Updated print/cups to 1.1.18. Changes from version 1.1.17 include:

- SECURITY FIX: The scheduler now provides a FileDevice directive to
  control whether new printers can be added using device URIs of the form
  "file:/filename".  The default is to not allow printers with these
  device URIs.
- SECURITY FIX: Potential underflow/overflow bug in web interface.
- SECURITY FIX: Race condition in certificate creation.
- SECURITY FIX: Bad URIs in browse packets could be used to exploit the
  web interface underflow/overflow bug.
- SECURITY FIX: Some types of Denial of Service attacks were not handled
  properly, so once the attack was over the scheduler did not close the
  connections immediately on all platforms.
- SECURITY FIXES: Added integer overflow/underflow checks for all image
  formats.
- Bug fixes to the scheduler.
- Upgraded pdftops filter to Xpdf 2.01 with fixes for TrueType fonts.
- Added a MaxClientsPerHost configuration directive to provide limited
  protection against Denial of Service attacks.

1 files changed, 2 insertions, 1 deletions

diff --git a/doc/CHANGES b/doc/CHANGES
index 8de16142555..78b9f8255bd 100644
--- a/doc/CHANGES
+++ b/doc/CHANGES
@@ -1,4 +1,4 @@
-$NetBSD: CHANGES,v 1.848 2002/12/19 22:26:12 jlam Exp $
+$NetBSD: CHANGES,v 1.849 2002/12/20 07:00:45 jlam Exp $
 
 Changes to the packages collection and infrastructure in 2002:
 
@@ -4023,3 +4023,4 @@ Changes to the packages collection and infrastructure in 2002:
 	Updated openslp to 1.0.10 [jlam 2002-12-19]
 	Updated png to 1.2.5nb1 [fredb 2002-12-19]
 	Updated cups to 1.1.17 [jlam 2002-12-19]
+	Updated cups to 1.1.18 [jlam 2002-12-20]