[Pkg-cups-devel] r164 - cupsys/branches/cups-1.2-ubuntu/debian
Martin Pitt
mpitt at costa.debian.org
Wed Apr 12 17:22:12 UTC 2006
Author: mpitt
Date: Wed Apr 12 17:22:11 2006
New Revision: 164
Modified:
cupsys/branches/cups-1.2-ubuntu/debian/changelog
Log:
import ubuntu changelog history
Modified: cupsys/branches/cups-1.2-ubuntu/debian/changelog
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/changelog (original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/changelog Wed Apr 12 17:22:11 2006
@@ -87,6 +87,165 @@
-- Martin Pitt <mpitt at debian.org> Wed, 12 Apr 2006 18:16:42 +0200
+cupsys (1.1.99.b1.r4929-0ubuntu7) dapper; urgency=low
+
+ * debian/cupsys.init.d: Move log_end_msg to the right place again.
+ * Add debian/patches/53_usr_share_ppd_support.dpatch:
+ - Look for PPDs in /usr/share/ppd, according to
+ http://wiki.debian.org/PpdFileStructureSpecification.
+ - Fixes Debian bug #358186.
+ * debian/rules: Install PPD files into /usr/share/ppd/cups-included,
+ according to above specification.
+ * debian/patches/54_cups-config_modeldir.dpatch: Add --modeldir to
+ cups-config so that other packages can use it to figure out the correct
+ PPD base path.
+ * debian/libcupsys2.shlibs: Bump version number so that other packages can
+ rely on cups-config's modeldir.
+ * Re-add debian/patches/51_dont_log_ipp_printer_query.dpatch, since these
+ log messages are routed through a different code path.
+ * debian/cupsys.init.d: Change custom PPD path from /usr/share/cups/ppd to
+ /usr/share/ppd/custom.
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Fri, 7 Apr 2006 17:14:25 +0200
+
+cupsys (1.1.99.b1.r4929-0ubuntu6) dapper; urgency=low
+
+ * Add debian/patches/51_ipp_log_severity_info.dpatch: Drop successful IPP
+ messages to log level 'debug' and unsuccessful ones to 'info'. This is a
+ more generic approach to avoid ridiculously huge logs due to polling by
+ gnome-cups-icon and friends.
+ * Drop debian/patches/51_dont_log_ipp_printer_query.dpatch, obsoleted by
+ above patch.
+ * Add debian/patches/52_default_log_level_warning.dpatch: Raise default log
+ level from info to warning. Closes: LP#38042
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Thu, 6 Apr 2006 12:05:45 +0200
+
+cupsys (1.1.99.b1.r4929-0ubuntu5) dapper; urgency=low
+
+ * debian/patches/51_dont_log_ipp_printer_query.dpatch: Suppress logging of
+ successful CUPS_GET_DEFAULT messages, too. Closes: LP#29895
+ * debian/pdftops: Fix reading from stdin. Closes: LP#17124
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Thu, 30 Mar 2006 19:52:20 +0200
+
+cupsys (1.1.99.b1.r4929-0ubuntu4) dapper; urgency=low
+
+ * debian/cupsys.postinst: Make sure that the scanner group exists before
+ trying to add the cupsys user to it.
+
+ -- Colin Watson <cjwatson at ubuntu.com> Thu, 9 Mar 2006 08:20:02 +0000
+
+cupsys (1.1.99.b1.r4929-0ubuntu3) dapper; urgency=low
+
+ * debian/rules: Do not install dangling pdftops.conf symlink. (Malone #26785)
+ * debian/cupsys.preinst: Remove a dangling pdftops.conf symlink on upgrades
+ to this version.
