Hello community,
here is the log from the commit of package cups for openSUSE:Factory
checked in at Wed Jul 8 20:00:15 CEST 2009.
--------
--- cups/cups.changes 2009-06-08 15:10:36.000000000 +0200
+++ cups/cups.changes 2009-06-26 13:34:41.000000000 +0200
@@ -1,0 +2,54 @@
+Fri Jun 26 12:50:22 CEST 2009 - jsmeix@suse.de
+
+- cups-1.3.10-fix-DNS-rebinding-protection.patch fixes
+ a regression of the CUPS 1.3.10 DNS rebinding protection which
+ lets e.g. "lpoptions -h localhost -p <queue> -l" fail with
+ "lpoptions: Unable to get PPD file for <queue>: Bad Request"
+ and in /var/log/cups/error_log there is the warning
+ W ... Request from "localhost" using invalid Host: field "::1"
+ but "::1" is the IPv6 loopback IP address for "localhost"
+ (Novell/Suse Bugzilla bnc#489624 comment#19 and bnc#516511).
+
+-------------------------------------------------------------------
+Wed Jun 24 14:02:29 CEST 2009 - jsmeix@suse.de
+
+- Upgraded to CUPS 1.3.10:
+ * Use a wrapper program filter/pdftops.c which only calls
+ /usr/bin/pdftops (via configure --with-pdftops=/usr/bin/pdftops)
+ instead of our fork of the Xpdf source code which was in
+ the pdftops directory (CUPS STR #3129). Because of this
+ cups-1.4svn-pdftops_as_filter.patch and
+ cups-1.4svn-pdftops_dont_fail_on_cancel.patch are obsolete
+ since CUPS 1.3.10 (the latter was fixed via CUPS STR #2808).
+ * The scheduler now protects against DNS rebinding attacks
+ (CUPS STR #3118 and Novell/Suse Bugzilla bnc#489624).
+ * cups-1.3.9-cupstestppd.patch is obsolete since CUPS 1.3.10
+ because it is fixed in the source (CUPS STR #2979).
+ * cups-1.3.9-max_subscription.patch is obsolete
+ since CUPS 1.3.10 because it is fixed in the source
+ (no CUPS STR but mentioned in CHANGES.txt "The scheduler
+ would crash if you exceeded the MaxSubscriptions limit").
+ * cups-1.3.9-filter_png_overflow2.patch is obsolete
+ since CUPS 1.3.10 because it is fixed in the source
+ (CUPS STR #2974 and Novell/Suse Bugzilla bnc#448631).
+ * cups-1.3.9-hpgltops2.patch is obsolete since CUPS 1.3.10
+ because it is fixed in the source (CUPS STR #2966 which is the
+ successor of CUPS STR #2911 and Novell/Suse Bugzilla bnc#430543).
+ * cups-1.3.9-cupsImageReadTiff.patch is obsolete
+ since CUPS 1.3.10 because it is fixed in the source
+ (CUPS STR #3031 and Novell/Suse Bugzilla bnc#485895).
+ * For a complete list see the CHANGES.txt file.
+- cups-1.1.21rc2-preauth_security.patch and
+ cups-1.1.21rc2-usermode.patch and
+ cups-1.1.21-umlaut_printer.patch and
+ cups-1.1.23-testpage.patch are finally removed
+ since CUPS 1.3.10 because they were made for CUPS 1.1 and
+ were no longer applied since CUPS 1.2 in Suse Linux 10.3.
+ In particular cups-1.1.21-umlaut_printer.patch can no longer
+ apply since CUPS 1.2 because RunAsUser in cupsd.conf is
+ no longer supported since CUPS 1.2, for more info see e.g. the
+ "RunAsUser removed; reassurance wanted" mails on cups@easysw.com.
+ Furthermore we neither got any Suse Linux/openSUSE user request
+ nor any SLE11 beta-tester/customer request for them.
+
+-------------------------------------------------------------------
@@ -4 +58,7 @@
- remove static libraries, see also bnc#509945
+- Replaced "--enable-static" by "--disable-static" in configure
+ so that the static libraries /usr/lib[64]/libcups.a and
+ /usr/lib[64]/libcupsimage.a are no longer built and included
+ in the cups-devel package to enforce detection of other software
+ which might be built with static CUPS libraries so that those
+ other software could be fixed to use the dynamic libraries
+ (see also Novell/Suse Bugzilla bnc#509945).
