Hello community, here is the log from the commit of package cups checked in at Tue Nov 13 21:45:40 CET 2007. -------- --- cups/cups.changes 2007-10-23 12:31:33.000000000 +0200 +++ /mounts/work_src_done/STABLE/cups/cups.changes 2007-11-07 12:05:43.477429000 +0100 @@ -1,0 +2,42 @@ +Wed Nov 7 12:05:41 CET 2007 - kssingvo@suse.de + +- upgrade to version 1.3.4: + * Documentation updates + * CUPS now maps the "nb" locale to "no" on all platforms + * CUPS did not work with a Windows 2003 R2 KDC + * ippReadIO() could read past the end of a buffer + * The scheduler would crash on shutdown if it was unable to + create a Kerberos context. + * Multiple AuthTypes in cupsd.conf did not work + * The snmp.conf file referenced the wrong man page + * The cupsaddsmb program didn't handle domain sockets properly + * The scheduler now validates device URIs when adding printers. + * Updated httpSeparateURI() to support hostnames with the + backslash character. + * Updated the Japanese localization + * The parallel backend now gets the current IEEE-1284 device ID + string on Linux + * The IPP backend now checks the job status at variable + intervals (from 1 to 10 seconds) instead of every 10 seconds + for faster remote printing + * "lpr -p" and "lpr -l" did not work + * Compilation failed when a previous version of CUPS was + installed and was included in the SSL include path + * The scheduler did not reject requests with charsets other + than US-ASCII or UTF-8, and the CUPS API incorrectly passed + the locale charset to the scheduler instead of UTF-8 + * cups-deviced did not filter out duplicate devices. + * The AppleTalk backend incorrectly added a scheme listing when + AppleTalk was disabled or no printers were found. + * The PostScript filter generated N^2 copies when the printer + supported collated copies and user requested reverse-order + output. + * The scheduler did not reprint all of the files in a job that + was held. + * The scheduler did not update the printcap file after removing + stale remote queues. + * The cupsd.conf man page incorrectly referenced "AuthType + Kerberos" instead of "AuthType Negotiate". +- fixes for xpdf CVE-2007-4352, CVE-2007-5393, CVE-2007-5392 (bugzilla#335637) + +------------------------------------------------------------------- Old: ---- cups-1.3.3-source.tar.bz2 cups-1.3-ipp_length.patch New: ---- cups-1.2-CVE_2007_4352.patch cups-1.2-CVE_2007_5392.patch cups-1.2-CVE_2007_5393.patch cups-1.3.4-source.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cups.spec ++++++ --- /var/tmp/diff_new_pack.d11926/_old 2007-11-13 21:44:05.000000000 +0100 +++ /var/tmp/diff_new_pack.d11926/_new 2007-11-13 21:44:05.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package cups (Version 1.3.3) +# spec file for package cups (Version 1.3.4) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -16,8 +16,8 @@ License: GPL v2 or later Group: Hardware/Printing Summary: The Common UNIX Printing System -Version: 1.3.3 -Release: 8 +Version: 1.3.4 +Release: 1 Requires: cups-libs = %{version}, cups-client = %{version} Requires: ghostscript_any, ghostscript-fonts-std, foomatic-filters Requires: util-linux @@ -52,7 +52,9 @@ Patch15: cups-1.2.11-testppd_filename.patch Patch16: cups-1.2.5-desktop_file.patch Patch17: cups-1.3.3-testppd_none.patch -Patch18: cups-1.3-ipp_length.patch +Patch18: cups-1.2-CVE_2007_4352.patch +Patch19: cups-1.2-CVE_2007_5392.patch +Patch20: cups-1.2-CVE_2007_5393.patch Patch100: cups-1.1.23-testpage.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %if %suse_version >= 801 @@ -146,6 +148,8 @@ %patch16 -p1 %patch17 -p1 %patch18 -p1 +%patch19 -p1 +%patch20 -p1 if [ -f /.buildenv ]; then . /.buildenv else @@ -382,6 +386,45 @@ %{_libdir}/libcupsimage.so.