+ * debian/cupsys.postinst: Add cupsys to group 'scanner' to be able to access
+ printer/scanner combined devices. (Malone #29050)
+ * debian/patches/44_fixconfdirperms.dpatch: Make /etc/cups/ppd group
+ writable. (Malone #31533)
+ * debian/cupsys.init.d: Make sure that page_log exists with the right
+ permissions. (Malone #33409)
+ * Add debian/patches/51_dont_log_ipp_printer_query.dpatch: Do not flood
+ access_log with successful CUPS-Get-Printers and Get-Printer-Attributes
+ queries (which are generated by gnome-cups-icon every 3 seconds). This is
+ a hideous and hackish patch, but it has to do until we dbusify cupsys
+ properly. (Malone #29895)
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Mon, 6 Mar 2006 16:08:32 +0100
+
+cupsys (1.1.99.b1.r4929-0ubuntu2) dapper; urgency=low
+
+ * Add 50_truncate_ppd.dpatch:
+ - cups/file.c: Do not forget to write the pending uncompressed tail when
+ copying a compressed file. Fixes cropped PPD files in /etc/cups/ppd.
+ - Patch taken from upstream svn commit 4942.
+ - Malone #28642
+ * debian/cupsys.init.d: Create access_log with proper permissions if it does
+ not yet exist. (Malone #28492)
+ * debian/cupsys.preinst: If we upgrade from a version earlier than this one,
+ change all root-owned PPD files in /etc/cups/ppd to be owned by cupsys.
+ (Malone #12879)
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Thu, 19 Jan 2006 16:55:51 +0100
+
+cupsys (1.1.99.b1.r4929-0ubuntu1) dapper; urgency=low
+
+ * New upstream snapshot with lots of bug fixes.
+ * Remove debian/patches/50_local_username_check.dpatch: Adopted upstream.
+ * debian/patches/02_configure.patch: Greatly simplified to be more robust
+ against upstream changes; renamed to debian/patches/02_disable_pie.patch
+ for clarity.
+ * Disable debian/patches/48_stdlib.dpatch, it shouldn't be necessary on at
+ least our platforms.
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Tue, 17 Jan 2006 16:44:47 +0100
+
+cupsys (1.1.99.b1.r4892-0ubuntu1) dapper; urgency=low
+
+ * New upstream snapshot.
+ * Adapt patches to new upstream version:
+ - 02_configure.dpatch
+ - 48_stdlib.dpatch
+ - ubuntu-nowebadmin.dpatch
+ * Add debian/patches/50_local_username_check.dpatch: Fix the restriction
+ of changing/cancelling of print jobs to the owner.
+ - scheduler/auth.c: Disable weird code that bypasses user name check for
+ local authentication.
+ - scheduler/ipp.c: Copy the determined user name of the connection to the
+ con structure, so that cupsdCheckPolicy() has a chance to actually
+ verify it.
+ - Ubuntu #12177
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Fri, 13 Jan 2006 15:28:22 +0100
+
+cupsys (1.1.99.b1.r4841-1ubuntu8) dapper; urgency=low
+
+ * debian/cupsys.init.d: Remove the hideous killing hacks and just invoke
+ start-stop-daemon with the correct arguments.
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Wed, 11 Jan 2006 19:23:47 +0100
+
+cupsys (1.1.99.b1.r4841-1ubuntu7) dapper; urgency=low
+
+ * debian/cupsys.init.d: Make sure that the PID file directory /var/run/cups
+ exists. The new approach of mounting /var/run as tmpfs removes the
+ directory that is shipped in the deb. (Ubuntu #22261)
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Wed, 11 Jan 2006 13:47:45 +0100
+
+cupsys (1.1.99.b1.r4841-1ubuntu6) dapper; urgency=low
+
+ * debian/cupsys.init: Call stop/start in the 'restart/force-reload' section
+ to make use of the much more robust 'stop' handling. This should avoid
+ frequent failures of force-reload. (Ubuntu #21787)
+ * debian/cupsys.postinst:
+ - Set permissions of /etc/cups/interfaces to root:lpadmin 2775.
+ - Make /etc/printcap writable for group lpadmin.
+ - This fixes third-party printer drivers and command line tools.
+ - Ubuntu #20891
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Thu, 5 Jan 2006 18:11:51 +0100
+
+cupsys (1.1.99.b1.r4841-1ubuntu5) dapper; urgency=low
+
+ * Synchronize to Debian's svn head to get the various configuration handling
+ RC bug fixes, but keep Ubuntu upstream version at r4841 since 4885 has
+ serious regressions.
