Change log for cups package in Ubuntu

175 of 546 results
Published in oracular-release
Deleted in oracular-proposed (Reason: Moved to oracular)
cups (2.4.7-1.2ubuntu9) oracular; urgency=medium

  * SECURITY REGRESSION: early exit on missing listen directive
    - d/p/fix-scheduler-start-if-only-domain-socket-to-listen.patch: don't
      exit if no valid Listen or Port found (LP: #2070315)

 -- Sudhakar Verma <email address hidden>  Tue, 02 Jul 2024 17:37:44 +0530
Published in noble-updates
Published in noble-security
cups (2.4.7-1.2ubuntu7.2) noble-security; urgency=medium

  * SECURITY REGRESSION: early exit on missing listen directive
    - d/p/fix-scheduler-start-if-only-domain-socket-to-listen.patch: don't
      exit if no valid Listen or Port found (LP: #2070315)

 -- Sudhakar Verma <email address hidden>  Thu, 27 Jun 2024 19:17:32 +0530
Published in mantic-updates
Published in mantic-security
cups (2.4.6-0ubuntu3.2) mantic-security; urgency=medium

  * SECURITY REGRESSION: early exit on missing listen directive
    - d/p/fix-scheduler-start-if-only-domain-socket-to-listen.patch: don't
      exit if no valid Listen or Port found (LP: #2070315)

 -- Sudhakar Verma <email address hidden>  Thu, 27 Jun 2024 19:13:38 +0530
Published in jammy-updates
Published in jammy-security
cups (2.4.1op1-1ubuntu4.10) jammy-security; urgency=medium

  * SECURITY REGRESSION: early exit on missing listen directive
    - d/p/fix-scheduler-start-if-only-domain-socket-to-listen.patch: don't
      exit if no valid Listen or Port found (LP: #2070315)

 -- Sudhakar Verma <email address hidden>  Thu, 27 Jun 2024 19:09:25 +0530
Published in focal-updates
Published in focal-security
cups (2.3.1-9ubuntu1.8) focal-security; urgency=medium

  * SECURITY REGRESSION: early exit on missing listen directive
    - d/p/fix-scheduler-start-if-only-domain-socket-to-listen.patch: don't
      exit if no valid Listen or Port found (LP: #2070315)

 -- Sudhakar Verma <email address hidden>  Thu, 27 Jun 2024 18:40:32 +0530
Superseded in oracular-release
Deleted in oracular-proposed (Reason: Moved to oracular)
cups (2.4.7-1.2ubuntu8) oracular; urgency=medium

  * SECURITY UPDATE: cupsd listen arbitrary chmod 0140777
    - debian/patches/CVE-2024-35235.patch: validate status of unlink and bind
      in cups/http-addr.c
    - CVE-2024-35235

 -- Sudhakar Verma <email address hidden>  Fri, 21 Jun 2024 15:57:06 +0530
Superseded in focal-updates
Superseded in focal-security
cups (2.3.1-9ubuntu1.7) focal-security; urgency=medium

  * SECURITY UPDATE: cupsd listen arbitrary chmod 0140777
    - debian/patches/CVE-2024-35235.patch: validate status of unlink and bind
      in cups/http-addr.c
    - CVE-2024-35235

 -- Sudhakar Verma <email address hidden>  Sun, 23 Jun 2024 02:43:24 +0530
Superseded in mantic-updates
Superseded in mantic-security
cups (2.4.6-0ubuntu3.1) mantic-security; urgency=medium

   * SECURITY UPDATE: cupsd listen arbitrary chmod 0140777
    - debian/patches/CVE-2024-35235.patch: validate status of unlink and bind
      in cups/http-addr.c
    - CVE-2024-35235

 -- Sudhakar Verma <email address hidden>  Fri, 21 Jun 2024 15:41:01 +0530
Superseded in noble-updates
Superseded in noble-security
cups (2.4.7-1.2ubuntu7.1) noble-security; urgency=medium

  * SECURITY UPDATE: cupsd listen arbitrary chmod 0140777
    - debian/patches/CVE-2024-35235.patch: validate status of unlink and bind
      in cups/http-addr.c
    - CVE-2024-35235

 -- Sudhakar Verma <email address hidden>  Fri, 21 Jun 2024 13:37:25 +0530
Superseded in jammy-updates
Superseded in jammy-security
cups (2.4.1op1-1ubuntu4.9) jammy-security; urgency=medium

  * SECURITY UPDATE: cupsd listen arbitrary chmod 0140777
    - debian/patches/CVE-2024-35235.patch: validate status of unlink and bind
      in cups/http-addr.c
    - CVE-2024-35235

 -- Sudhakar Verma <email address hidden>  Fri, 21 Jun 2024 00:32:50 +0530
Superseded in oracular-release
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
cups (2.4.7-1.2ubuntu7) noble; urgency=low

  * Another fix for crash caused by the fix of the background polling of
    printer capability information in ...ubuntu4. Added also commit 6aeb03b
    from 2.4.x GIT branch to the patch (LP: #2060692, Upstream issue #934,
    pull request #935).