* %{_datadir}/locale/*/cups_* %changelog +* Wed Nov 07 2007 - kssingvo@suse.de +- upgrade to version 1.3.4: + * Documentation updates + * CUPS now maps the "nb" locale to "no" on all platforms + * CUPS did not work with a Windows 2003 R2 KDC + * ippReadIO() could read past the end of a buffer + * The scheduler would crash on shutdown if it was unable to + create a Kerberos context. + * Multiple AuthTypes in cupsd.conf did not work + * The snmp.conf file referenced the wrong man page + * The cupsaddsmb program didn't handle domain sockets properly + * The scheduler now validates device URIs when adding printers. + * Updated httpSeparateURI() to support hostnames with the + backslash character. + * Updated the Japanese localization + * The parallel backend now gets the current IEEE-1284 device ID + string on Linux + * The IPP backend now checks the job status at variable + intervals (from 1 to 10 seconds) instead of every 10 seconds + for faster remote printing + * "lpr -p" and "lpr -l" did not work + * Compilation failed when a previous version of CUPS was + installed and was included in the SSL include path + * The scheduler did not reject requests with charsets other + than US-ASCII or UTF-8, and the CUPS API incorrectly passed + the locale charset to the scheduler instead of UTF-8 + * cups-deviced did not filter out duplicate devices. + * The AppleTalk backend incorrectly added a scheme listing when + AppleTalk was disabled or no printers were found. + * The PostScript filter generated N^2 copies when the printer + supported collated copies and user requested reverse-order + output. + * The scheduler did not reprint all of the files in a job that + was held. + * The scheduler did not update the printcap file after removing + stale remote queues. + * The cupsd.conf man page incorrectly referenced "AuthType + Kerberos" instead of "AuthType Negotiate". +- fixes for xpdf CVE-2007-4352, CVE-2007-5393, CVE-2007-5392 (bugzilla#335637) * Tue Oct 23 2007 - kssingvo@suse.de - fix for IPP boundaries swamp-14294, CVE-2007-4351 (bugzilla#335635) * Mon Oct 15 2007 - kssingvo@suse.de ++++++ cups-1.2-CVE_2007_4352.patch ++++++ Index: cups-1.2.12/pdftops/Stream.cxx =================================================================== --- cups-1.2.12.orig/pdftops/Stream.cxx +++ cups-1.2.12/pdftops/Stream.cxx @@ -3017,6 +3017,11 @@ GBool DCTStream::readScanInfo() { } scanInfo.firstCoeff = str->getChar(); scanInfo.lastCoeff = str->getChar(); + if (scanInfo.firstCoeff < 0 || scanInfo.lastCoeff > 63 || + scanInfo.firstCoeff > scanInfo.lastCoeff) { + error(getPos(), "Bad DCT coefficient numbers in scan info block"); + return gFalse; + } c = str->getChar(); scanInfo.ah = (c >> 4) & 0x0f; scanInfo.al = c & 0x0f; ++++++ cups-1.2-CVE_2007_5392.patch ++++++ Index: cups-1.2.12/pdftops/Stream.cxx =================================================================== --- cups-1.2.12.orig/pdftops/Stream.cxx +++ cups-1.2.12/pdftops/Stream.cxx @@ -1956,6 +1956,12 @@ void DCTStream::reset() { // allocate a buffer for the whole image bufWidth = ((width + mcuWidth - 1) / mcuWidth) * mcuWidth; bufHeight = ((height + mcuHeight - 1) / mcuHeight) * mcuHeight; + if (bufWidth <= 0 || bufHeight <= 0 || + bufWidth > INT_MAX / bufWidth / (int)sizeof(int)) { + error(getPos(), "Invalid image size in DCT stream"); + y = height; + return; + } for (i = 0; i < numComps; ++i) { frameBuf[i] = (int *)gmallocn(bufWidth * bufHeight, sizeof(int)); memset(frameBuf[i], 0, bufWidth * bufHeight * sizeof(int)); ++++++ cups-1.2-CVE_2007_5393.patch ++++++ ++++ 646 lines (skipped) ++++++ cups-1.3.3-source.tar.bz2 -> cups-1.3.4-source.tar.bz2 ++++++ ++++ 11806 lines of diff (skipped) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org