diff options
| author | Till Kamppeter <till@till-desktop> | 2009-11-12 15:10:21 +0100 |
|---|---|---|
| committer | Till Kamppeter <till@till-desktop> | 2009-11-12 15:10:21 +0100 |
| commit | 0bdaa5f3fa05171f6129540be4e98f967a263c32 (patch) | |
| tree | 95a2656255647e32e1a5a5e6a923e9f1d7dd250b | |
| parent | 16f4310b28a14b794c4f4d6e2b652f3a1d5d6c3c (diff) | |
| parent | 88545356e54e31c7491a56477da30d071a5c141e (diff) | |
| download | cups-0bdaa5f3fa05171f6129540be4e98f967a263c32.tar.gz | |
Merged changes from the server.
| -rw-r--r-- | debian/changelog | 14 | ||||
| -rw-r--r-- | debian/control | 2 | ||||
| -rw-r--r-- | debian/patches/00list | 2 | ||||
| -rwxr-xr-x | debian/patches/disable-pdftoopvp-with-old-poppler.dpatch | 43 | ||||
| -rwxr-xr-x | debian/patches/maintain-default-option-settings.dpatch | 32 | ||||
| -rwxr-xr-x | debian/patches/usb-backend-both-usblp-and-libusb.dpatch | 40 |
6 files changed, 34 insertions, 99 deletions
diff --git a/debian/changelog b/debian/changelog index adbeb0e7..71ec851a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -cups (1.4.1-6) UNRELEASED; urgency=low +cups (1.4.2-1) UNRELEASED; urgency=low [ Till Kamppeter ] * debian/patches/log-debug-history-nearly-unlimited.dpatch: Made automatic @@ -19,9 +19,21 @@ cups (1.4.1-6) UNRELEASED; urgency=low work if the usblp kernel module is loaded. [ Martin Pitt ] + * New upstream security/bug fix release: + - The CUPS web interface was vulnerable to several XSS and HTTP + header/body attacks via attribute injection (STR #3367, STR #3401, + CVE-2009-2820; Closes: #555666) + * Drop maintain-default-option-settings.dpatch, applied upstream. + * Update patches to new upstream version. * debian/control: Drop trademark stuff from package descriptions. No other package does that, and it's uninteresting here. The current ones with "easysw" were out of date, too. (Closes: #552781) + * Now that poppler 0.12 is in Debian, drop + disable-pdftoopvp-with-old-poppler.dpatch and bump libpoppler-dev build + dependency. + * poppler now ships fofi include files, which fixes the build. + (Closes: #552818, #552223); rebuilding against new poppler ABI fixes + uninstallability (Closes: #552456) -- Till Kamppeter <till.kamppeter@gmail.com> Tue, 13 Oct 2009 22:52:33 +0200 diff --git a/debian/control b/debian/control index fee63916..15d1c512 100644 --- a/debian/control +++ b/debian/control @@ -8,7 +8,7 @@ Build-Depends: libpam0g-dev, libtiff4-dev, libjpeg62-dev, zlib1g-dev, debhelper (>= 5.0), po-debconf, cdbs (>= 0.4.27), sharutils, dpatch (>= 1.11), libdbus-1-dev, libkrb5-dev | heimdal-dev, libavahi-compat-libdnssd-dev, libavahi-common-dev, libavahi-client-dev, - libpoppler-dev (>= 0.10.0), pkg-config, + libpoppler-dev (>= 0.12), pkg-config, poppler-utils, lsb-release, po4a (>= 0.31), autotools-dev, autoconf, automake, libtool, libijs-dev, hardening-wrapper, liblcms1-dev, libfreetype6-dev, libfontconfig1-dev, pkg-config, libusb-dev