 -- Till Kamppeter <email address hidden>  Fri, 12 Apr 2024 22:13:19 +0200
Superseded in noble-proposed
cups (2.4.7-1.2ubuntu6) noble; urgency=low

  * Fix crash caused by the fix of the background polling of printer
    capability information in ...ubuntu4. Added commit 2e65a35 from 2.4.x
    GIT branch to the patch (LP: #2060692, Upstream issue #934, pull
    request #937).
  * Backported upstream commits 939368f from 2.4.x GIT branch, to
    fix the auto-repeating of a job in Raster mode when failed printing
    in PDF mode, due to printer-internal bug/incompatibility (Upstream
    issue #391).

 -- Till Kamppeter <email address hidden>  Thu, 11 Apr 2024 23:23:19 +0200
Superseded in noble-proposed
cups (2.4.7-1.2ubuntu5) noble; urgency=low

  * Longer timeout for Avahi resolving for cupsGetDests() API function, used
    by "lpstat -l -e" (Upstream issues #47, #751, fix is already in place
    in the CUPS Snap).

 -- Till Kamppeter <email address hidden>  Sat,  6 Apr 2024 00:05:19 +0200
Superseded in noble-proposed
cups (2.4.7-1.2ubuntu4) noble; urgency=low

  * Backported upstream commits 6c6e1b0, ff16dab, and df3718b from 2.4.x GIT
    branch, to
    - Fix race condition due to removal of temporary queue while still accessing
      it. Now timeout clock is reset on every access, temporary queues not
      created if there is a permanent queue to the same printer, temporary queues
      expire after 5 min instead of 1 min (Upstream issue #871).
    - Fix temporary queue appearing as raw queue while CUPS is still polling
      the capability information from the printer. This breaks print dialogs and
      printing itself. Now queue creation is deleayed until the PPD is ready
      (Upstream issue #347).

 -- Till Kamppeter <email address hidden>  Fri,  5 Apr 2024 22:48:19 +0200
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
cups (2.4.7-1.2ubuntu3) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden>  Sun, 31 Mar 2024 07:31:09 +0000
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
cups (2.4.7-1.2ubuntu2) noble; urgency=low

  * Remove Debian's own (broken) cups.pc file, CUPS has it upstreanm from
    2.4.6 on (LP: #2059157).

 -- Till Kamppeter <email address hidden>  Tue, 26 Mar 2024 23:17:19 +0100
Superseded in noble-proposed
cups (2.4.7-1.2ubuntu1) noble; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
    - In debian/rules updated ./configure arguments from --enable-gnutls to
      --with-tls=gnutls. Now libcups has support for all hash types again,
      especially can provide sha2-256 to PAPPL.
    - In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.

 -- Till Kamppeter <email address hidden>  Tue, 19 Mar 2024 10:46:19 +0100
Superseded in noble-proposed
cups (2.4.7-1ubuntu2) noble; urgency=medium

  * No-change rebuild against libgnutls30t64

 -- Steve Langasek <email address hidden>  Sun, 10 Mar 2024 02:03:25 +0000

Available diffs

Superseded in noble-proposed
cups (2.4.7-1ubuntu1) noble; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
    - In debian/rules updated ./configure arguments from --enable-gnutls to
      --with-tls=gnutls. Now libcups has support for all hash types again,
      especially can provide sha2-256 to PAPPL.
    - In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
  * Removed patches included upstream:
    - CVE-2023-4504.patch

 -- Till Kamppeter <email address hidden>  Wed, 28 Feb 2024 20:07:19 +0100

Available diffs

Superseded in jammy-updates
Deleted in jammy-proposed (Reason: moved to -updates)
cups (2.4.1op1-1ubuntu4.8) jammy; urgency=medium

  * The "lpoptions" utility, when run as root was writing into the file
    /root/.cups/lpoptions instread of /etc/cups/lpoptions. System software
    should never write into /root/ (LP: #2052925).