@@ -25 +85,2 @@
-- added directory %{libdir}/cups/driver to %files of cups (bnc#465794)
+- added directory %{libdir}/cups/driver to %files of cups
+ (bnc#465794)
@@ -35,2 +96,2 @@
-- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
- (bnc#437293)
+- use Obsoletes: -XXbit only for ppc64 to help solver during
+ distupgrade (bnc#437293)
@@ -80 +140,0 @@
-
@@ -95 +154,0 @@
-
@@ -150 +209,2 @@
-- added avahi-compat-mDNSResponder-devel to BuildRequieres (bnc#398700)
+- added avahi-compat-mDNSResponder-devel to BuildRequieres
+ (bnc#398700)
calling whatdependson for head-i586
Old:
----
cups-1.1.21-umlaut_printer.patch
cups-1.1.21rc2-preauth_security.patch
cups-1.1.21rc2-usermode.patch
cups-1.1.23-testpage.patch
cups-1.3.9-cupsImageReadTiff.patch
cups-1.3.9-cupstestppd.patch
cups-1.3.9-filter_png_overflow2.patch
cups-1.3.9-hpgltops2.patch
cups-1.3.9-max_subscription.patch
cups-1.3.9-source.tar.bz2
cups-1.4svn-pdftops_as_filter.patch
cups-1.4svn-pdftops_dont_fail_on_cancel.patch
New:
----
cups-1.3.10-fix-DNS-rebinding-protection.patch
cups-1.3.10-source.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cups.spec ++++++
--- /var/tmp/diff_new_pack.9WVNVU/_old 2009-07-08 19:42:02.000000000 +0200
+++ /var/tmp/diff_new_pack.9WVNVU/_new 2009-07-08 19:42:02.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package cups (Version 1.3.9)
+# spec file for package cups (Version 1.3.10)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -29,8 +29,8 @@
License: GPL v2 or later
Group: Hardware/Printing
Summary: The Common UNIX Printing System
-Version: 1.3.9
-Release: 13
+Version: 1.3.10
+Release: 1
Requires: cups-libs = %{version}, cups-client = %{version}
Requires: ghostscript_any, ghostscript-fonts-std, foomatic-filters
Requires: util-linux /usr/bin/pdftops
@@ -40,6 +40,8 @@
Suggests: poppler-tools
Conflicts: plp lprold lprng
Obsoletes: cups-SUSE-ppds-dat
+# URL for Source0: http://ftp.easysw.com/pub/cups/1.3.10/cups-1.3.10-source.tar.bz2
+# MD5 sum for Source0 on http://www.cups.org/software.php is 84fffe96b8537c81a463faccead80026
Source0: cups-%{version}-source.tar.bz2
Source1: poll_ppd_base.c
Source2: lphelp.c
@@ -67,28 +69,52 @@
Patch4: cups-1.2.7-libwrap.patch
Patch5: cups-pam.diff
Patch6: cups-1.3.6-access_conf.patch
-Patch9: cups-1.1.21rc2-preauth_security.patch
-Patch10: cups-1.1.21rc2-usermode.patch
+# Patch9 cups-1.1.21rc2-preauth_security.patch is finally removed
+# since CUPS 1.3.10 because it was made for CUPS 1.1 and
+# it was no longer applied since CUPS 1.2 in Suse Linux 10.3 and
+# we did not get any user or SLE11 customer request for it.
+# Patch10 cups-1.1.21rc2-usermode.patch is finally removed
+# since CUPS 1.3.10 because it was made for CUPS 1.1 and
+# can no longer apply since CUPS 1.2 in Suse Linux 10.3 because
+# RunAsUser in cupsd.conf is no longer supported since CUPS 1.2.
Patch12: cups-1.3.3-pswrite.patch
-Patch13: cups-1.1.21-umlaut_printer.patch
+# Patch13 cups-1.1.21-umlaut_printer.patch is finally removed
+# since CUPS 1.3.10 because it was made for CUPS 1.1 and
+# it was no longer applied since CUPS 1.2 in Suse Linux 10.3 and
+# we did not get any user or SLE11 customer request for it.
Patch14: cups-1.1.21-testppd_duplex.patch
Patch15: cups-1.2.11-testppd_filename.patch
Patch16: cups-1.3.9-desktop_file.patch
Patch17: cups-1.3.3-testppd_none.patch
-Patch18: cups-1.4svn-pdftops_as_filter.patch
-# next is found as http://www.cups.org/strfiles/2808/str2808.patch
-Patch19: cups-1.4svn-pdftops_dont_fail_on_cancel.patch
+# Patch18 cups-1.4svn-pdftops_as_filter.patch is obsolete
+# since CUPS 1.3.10 because it is fixed in the source.
+# Patch19 cups-1.4svn-pdftops_dont_fail_on_cancel.patch is obsolete
+# since CUPS 1.3.10 because it is fixed in the source.
Patch20: cups-1.3.7-keeping_recommended.patch
Patch21: cups-1.3.7-lppasswd_fixperm.patch
Patch22: cups-1.3.7-additional_policies.patch
-Patch23: cups-1.3.9-cupstestppd.patch
-Patch24: cups-1.3.9-max_subscription.patch
-Patch25: cups-1.3.9-filter_png_overflow2.patch
-Patch26: cups-1.3.9-hpgltops2.patch
-# Patch27 fixes an integer overflow in the "_cupsImageReadTIFF()" function,
-# (CVE-2009-0163 and CUPS STR #3031 and Novell/Suse Bugzilla bnc#485895):
-Patch27: cups-1.3.9-cupsImageReadTiff.patch
-Patch100: cups-1.1.23-testpage.patch
+# Patch23 cups-1.3.9-cupstestppd.patch is obsolete
+# since CUPS 1.3.10 because it is fixed in the source.
+# Patch24 cups-1.3.9-max_subscription.patch is obsolete
+# since CUPS 1.3.10 because it is fixed in the source.
+# Patch25 cups-1.3.9-filter_png_overflow2.patch is obsolete
+# since CUPS 1.3.10 because it is fixed in the source.
+# Patch26 cups-1.3.9-hpgltops2.patch is obsolete
+# since CUPS 1.3.10 because it is fixed in the source.
+# Patch27 cups-1.3.9-cupsImageReadTiff.patch is obsolete
+# since CUPS 1.3.10 because it is fixed in the source.
+# Patch28 fixes a regression of the CUPS 1.3.10 DNS rebinding protection
+# which lets "lpoptions -h localhost -p