diff --git a/debian/patches/00list b/debian/patches/00list index 73a212ed..1f94051b 100644 --- a/debian/patches/00list +++ b/debian/patches/00list @@ -1,7 +1,6 @@ # patches backported from upstream SVN trunk for 1.5: # patches accepted and committed upstream for next 1.4: -maintain-default-option-settings.dpatch # patches sent upstream removecvstag.dpatch @@ -30,7 +29,6 @@ confdirperms.dpatch #use-ps2write-ghostscript-device-for-pdftops-filter.dpatch printer-filtering.dpatch show-compile-command-lines.dpatch -disable-pdftoopvp-with-old-poppler.dpatch ppdc-dynamic-linking.dpatch log-debug-history-nearly-unlimited.dpatch diff --git a/debian/patches/disable-pdftoopvp-with-old-poppler.dpatch b/debian/patches/disable-pdftoopvp-with-old-poppler.dpatch deleted file mode 100755 index 1ce40e72..00000000 --- a/debian/patches/disable-pdftoopvp-with-old-poppler.dpatch +++ /dev/null @@ -1,43 +0,0 @@ -#! /bin/sh -e -## disable-pdftoopvp-with-old-poppler.dpatch by Martin Pitt <mpitt@debian.org> -## -## DP: Disable pdftoopvp if we build with a poppler older than 0.11, since it -## DP: needs that new API. - -pkg-config --atleast-version=0.11 poppler && { echo -n '(ignored)' >&2; exit 0; } || true - -. /usr/share/dpatch/dpatch-run -@DPATCH@ -diff -urNad cups-1.4.1~/debian/cups.install cups-1.4.1/debian/cups.install ---- cups-1.4.1~/debian/cups.install 2009-09-30 15:13:51.000000000 +0200 -+++ cups-1.4.1/debian/cups.install 2009-09-30 15:15:36.657878374 +0200 -@@ -60,4 +60,3 @@ - ../local/*.convs usr/share/cups/mime/ - ../local/pdftops.conf etc/cups/ - ../local/acroread.conf etc/cups/ --etc/fonts/conf.d/99pdftoopvp.conf -diff -urNad cups-1.4.1~/debian/local/filters/pdf-filters/addtocups cups-1.4.1/debian/local/filters/pdf-filters/addtocups ---- cups-1.4.1~/debian/local/filters/pdf-filters/addtocups 2009-09-30 15:13:51.000000000 +0200 -+++ cups-1.4.1/debian/local/filters/pdf-filters/addtocups 2009-09-30 15:15:30.770095014 +0200 -@@ -162,7 +162,7 @@ - \$(CC) \$(LDFLAGS) -o \$@ texttopdf.o textcommon.o common.o pdfutils.o -Lfontembed -lfontembed \$(LIBS) - - EOF --perl -p -i -e 's/^(\s*DIRS\s*=.*\s+filter\s+)/$1pdftoopvp /' Makefile -+#perl -p -i -e 's/^(\s*DIRS\s*=.*\s+filter\s+)/$1pdftoopvp /' Makefile - perl -p -i -e 's/^(\s*DIRS\s*=.*\s+filter\s+)/$1pdftopdf /' Makefile - perl -p -i -e 's/^(\s*LIBS\s*=.*$)/$1\nPOPPLER_LIBS\t=\t\@POPPLER_LIBS\@ \$(LIBS)/' Makedefs.in - perl -p -i -e 's/^(\s*LIBS\s*=.*$)/$1\nIJS_LIBS\t=\t\@IJS_LIBS\@ \$(LIBS)/' Makedefs.in -diff -urNad cups-1.4.1~/debian/local/filters/pdf-filters/pdftopdf/P2PDoc.cxx cups-1.4.1/debian/local/filters/pdf-filters/pdftopdf/P2PDoc.cxx ---- cups-1.4.1~/debian/local/filters/pdf-filters/pdftopdf/P2PDoc.cxx 2009-09-30 15:13:51.000000000 +0200 -+++ cups-1.4.1/debian/local/filters/pdf-filters/pdftopdf/P2PDoc.cxx 2009-09-30 15:15:30.770095014 +0200 -@@ -72,8 +72,7 @@ - strftime(curdate, sizeof(curdate),"D:%Y%m%d%H%M%S%z", curtm); - - /* output header */ -- snprintf(version,sizeof(version),"%%PDF-%d.