+ * All non-Ubuntu specific patches have been applied in Debian now.
+ * Drop the following patches (accepted in Debian):
+ - ubuntu-sanitize-conffile-handling.dpatch
+ - ubuntu-localports.dpatch
+ - ubuntu-include-conf.d.dpatch
+ - ubuntu-nowebadmin.dpatch
+ - ubuntu-cupsimage.dpatch
+ * ubuntu-runasuser.dpatch: Remove the upstream code fixes (already in Debian
+ now), just add the 'RunAsUser' directive to cupsd.conf.
+ * debian/cupsys.templates: Disable browsing by default.
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Thu, 22 Dec 2005 15:08:51 +0100
+
cupsys (1.1.99.b1.r4885-1) experimental; urgency=low
[ Kenshi Muto ]
@@ -280,6 +439,77 @@
-- Kenshi Muto <kmuto at debian.org> Fri, 20 May 2005 11:07:42 +0900
+cupsys (1.1.23-10ubuntu4) breezy; urgency=low
+
+ * Add debian/patches/ubuntu-disable-conffile-chmod.dpatch:
+ - Stop fiddling with the /etc/cups/cupsd.conf permissions at server
+ startup. The default permissions as shipped (root:root 0644) are just
+ fine for that file, and cupsys modifies it in a way that normal users
+ cannot read them any more, which breaks gnome-cups-manager.
+ - Ubuntu #15165
+ * debian/cupsys.postinst:
+ - If the package is upgraded from a version earlier than this one, correct
+ permissions of cupsd.conf.
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Wed, 14 Sep 2005 14:52:13 +0200
+
+cupsys (1.1.23-10ubuntu3) breezy; urgency=low
+
+ * Fix installation of /usr/share/cups/{enable-browsing,browsing_status} to
+ ship these scripts again. (Ubuntu #14546 )
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Fri, 2 Sep 2005 12:00:02 +0200
+
+cupsys (1.1.23-10ubuntu2) breezy; urgency=low
+
+ * Added debian/patches/ubuntu-confpermissions.dpatch:
+ - Add and document ConfigFilePerm to cupsd.conf and set it to 0600 to
+ avoid exposing SMB passwords to lpadmin members. This makes it slightly
+ harder to intercept the password. (Ubuntu #12036)
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Thu, 23 Jun 2005 12:44:14 +0200
+
+cupsys (1.1.23-10ubuntu1) breezy; urgency=low
+
+ * Debian adopted many changes and MOM output was messy; reapplied remaining
+ Ubuntu changes to pristine Debian version. Mention them here again to
+ ease further merges and Debian adoptions.
+ * Convert Ubuntu patches to dpatch and added descriptions.
+ * Convert to poppler:
+ - debian/patches/ubuntu-pdf2ps_poppler.dpatch: Replace pdftops/pdftops.cxx
+ with a port from xpdf-utils to libpoppler.
+ - debian/control: Add build dependency libpoppler-dev, remove xpdf-utils
+ dependency.
+ - Disable 06_replacepdftops.dpatch to build the pdftops/ subdir again.
+ - debian/rules: Install newly built pdftops into /usr/lib/cups/.
+ * Run as user 'cupsys' instead of root:
+ - debian/patches/ubuntu-runasuser.dpatch: Enable RunAsUser in
+ configuration.
+ - debian/patches/ubuntu-auxgroups.dpatch: When running as non-root, call
+ initgroups() instead of setgroups() to allow auxiliary groups.
+ - debian/rules: Configure with --with-cups-user=cupsys.
+ - debian/cupsys.postinst, debian/cupsys-client.postinst: Create cupsys
+ user and setup permissions.
+ - debian/cupsys.postrm: Remove cupsys user on purge.
+ * Disable web interface to avoid putting the user 'cupsys' into group
+ shadow:
+ - debian/README.Debian: Explain the change.
+ - debian/patches/ubuntu-nowebadmin.dpatch: Explain the disabled
+ administrator pages in the web interface.
+ - Add debian/local/ja-nowebadmin.ptch: Add the same explanation to the
+ Japanese translation in patches/ja.tar.gz.uu.
