* I
+@@ -852,7 +852,7 @@ cupsdAuthorize(cupsd_client_t *con) /* I - Client conn
gss_delete_sec_context(&minor_status, &context, GSS_C_NO_BUFFER);
Index: pkgsrc/print/libcups/Makefile
diff -u pkgsrc/print/libcups/Makefile:1.48 pkgsrc/print/libcups/Makefile:1.49
--- pkgsrc/print/libcups/Makefile:1.48 Fri Feb 6 10:05:43 2026
+++ pkgsrc/print/libcups/Makefile Sun Apr 19 14:52:23 2026
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.48 2026/02/06 10:05:43 wiz Exp $
+# $NetBSD: Makefile,v 1.49 2026/04/19 14:52:23 wiz Exp $
-PKGREVISION= 2
.include "../../print/cups/Makefile.common"
PKGNAME= libcups-${CUPS_VERS}
Home |
Main Index |
Thread Index |
Old Index