%d\n", -- orgDoc->getPDFMajorVersion(),orgDoc->getPDFMinorVersion()); -+ snprintf(version,sizeof(version),"%%PDF-%3.1f\n",orgDoc->getPDFVersion()); - str->puts(version); - str->puts("%\0201\0202\0203\0204\n"); - str->puts("% This file was generated by pdftopdf\n"); diff --git a/debian/patches/maintain-default-option-settings.dpatch b/debian/patches/maintain-default-option-settings.dpatch deleted file mode 100755 index e38a878d..00000000 --- a/debian/patches/maintain-default-option-settings.dpatch +++ /dev/null @@ -1,32 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## maintain-default-option-settings.dpatch by <till.kamppeter@gmail.com> -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: No description. - -@DPATCH@ -diff -urNad cups-1.4.1~/scheduler/ipp.c cups-1.4.1/scheduler/ipp.c ---- cups-1.4.1~/scheduler/ipp.c 2009-08-29 08:05:14.000000000 +0200 -+++ cups-1.4.1/scheduler/ipp.c 2009-09-22 23:47:37.000000000 +0200 -@@ -8470,7 +8470,9 @@ - * Read the option name... - */ - -- for (line += 8, olen --; isalnum(*line & 255); line ++) -+ for (line += 8, olen --; -+ *line > ' ' && *line < 0x7f && *line != ':' && *line != '/'; -+ line ++) - if (olen > 0) - { - *option++ = *line; -@@ -8498,7 +8500,9 @@ - while (isspace(*line & 255)) - line ++; - -- for (clen --; isalnum(*line & 255); line ++) -+ for (clen --; -+ *line > ' ' && *line < 0x7f && *line != ':' && *line != '/'; -+ line ++) - if (clen > 0) - { - *choice++ = *line; diff --git a/debian/patches/usb-backend-both-usblp-and-libusb.dpatch b/debian/patches/usb-backend-both-usblp-and-libusb.dpatch index af1d17a1..e0d4598b 100755 --- a/debian/patches/usb-backend-both-usblp-and-libusb.dpatch +++ b/debian/patches/usb-backend-both-usblp-and-libusb.dpatch @@ -4,9 +4,9 @@ ## DP: http://www.cups.org/str.php?L3357 @DPATCH@ -diff -urNad cups-1.4.1~/backend/Makefile cups-1.4.1/backend/Makefile ---- cups-1.4.1~/backend/Makefile 2009-10-14 21:56:11.000000000 +0200 -+++ cups-1.4.1/backend/Makefile 2009-10-14 21:56:11.000000000 +0200 +diff -urNad cups-1.4.2~/backend/Makefile cups-1.4.2/backend/Makefile +--- cups-1.4.2~/backend/Makefile 2009-11-12 14:50:53.092720352 +0100 ++++ cups-1.4.2/backend/Makefile 2009-11-12 14:50:53.482720894 +0100 @@ -267,7 +267,7 @@ echo Linking $@... $(CC) $(LDFLAGS) -o usb usb.o libbackend.a $(LIBUSB) \ @@ -16,9 +16,9 @@ diff -urNad cups-1.4.1~/backend/Makefile cups-1.4.1/backend/Makefile # -diff -urNad cups-1.4.1~/backend/ieee1284.c cups-1.4.1/backend/ieee1284.c ---- cups-1.4.1~/backend/ieee1284.c 2009-08-08 00:24:14.000000000 +0200 -+++ cups-1.4.1/backend/ieee1284.c 2009-10-14 21:56:11.000000000 +0200 +diff -urNad cups-1.4.2~/backend/ieee1284.c cups-1.4.2/backend/ieee1284.c +--- cups-1.4.2~/backend/ieee1284.c 2009-08-08 00:24:14.000000000 +0200 ++++ cups-1.4.2/backend/ieee1284.c 2009-11-12 14:50:53.482720894 +0100 @@ -275,6 +275,7 @@ cups_option_t *values; /* Keys and values