+ - debian/rules: Apply debian/local/ja-nowebadmin.ptch.
+ * Automatic detection of LAN printers (browsing):
+ - Add debian/local/{enable_browsing,browsing_status,cupsd-browsing.conf}
+ and install them in debian/rules.
+ - debian/patches/ubuntu-externalbrowseconf.dpatch: Externalize browsing
+ setting to cupsd-browsing.conf.
+ * Listen to local port only by default to comply to Ubuntu Security Policy:
+ - debian/patches/ubuntu-localports.dpatch
+ * debian/cupsys.init.d: LSB init script.
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Thu, 23 Jun 2005 11:23:37 +0200
+
cupsys (1.1.23-10) unstable; urgency=high
* Recovered http backend. -8 and -9 missed it. (closes: #305169)
@@ -316,6 +546,34 @@
-- Kenshi Muto <kmuto at debian.org> Wed, 16 Mar 2005 10:01:57 +0900
+cupsys (1.1.23-7ubuntu2) breezy; urgency=low
+
+ * debian/control:
+ - Add build dependency libpoppler-dev.
+ - Drop cupsys dependency xpdf-utils.
+ * Added debian/patches/ubuntu-pdf2ps_poppler.patch:
+ - Replace pdftops/pdftops.cxx with the latest version from xpdf-3.00 code;
+ it was modified to use poppler's include files and use GooString instead
+ of GString (a simple rename in poppler).
+ - Adapt build rule.
+ * debian/rules: Install newly built pdftops into /usr/lib/cups/.
+ * debian/pdftops: Change path to pdftops from /usr/bin to /usr/lib/cups.
+ * Removed debian/patches/06replacepdftops.patch: This patch prevented the
+ building of pdftops/, but we want that again.
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Tue, 24 May 2005 14:39:14 +0200
+
+cupsys (1.1.23-7ubuntu1) breezy; urgency=low
+
+ * Resynchronise with Debian. (#9281)
+ * Fixed merging conflicts in debian/rules.
+ * Dropped patch ubuntu-lppasswd_noexistingconf.patch, now included in
+ Debian.
+ * debian/cupsys.postinst: Include /etc/default/cupsys to make the
+ #298040 patch effective (this somehow got lost in MOM).
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Fri, 15 Apr 2005 13:20:17 +0200
+
cupsys (1.1.23-7) unstable; urgency=low
* Drop /etc/cups/printers.conf and /etc/cups/classes.conf from
@@ -369,6 +627,147 @@
-- Kenshi Muto <kmuto at debian.org> Mon, 10 Jan 2005 13:48:32 +0900
+cupsys (1.1.23-1ubuntu12) hoary; urgency=low
+
+ * debian/cupsys.init.d:
+ - Make the start-stop-daemon invocation in restart use the schedule
+ syntax (--retry TERM/10) to keep trying to kill cupsd for 10
+ seconds before it gives up. If it does fail, restart now fails
+ gracefully, rather than bringing down the shell. (Ubuntu #7847)
+ - Make the same changes to the stop target for consistency.
+
+ -- Adam Conrad <adconrad at 0c3.net> Tue, 22 Mar 2005 03:40:51 +0000
+
+cupsys (1.1.23-1ubuntu11) hoary; urgency=low
+
+ * debian/cupsys.postinst:
+ - cleanup kill code somewhat - use pidof instead of ps aux output.
+ should fix Debian bug#298040
+ - Don't die if the kill fails.
+
+ -- LaMont Jones <lamont at ubuntu.com> Thu, 17 Mar 2005 16:10:27 -0700
+
+cupsys (1.1.23-1ubuntu10) hoary; urgency=low
+
+ * debian/cupsys.postinst:
+ - Remove "--home /" from adduser invocation; sometimes adduser chowns the
+ home directory even if --no-create-home is given.
+ - If upgrading from a previous version, chown / to 0:0 to fix the bug from
+ previous releases.
