Hello community, here is the log from the commit of package cups for openSUSE:Factory checked in at Fri Nov 12 14:31:41 CET 2010. -------- --- cups/cups.changes 2010-07-15 15:09:13.000000000 +0200 +++ /mounts/work_src_done/STABLE/cups/cups.changes 2010-11-12 09:33:34.000000000 +0100 @@ -1,0 +2,19 @@ +Fri Nov 12 08:47:49 CET 2010 - jsmeix@suse.de + +- Upgraded to CUPS 1.4.5 + CUPS 1.4.5 fixes several scheduler and printing bugs + as well as a reported security bug, in particular: + * Fixed a IPP parsing memory corruption bug + (CVE-2010-2941, STR #3648, Novell/Suse Bugzilla bnc#649256) + * Fixed a PPD loader bug that could crash the cupsd (STR #3680) + * The scheduler restarts jobs while shutting down (STR #3679) + * Did not initialize Kerberos in all cases (STR #3662) + * The socket backend could go into an infinite loop + with certain printers (STR #3622) + * Moving a job via the web interface failed without + asking for authentication (STR #3559) + * The web interface did not allow a user to change + the driver (STR #3537, STR #3601) + * For a complete list see the CHANGES.txt file. + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- cups-1.4.4-source.tar.bz2 New: ---- cups-1.4.5-source.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cups.spec ++++++ --- /var/tmp/diff_new_pack.Jx7Rx6/_old 2010-11-12 14:30:54.000000000 +0100 +++ /var/tmp/diff_new_pack.Jx7Rx6/_new 2010-11-12 14:30:54.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package cups (Version 1.4.4) +# spec file for package cups (Version 1.4.5) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -29,8 +29,8 @@ License: GPLv2+ ; LGPLv2.1+ Group: Hardware/Printing Summary: The Common UNIX Printing System -Version: 1.4.4 -Release: 3 +Version: 1.4.5 +Release: 1 # Require the exact matching version-release of the cups-libs sub-package because # non-matching CUPS libraries may let CUPS software crash (e.g. segfault) # because all CUPS software is built from the one same CUPS source tar ball @@ -52,8 +52,8 @@ Obsoletes: cups-SUSE-ppds-dat Provides: cups-SUSE-ppds-dat # Source0...Source9 is for sources from upstream: -# URL for Source0: http://ftp.easysw.com/pub/cups/1.4.4/cups-1.4.4-source.tar.bz2 -# MD5 sum for Source0 on http://www.cups.org/software.php 8776403ad60fea9e85eab9c04d88560d +# URL for Source0: http://ftp.easysw.com/pub/cups/1.4.5/cups-1.4.5-source.tar.bz2 +# MD5 sum for Source0 on http://www.cups.org/software.php 50729f6fc46ba54223e0eaf5009f3419 Source0: cups-%{version}-source.tar.bz2 # Patch0...Patch9 is for patches from upstream: # Source10...Source99 is for sources from Novell/openSUSE which are intended for upstream: @@ -458,7 +458,6 @@ %doc %{_mandir}/man5/printers.conf.5.gz %doc %{_mandir}/man5/subscriptions.conf.5.gz %doc %{_mandir}/man7/backend.7.gz -%doc %{_mandir}/man7/drv.7.gz %doc %{_mandir}/man7/filter.7.gz %doc %{_mandir}/man7/notifier.7.gz %doc %{_mandir}/man8/cups-deviced.8.gz ++++++ cups-1.4.4-source.tar.bz2 -> cups-1.4.5-source.tar.bz2 ++++++ ++++ 9286 lines of diff (skipped) ++++++ cups-1.4-additional_policies.patch ++++++ --- /var/tmp/diff_new_pack.Jx7Rx6/_old 2010-11-12 14:30:56.000000000 +0100 +++ /var/tmp/diff_new_pack.Jx7Rx6/_new 2010-11-12 14:30:56.000000000 +0100 @@ -1,17 +1,19 @@ ---- conf/cupsd.conf.in.orig 2010-01-27 11:49:09.000000000 +0100 -+++ conf/cupsd.conf.in 2010-01-27 11:55:34.000000000 +0100 -@@ -120,3 +120,23 @@ DefaultAuthType Basic +--- conf/cupsd.conf.in.orig 2010-11-12 09:04:07.000000000 +0100 ++++ conf/cupsd.conf.in 2010-11-12 09:16:14.000000000 +0100 +@@ -124,3 +124,25 @@ DefaultAuthType Basic # - # End of "$Id: cupsd.conf.in 8805 2009-08-31 16:34:06Z mike $". + # End of "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $". # + +# The policy below is added by openSUSE/Novell during build of our cups package. +# The policy 'allowallforanybody' is totally open and insecure and therefore +# it can only be used within an internal network where only trused users exist -+# and where the cupsd is not accessible at all from any external host. ++# and where the cupsd is not accessible at all from any external host, see ++# http://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings +# Have in mind that any user who is allowed to do printer admin tasks -+# can change the print queues as he likes (e.g. send copies of confidental -+# print jobs from an internal network to any external destination). ++# can change the print queues as he likes - e.g. send copies of confidental ++# print jobs from an internal network to any external destination, see ++# http://en.opensuse.org/SDB:CUPS_in_a_Nutshell +# For documentation regarding 'Managing Operation Policies' see +# http://www.cups.org/documentation.php/doc-1.4/policies.html +<Policy allowallforanybody> @@ -20,7 +22,7 @@ + Allow from all + </Limit> +</Policy> -+# Explicitely set the CUPS 'default' policy to be used by default: ++# Explicitly set the CUPS 'default' policy to be used by default: +DefaultPolicy default +# End of additions by openSUSE/Novell. + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org