Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package cups for openSUSE:Factory checked in at 2024-07-04 16:21:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cups (Old) and /work/SRC/openSUSE:Factory/.cups.new.2080 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "cups" Thu Jul 4 16:21:54 2024 rev:174 rq:1185108 version:2.4.10 Changes: -------- --- /work/SRC/openSUSE:Factory/cups/cups.changes 2024-06-12 15:38:10.313795505 +0200 +++ /work/SRC/openSUSE:Factory/.cups.new.2080/cups.changes 2024-07-04 16:22:55.902759842 +0200 @@ -1,0 +2,46 @@ +Tue Jul 2 11:45:58 UTC 2024 - Johannes Meixner <jsmeix@suse.com> + +- Version upgrade to 2.4.10: + See https://github.com/openprinting/cups/releases + CUPS 2.4.10 brings two fixes: + * Fixed error handling when reading a mixed 1setOf attribute. + * Fixed scheduler start if there is only domain socket + to listen on (Issue #985) which is fix for regression + after fix for CVE-2024-35235 in scenarios where is + no other listeners in cupsd.conf than domain socket + created on demand by systemd, launchd or upstart. + Issues are those at https://github.com/OpenPrinting/cups/issues +- Version upgrade to 2.4.9: + See https://github.com/openprinting/cups/releases + CUPS 2.4.9 brings security fix for CVE-2024-35235 and + several bug fixes regarding CUPS Web User Interface, + PPD generation and HTTP protocol implementation. + Detailed list (from CHANGES.md): + * Fixed domain socket handling (CVE-2024-35235) + * Fixed creating of `cupsUrfSupported` PPD keyword + (Issue #952) + * Fixed searching for destinations in web ui (Issue #954) + * Fixed TLS negotiation using OpenSSL with servers + that require the TLS SNI extension. + * Really raised `cups_enum_dests()` timeout for listing + available IPP printers (Issue #751)... + * Fixed `Host` header regression (Issue #967) + * Fixed DNS-SD lookups of local services with Avahi + (Issue #970) + * Fixed listing jobs in destinations in web ui. + (Apple issue #6204) + * Fixed showing search query in web ui help page. + (Issue #977) + Issues are those at https://github.com/OpenPrinting/cups/issues + Apple issues are those at https://github.com/apple/cups/issues +- Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.10 +- Removed cups-2.4.8-CVE-2024-35235.patch : fixed upstream + see the above CUPS 2.4.9 changes +- avoid_C99_mode_for_loop_initial_declarations.patch avoids error + "'for' loop initial declarations are only allowed in C99 mode" + that happens when building for SLE12 + in scheduler/client.c at "for (char *start = ..." since + https://github.com/OpenPrinting/cups/commit/a7eda84da73126e40400e05dd27d57f8... + see https://github.com/OpenPrinting/cups/issues/1000 + +------------------------------------------------------------------- Old: ---- cups-2.4.8-CVE-2024-35235.patch cups-2.4.8-source.tar.gz cups-2.4.8-source.tar.gz.sig New: ---- avoid_C99_mode_for_loop_initial_declarations.patch cups-2.4.10-source.tar.gz cups-2.4.10-source.tar.gz.sig BETA DEBUG BEGIN: Old:- Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.10 - Removed cups-2.4.8-CVE-2024-35235.patch : fixed upstream see the above CUPS 2.4.9 changes BETA DEBUG END: BETA DEBUG BEGIN: New: see the above CUPS 2.4.9 changes - avoid_C99_mode_for_loop_initial_declarations.patch avoids error "'for' loop initial declarations are only allowed in C99 mode" BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cups.spec ++++++ --- /var/tmp/diff_new_pack.nQzspI/_old 2024-07-04 16:22:57.182806590 +0200 +++ /var/tmp/diff_new_pack.nQzspI/_new 