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Thu, 10 Mar 2005 08:30:42 +0100
+
+cupsys (1.1.23-1ubuntu9) hoary; urgency=low
+
+ * Updated debian/patches/ubuntu-fixconfdirperms.patch:
+ - chmod /etc/cups/ppd to 2775 instead of 755 so that cupsd can actually
+ write into it. (Ubuntu #6816)
+ * Added debian/patches/ubuntu-slashprinternames.patch:
+ - When determining the path to a PPD or interface file, replace slashes
+ with underscores; otherwise the server will try to write into
+ nonexisting subdirectories of e. g. /etc/cups/ppd/. (Ubuntu #6816)
+ * Updated debian/patches/ubuntu-nowebadmin.patch:
+ - Corrected the gnome-cumps-manager menu path on all web pages and
+ translations. (Ubuntu #4725)
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Mon, 28 Feb 2005 19:04:51 +0100
+
+cupsys (1.1.23-1ubuntu8) hoary; urgency=low
+
+ * debian/patches/ubuntu-localports.patch:
+ - Removed "Browsing" patch hunk.
+ * Added debian/patches/ubuntu-externalbrowseconf.patch:
+ - Replace "Browsing" setting by "Include cupsd-browsing.conf" and update
+ the documentation comment; this allows to enable/disable browsing
+ without changing the main configuration file (which avoids dpkg
+ questions on upgrades).
+ - Enable "BrowseAddress @LOCAL" by default.
+ * Added debian/local/cupsd-browsing.conf (single "Browsing" configuration
+ parameter, default Off) and install it to /etc/cups/.
+ * Added scripts to manage browsing status to debian/local and install them
+ to /usr/share/cups/:
+ - browsing_status: Return whether browsing is currently disabled (0),
+ enabled (1) or there is a custom configuration (2).
+ - enable_browsing: Enable (1) or disable (0) browsing. Only possible with
+ non-custom configurations and with root privileges.
+ * Backend part of Ubuntu bug #2251 (user-friendly browsing configuration).
+
+ -- Martin Pitt <martin.pitt at ubuntu.com> Tue, 22 Feb 2005 13:46:02 +0100
+
+cupsys (1.1.23-1ubuntu7) hoary; urgency=low
+
+ * Reapply patch to background cupsd during startup.
+
+ -- Thom May <thom at planetarytramp.net> Thu, 20 Jan 2005 17:28:30 +0000
+
+cupsys (1.1.23-1ubuntu6) hoary; urgency=low
+
+ * Must create cupsys user _AFTER_ we create the lpadmin group. sigh.
+
+ -- LaMont Jones <lamont at ubuntu.com> Fri, 14 Jan 2005 15:01:21 -0700
+
+cupsys (1.1.23-1ubuntu5) hoary; urgency=low
+
+ * Need to possibly add cupsys user in cupsys-client postinst, too.
+
+ -- LaMont Jones <lamont at ubuntu.com> Fri, 14 Jan 2005 12:08:14 -0700
+
+cupsys (1.1.23-1ubuntu4) hoary; urgency=low
+
+ * Fix postrm to not horribly break debconf and die.
+
+ -- LaMont Jones <lamont at ubuntu.com> Thu, 13 Jan 2005 11:35:39 -0700
+
+cupsys (1.1.23-1ubuntu3) hoary; urgency=low
+
+ * debian/control: Added missing cupsys dependency 'procps'.
+ * Moved lppasswd permission setup from cupsys.postinst to
+ cupsys-client.postinst (to where it belongs).