in device ID */ const char *mfg, /* Manufacturer */ @@ -50,9 +50,9 @@ diff -urNad cups-1.4.1~/backend/ieee1284.c cups-1.4.1/backend/ieee1284.c mfg = temp; } -diff -urNad cups-1.4.1~/backend/usb-hybrid.c cups-1.4.1/backend/usb-hybrid.c ---- cups-1.4.1~/backend/usb-hybrid.c 1970-01-01 01:00:00.000000000 +0100 -+++ cups-1.4.1/backend/usb-hybrid.c 2009-10-14 21:56:11.000000000 +0200 +diff -urNad cups-1.4.2~/backend/usb-hybrid.c cups-1.4.2/backend/usb-hybrid.c +--- cups-1.4.2~/backend/usb-hybrid.c 1970-01-01 01:00:00.000000000 +0100 ++++ cups-1.4.2/backend/usb-hybrid.c 2009-11-12 14:50:53.482720894 +0100 @@ -0,0 +1,87 @@ +/* + * "$Id: usb-hybrid.c 8807 2009-08-31 18:45:43Z mike $" @@ -141,9 +141,9 @@ diff -urNad cups-1.4.1~/backend/usb-hybrid.c cups-1.4.1/backend/usb-hybrid.c +/* + * End of "$Id: usb-hybrid.c 8807 2009-08-31 18:45:43Z mike $". + */ -diff -urNad cups-1.4.1~/backend/usb-libusb.c cups-1.4.1/backend/usb-libusb.c ---- cups-1.4.1~/backend/usb-libusb.c 2009-09-11 22:03:31.000000000 +0200 -+++ cups-1.4.1/backend/usb-libusb.c 2009-10-14 21:57:06.000000000 +0200 +diff -urNad cups-1.4.2~/backend/usb-libusb.c cups-1.4.2/backend/usb-libusb.c +--- cups-1.4.2~/backend/usb-libusb.c 2009-09-11 22:03:31.000000000 +0200 ++++ cups-1.4.2/backend/usb-libusb.c 2009-11-12 14:50:53.482720894 +0100 @@ -13,16 +13,16 @@ * * Contents: @@ -353,9 +353,9 @@ diff -urNad cups-1.4.1~/backend/usb-libusb.c cups-1.4.1/backend/usb-libusb.c int print_fd) /* I - File to print */ { ssize_t bytes, /* Bytes read/written */ -diff -urNad cups-1.4.1~/backend/usb-unix.c cups-1.4.1/backend/usb-unix.c ---- cups-1.4.1~/backend/usb-unix.c 2009-08-31 20:45:43.000000000 +0200 -+++ cups-1.4.1/backend/usb-unix.c 2009-10-14 21:57:06.000000000 +0200 +diff -urNad cups-1.4.2~/backend/usb-unix.c cups-1.4.2/backend/usb-unix.c +--- cups-1.4.2~/backend/usb-unix.c 2009-09-22 20:47:36.000000000 +0200 ++++ cups-1.4.2/backend/usb-unix.c 2009-11-12 14:51:47.080261855 +0100 @@ -18,10 +18,10 @@ * * Contents: @@ -554,16 +554,16 @@ diff -urNad cups-1.4.1~/backend/usb-unix.c cups-1.4.1/backend/usb-unix.c + * 'side_cb_unix()' - Handle side-channel requests... */ --static void + static int /* O - 0 on success, -1 on error */ -side_cb(int print_fd, /* I - Print file */ -+static int +side_cb_unix(int print_fd, /* I - Print file */ int device_fd, /* I - Device file */ int snmp_fd, /* I - SNMP socket (unused) */ http_addr_t *addr, /* I - Device address (unused) */ -diff -urNad cups-1.4.1~/backend/usb.c cups-1.4.1/backend/usb.c ---- cups-1.4.1~/backend/usb.c 2008-06-24 03:28:36.000000000 +0200 -+++ cups-1.4.1/backend/usb.c 2009-10-14 21:56:11.000000000 +0200 +diff -urNad cups-1.4.2~/backend/usb-unix.c.rej cups-1.4.2/backend/usb-unix.c.rej +diff -urNad cups-1.4.2~/backend/usb.c cups-1.4.2/backend/usb.c +--- cups-1.4.2~/backend/usb.c 2008-06-24 03:28:36.000000000 +0200 ++++ cups-1.4.2/backend/usb.c 2009-11-12 14:50:53.482720894 +0100 @@ -56,7 +56,7 @@ */ |