2024-07-04 16:22:57.186806736 +0200 @@ -40,18 +40,18 @@ # "zypper vcmp 2.3.b99 2.3.0" shows "2.3.b99 is older than 2.3.0" and # "zypper vcmp 2.2.99 2.3b6" show "2.2.99 is older than 2.3b6" so that # version upgrades from 2.2.x via 2.3.b* to 2.3.0 work: -Version: 2.4.8 +Version: 2.4.10 Release: 0 Summary: The Common UNIX Printing System License: Apache-2.0 Group: Hardware/Printing URL: https://openprinting.github.io/cups # To get Source0 go to https://github.com/OpenPrinting/cups/releases or use e.g. -# wget --no-check-certificate -O cups-2.4.7-source.tar.gz https://github.com/OpenPrinting/cups/releases/download/v2.4.7/cups-2.4.7-sou... -Source0: https://github.com/OpenPrinting/cups/releases/download/v2.4.8/cups-2.4.8-sou... +# wget --no-check-certificate -O cups-2.4.10-source.tar.gz https://github.com/OpenPrinting/cups/releases/download/v2.4.10/cups-2.4.10-s... +Source0: https://github.com/OpenPrinting/cups/releases/download/v2.4.10/cups-2.4.10-s... # To get Source1 go to https://github.com/OpenPrinting/cups/releases or use e.g. -# wget --no-check-certificate -O cups-2.4.7-source.tar.gz.sig https://github.com/OpenPrinting/cups/releases/download/v2.4.7/cups-2.4.7-sou... -Source1: https://github.com/OpenPrinting/cups/releases/download/v2.4.8/cups-2.4.8-sou... +# wget --no-check-certificate -O cups-2.4.10-source.tar.gz.sig https://github.com/OpenPrinting/cups/releases/download/v2.4.10/cups-2.4.10-s... +Source1: https://github.com/OpenPrinting/cups/releases/download/v2.4.10/cups-2.4.10-s... # To make Source2 use e.g. # gpg --keyserver keys.openpgp.org --recv-keys 7082A0A50A2E92640F3880E0E4522DCC9B246FF7 # gpg --export --armor 7082A0A50A2E92640F3880E0E4522DCC9B246FF7 >cups.keyring @@ -61,7 +61,7 @@ # To manually verify Source0 with Source1 and Source2 do e.g. # gpg --import cups.keyring # gpg --list-keys | grep -1 'Zdenek Dohnal' -# gpg --verify cups-2.4.7-source.tar.gz.sig cups-2.4.7-source.tar.gz +# gpg --verify cups-2.4.10-source.tar.gz.sig cups-2.4.10-source.tar.gz Source102: Postscript.ppd.gz Source105: Postscript-level1.ppd.gz Source106: Postscript-level2.ppd.gz @@ -77,6 +77,12 @@ # because the files of the CUPS web content are no documentation, see CUPS STR #3578 # and https://bugzilla.suse.com/show_bug.cgi?id=546023#c6 and subsequent comments: Patch11: cups-2.1.0-default-webcontent-path.patch +# Patch12 avoid_C99_mode_for_loop_initial_declarations.patch +# avoids "error: 'for' loop initial declarations are only allowed in C99 mode" +# that happens when building for SLE12 at "for (char *start = ..." since +# https://github.com/OpenPrinting/cups/commit/a7eda84da73126e40400e05dd27d57f8... +# see https://github.com/OpenPrinting/cups/issues/1000 +Patch12: avoid_C99_mode_for_loop_initial_declarations.patch # Patch100...Patch999 is for private patches from SUSE which are not intended for upstream: # Patch100 cups-pam.diff adds conf/pam.suse regarding support for PAM for SUSE: Patch100: cups-pam.diff @@ -103,13 +109,6 @@ # Patch112 cups-2.4.2-additional_policies.patch adds the 'allowallforanybody' policy to cupsd.conf # see SUSE FATE 303515 and https://bugzilla.suse.com/show_bug.cgi?id=936309 Patch112: cups-2.4.2-additional_policies.patch -# Patch113 cups-2.4.8-CVE-2024-35235.patch is derived from the upstream patch against master (CUPS 2.5) -# https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f... -# to apply to CUPS 2.4.8 in openSUSE Factory -# to fix CVE-2024-35235 "cupsd Listen port arbitrary chmod 0140777" -# https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f -# https://bugzilla.suse.com/show_bug.cgi?id=1225365 -Patch113: cups-2.4.8-CVE-2024-35235.patch # Build Requirements: BuildRequires: dbus-1-devel BuildRequires: fdupes @@ -337,13 +336,12 @@ # Patch112 cups-2.4.2-additional_policies.patch adds the 'allowallforanybody' policy to cupsd.conf # see SUSE FATE 303515 and https://bugzilla.suse.com/show_bug.cgi?id=936309 %patch -P 112 -b cups-2.4.2-additional_policies.orig -# Patch113 cups-2.4.8-CVE-2024-35235.patch is derived from the upstream patch against master (CUPS 2.5) -# https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f... -# to apply to CUPS 2.4.8 in openSUSE Factory -# to fix CVE-2024-35235 "cupsd Listen port arbitrary chmod 0140777" -# https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f -# https://bugzilla.suse.com/show_bug.cgi?id=1225365 -%patch -P 113 -b cups-2.4.8-CVE-2024-35235.orig +# Patch12 avoid_C99_mode_for_loop_initial_declarations.patch +# avoids "error: 'for' loop initial declarations are only allowed in C99 mode" +# that happens when building for SLE12 at "for (char *start = ..." since +# https://github.com/OpenPrinting/cups/commit/a7eda84da73126e40400e05dd27d57f8... +# see https://github.com/OpenPrinting/cups/issues/1000 +%patch -P 12 -b avoid_C99_mode_for_loop_initial_declarations.orig %build # Remove ".SILENT" rule for verbose build output ++++++ avoid_C99_mode_for_loop_initial_declarations.patch ++++++ --- scheduler/client.c.orig 2024-06-18 13:11:05.000000000 +0200 +++ scheduler/client.c 2024-07-02 14:51:25.359712447 +0200 @@ -566,6 +566,7 @@ cupsdReadClient(cupsd_client_t *con) /* struct stat filestats; /* File information */ mime_type_t *type; /* MIME type of file */ static unsigned request_id = 0; /* Request ID for temp files */ + char *start; /* Avoid error: 'for' loop initial declarations are only allowed in C99 mode */ status = HTTP_STATUS_CONTINUE; @@ -1145,7 +1146,7 @@ cupsdReadClient(cupsd_client_t *con) /* { unsigned int i = 0; // Array index - for (char *start = con->uri + 9; *start && *start != '?' && i < sizeof(name);) + for (*start = con->uri + 9; *start && *start != '?' && i < sizeof(name);) name[i++] = *start++; name[i] = '\0'; @@ -1185,7 +1186,7 @@ cupsdReadClient(cupsd_client_t *con) /* { unsigned int i = 0; // Array index - for (char *start = con->uri + 10; *start && *start != '?' && i < sizeof(name);) + for (*start = con->uri + 10; *start && *start != '?' && i < sizeof(name);) name[i++] = *start++; name[i] = '\0'; ++++++ cups-2.4.8-source.tar.gz -> cups-2.4.10-source.tar.gz ++++++ /work/SRC/openSUSE:Factory/cups/cups-2.4.8-source.tar.gz /work/SRC/openSUSE:Factory/.cups.new.2080/cups-2.4.10-source.tar.gz differ: char 5, line 1 ++++++ downgrade-autoconf-requirement.patch ++++++ --- /var/tmp/diff_new_pack.nQzspI/_old 2024-07-04 16:22:57.326811849 +0200 +++ /var/tmp/diff_new_pack.nQzspI/_new 2024-07-04 16:22:57.330811995 +0200 @@ -1,7 +1,5 @@ -Index: configure.ac -=================================================================== ---- configure.ac.orig -+++ configure.ac +--- configure.ac.orig 2024-06-18 13:11:05.000000000 +0200 ++++ configure.ac 2024-07-02 13:55:46.880533719 +0200 @@ -9,8 +9,8 @@ dnl Licensed under Apache License v2.0. dnl information. dnl @@ -12,5 +10,5 @@ +AC_PREREQ([2.69]) dnl Package name and version... - AC_INIT([CUPS],[2.4.8],[https://github.com/openprinting/cups/issues],[cups],[https://openprinting.github.io/cups]) + AC_INIT([CUPS],[2.4.10],[https://github.com/openprinting/cups/issues],[cups],[https://openprinting.github.io/cups])