+
+ -- Martin Pitt <martin.pitt at canonical.com> Thu, 13 Jan 2005 11:27:09 +0100
+
+cupsys (1.1.23-1ubuntu2) hoary; urgency=low
+
+ * Added debian/patches/ubuntu-build_avoid_unknown_chown.patch:
+ - systemv/Makefile: do not try to install lppasswd with owner CUPS_USER
+ during build since user "cupsys" does not exist on the buildds; install
+ it as root:root 755 instead
+ * debian/cupsys.postinst: setup permissions of lppasswd to cupsys:root 4755
+ * Added debian/patches/ubuntu-lppasswd_noexistingconf.patch:
+ - lppasswd tries to rename /etc/passwd.md5 to /etc/passwd.old; do not fail
+ if the former does not exist (at the very first invocation of the
+ program)
+ * debian/rules: removed silly "DEB_DH_INSTALLINIT_ARGS := -n" introduced by
+ some Ubuntu upload; this completely broke install/upgrade service
+ stopping/starting/restarting
+ * Added debian/patches/ubuntu-fixconfdirperms.patch:
+ - scheduler/conf.c: chmod /etc/cups to 3755 instead of 755:
+ + setgid forces the correct group (lpadmin) to files like passwd.md5
+ + sticky denies removing root-owned files by lpadmin members
+
+ -- Martin Pitt <martin.pitt at canonical.com> Wed, 12 Jan 2005 12:06:30 +0100
+
+cupsys (1.1.23-1ubuntu1) hoary; urgency=low
+
+ * Merged new Debian version
+ * Dropped patches (merged upstream):
+ + 39CAN-2004-1125.patch
+ + 40CAN-2004-1267.patch
+ + 41CAN-2004-1268+1269+1270.patch
+ * Moved change to cups/cups_C.h to ubuntu-nowebadmin.patch
+ * Reworked the following patches to work with new version:
+ + ubuntu-init.d.patch
+ + ubuntu-runasuser.patch
+ * Applied and removed Ubuntu-specific patches which patch files in debian/;
+ this plays better with merge-o-matic and my fellow developers like it that
+ way; however, it will make manual merges a pain:
+ + ubuntu-init.d.patch
+ + ubuntu-logrotate.patch
+ + ubuntu-runasuser.patch (only the parts touching debian/)
+ + ubuntu-runlevel-19.patch
+
+ -- Martin Pitt <martin.pitt at canonical.com> Thu, 6 Jan 2005 10:21:18 +0100
+
cupsys (1.1.23-1) unstable; urgency=low
* New upstream release
@@ -507,6 +906,115 @@
-- Kenshi Muto <kmuto at debian.org> Sun, 3 Oct 2004 18:15:23 +0900
+cupsys (1.1.20final+rc1-10ubuntu8) hoary; urgency=low
+
+ * debian/patches patches patching debian/. sigh.
+
+ -- LaMont Jones <lamont at canonical.com> Tue, 4 Jan 2005 09:29:48 -0700
+
+cupsys (1.1.20final+rc1-10ubuntu7) hoary; urgency=low
+
+ * Ignore errors on the stop phase of restart. Closes: warty#4504
+
+ -- LaMont Jones <lamont at canonical.com> Mon, 3 Jan 2005 20:10:54 -0700
+
+cupsys (1.1.20final+rc1-10ubuntu6) hoary; urgency=low
+
+ * SECURITY UPDATE: fixed multiple buffer overflows
+ * Added patch 39CAN-2004-1125.patch:
+ - cupsys contains code from xpdf, therefore CAN-2004-1125 applies, too.
+ - References:
+ CAN-2004-1125
+ http://www.idefense.com/application/poi/display?id=172
+ * Added patch 40CAN-2004-1267.patch:
+ - filter/hpgl-input.c, ParseCommand(): Prevent reading an arbitrary string
+ into statically sized buffer "buf"; clip string if necessary.
+ - patch taken from http://www.cups.org/str.php?L1024+P0+S-2+C0+I0+E0+Qhpgl
+ - Thanks to Ariel Berkman for spotting this.
+ - References:
+ CAN-2004-1267
+ http://tigger.uic.edu/~jlongs2/holes/cups.txt
+ * Added patch 41CAN-2004-1268+1269+1270.patch: fix several vulns in
+ systemv/lppasswd.c:
+ - Check return value of fputs() and fprintf() when writing to the new
+ password file. When ignoring them, an user can truncate the new passwd
+ file by filling up the disk at the right moment. Now unlink the file on
+ error and print out a message.
+ - If the passwd.new file reaches the maximum file size system limit, the
+ new file was not deleted, thus lppasswd could not be used again. Now
+ ignores all relevant signals and unlinks the new file on write error.
+ - Check that the output file is not stdin, stdout, or stderr; otherwise
+ error messages would be written into the output file which would destroy
+ it.
+ - Thanks to Bartlomiej Sieka for spotting this.
+ - References:
+ CAN-2004-1268
+ CAN-2004-1269
+ CAN-2004-1270
+ http://tigger.uic.edu/~jlongs2/holes/cups2.txt
+
+ -- Martin Pitt <martin.pitt at canonical.com> Thu, 23 Dec 2004 11:18:50 +0100
+
+cupsys (1.1.20final+rc1-10ubuntu5) hoary; urgency=low
+
+ * Start cupsys using its -F switch and explicitly background it with
+ start-stop-daemon; this shaves seconds off the boot process.
+ * Rename debian/patches/ubuntu-runlevel-12.patch to
+ ubuntu-runlevel-19.patch, moving the start point from 12 to 19 and
+ migrating users who were at both 20 and 12.
+
+ -- Scott James Remnant <scott at canonical.com> Thu, 9 Dec 2004 09:28:35 +0100
+
+cupsys (1.1.20final+rc1-10ubuntu4) hoary; urgency=low
+
+ * Unbreak debian/patches/ubuntu-nowebadmin.patch, so that it does not create
+ other patches in debian/patches (jp-nowebadmin.patch moved to
+ debian/local), or .orig files.
+ * Add debian/patches/ubuntu-runlevel-12.patch, which moves the runlevel of
+ the init script to 12, and performs the migration accordingly.
+
+ -- Daniel Stone <daniel.stone at canonical.com> Mon, 6 Dec 2004 17:30:45 +0100
+
+cupsys (1.1.20final+rc1-10ubuntu3) hoary; urgency=low
+
+ * SECURITY: still CAN-2004-0888. Updated patch 36pdftopsoverflow.patch:
+ - pdftops/gmem.[ch]: change declarations of gmalloc and grealloc to use size_t
+ instead of int; int truncated sizes to 32 bits, which made xpdf still
+ vulnerable to integer (and eventually buffer) overflow attacks on 64 bit
+ platforms like amd64.
+ - pdftops/Xref.cxx: fix several unchecked negative integer conditions
+ * Thanks to Marcus Meissner <meissner at suse.de> for providing the patches.
+
+ -- Martin Pitt <mpitt at debian.org> Mon, 1 Nov 2004 14:37:58 +0100
+
+cupsys (1.1.20final+rc1-10ubuntu2) hoary; urgency=low
+
+ * Fixed debian/patches/ubuntu-localports.patch: do not comment out the
+ 'Listen' statement (Warty bug #3009).
+
+ -- Martin Pitt <mpitt at debian.org> Fri, 29 Oct 2004 08:50:56 +0200
+
+cupsys (1.1.20final+rc1-10ubuntu1) hoary; urgency=low
+
+ * Resynchronized to Debian
+ * Now keep all Ubuntu specific modification as patches prefixed with
+ "ubuntu-" to ease further merges:
+ - ubuntu-auxgroups: allow cupsd to run in auxilliary groups
+ - ubuntu-init.d: pretty initscript, make /usr/share/cups/model
+ lpadmin-writeable to install custom printer drivers
+ - ubuntu-localports: listen on localhost port only by default
+ - ubuntu-logrotate: use 'restart', not 'reload' to restart cupsd after log
+ rotation (reload does not exist any more)
+ - ubuntu-nowebadmin: display a red warning on the web interface that
+ administrative functions are disabled for security reasons
+ - ubuntu-runasuser: do not run as 'root', but as 'cupsys' by default
+ * Ubuntu-specific debian/rules (can't be patched):
+ - configure with --with-cups-user=cupsys
+ - apply patch debian/patches/ja-nowebadmin.ptch (must be done after
+ uudecoding ja.tar.gz.uu)
+
+ -- Martin Pitt <mpitt at debian.org> Thu, 28 Oct 2004 23:56:54 +0200
+
cupsys (1.1.20final+rc1-8) unstable; urgency=medium
* Apply GNU Hurd configure patch for fix FTBFS. (closes: Bug#274599)
More information about the Pkg-cups-devel
mailing list