 -- Till Kamppeter <email address hidden>  Wed, 14 Feb 2023 14:10:00 +0100
Deleted in noble-updates (Reason: superseded by release)
Superseded in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
cups (2.4.6-0ubuntu3) mantic; urgency=medium

  * Let pkg-config data file cups.pc get installed into
    /usr/lib/<ARCH>/pkgconfig/
  * Include pkg-config data file cups.pc in libcups2-dev

 -- Till Kamppeter <email address hidden>  Tue, 26 Sep 2023 14:56:43 +0200

Available diffs

Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
cups (2.4.6-0ubuntu2) mantic; urgency=medium

  * SECURITY UPDATE: Postscript parsing heap overflow
    - debian/patches/CVE-2023-4504.patch: properly check for end of buffer
      in cups/raster-interpret.c.
    - CVE-2023-4504

 -- Marc Deslauriers <email address hidden>  Wed, 20 Sep 2023 12:42:21 -0400

Available diffs

Superseded in focal-updates
Superseded in focal-security
cups (2.3.1-9ubuntu1.6) focal-security; urgency=medium

  * SECURITY UPDATE: Postscript parsing heap overflow
    - debian/patches/CVE-2023-4504.patch: properly check for end of buffer
      in cups/raster-interpret.c.
    - CVE-2023-4504

 -- Marc Deslauriers <email address hidden>  Fri, 15 Sep 2023 07:20:26 -0400
Published in lunar-updates
Published in lunar-security
cups (2.4.2-3ubuntu2.5) lunar-security; urgency=medium

  * SECURITY UPDATE: Postscript parsing heap overflow
    - debian/patches/CVE-2023-4504.patch: properly check for end of buffer
      in cups/raster-interpret.c.
    - CVE-2023-4504

 -- Marc Deslauriers <email address hidden>  Fri, 15 Sep 2023 07:16:41 -0400
Superseded in jammy-updates
Superseded in jammy-security
cups (2.4.1op1-1ubuntu4.7) jammy-security; urgency=medium

  * SECURITY UPDATE: Postscript parsing heap overflow
    - debian/patches/CVE-2023-4504.patch: properly check for end of buffer
      in cups/raster-interpret.c.
    - CVE-2023-4504

 -- Marc Deslauriers <email address hidden>  Fri, 15 Sep 2023 07:19:58 -0400
Superseded in focal-updates
Superseded in focal-security
cups (2.3.1-9ubuntu1.5) focal-security; urgency=medium

  * SECURITY UPDATE: recently printed documents authentication issue
    - debian/patches/CVE-2023-32360.patch: require authentication for
      CUPS-Get-Document in conf/cupsd.conf.in.
    - CVE-2023-32360

 -- Marc Deslauriers <email address hidden>  Mon, 11 Sep 2023 12:30:19 -0400
Superseded in lunar-updates
Superseded in lunar-security
cups (2.4.2-3ubuntu2.4) lunar-security; urgency=medium

  * SECURITY UPDATE: recently printed documents authentication issue
    - debian/patches/CVE-2023-32360.patch: require authentication for
      CUPS-Get-Document in conf/cupsd.conf.in.
    - CVE-2023-32360

 -- Marc Deslauriers <email address hidden>  Mon, 11 Sep 2023 12:27:52 -0400
Superseded in jammy-updates
Superseded in jammy-security
cups (2.4.1op1-1ubuntu4.6) jammy-security; urgency=medium

  * SECURITY UPDATE: recently printed documents authentication issue
    - debian/patches/CVE-2023-32360.patch: require authentication for
      CUPS-Get-Document in conf/cupsd.conf.in.
    - CVE-2023-32360

 -- Marc Deslauriers <email address hidden>  Mon, 11 Sep 2023 12:29:43 -0400
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
cups (2.4.6-0ubuntu1) mantic; urgency=medium

  * Update to new upstream version 2.4.6.
    - Fix printing multiple files on specific printers (Upstream issue #643)

 -- Till Kamppeter <email address hidden>  Wed, 16 Aug 2023 21:53:43 +0200

Available diffs

Deleted in lunar-proposed (Reason: moved to -updates)
cups (2.4.2-3ubuntu2.3) lunar; urgency=medium

  * Fixes to assure color printing on color printers by default or on request
    (LP: #1971242)
    - check-colormodel-also-for-cmyk.patch: Take into account that on some
      printers the ColorModel option's choice for color printing is CMYK and
      not RGB.
    - dont-override-color-settings-from-print-dialog.patch: Prioritize
      the ColorModel PPD file option over the print-color-mode IPP
      attribute.

 -- Till Kamppeter <email address hidden>  Fri, 21 Jul 2023 17:45:00 +0200
Deleted in jammy-proposed (Reason: moved to -updates)
cups (2.4.1op1-1ubuntu4.5) jammy; urgency=medium

  * Fixes to assure color printing on color printers by default or on request
    (LP: #1971242)
    - check-colormodel-also-for-cmyk.patch: Take into account that on some
      printers the ColorModel option's choice for color printing is CMYK and
      not RGB.
    - dont-override-color-settings-from-print-dialog.patch: Prioritize
      the ColorModel PPD file option over the print-color-mode IPP
      attribute.

 -- Till Kamppeter <email address hidden>  Sat, 24 Jun 2023 17:20:00 +0200
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
cups (2.4.5-0ubuntu2) mantic; urgency=medium

  * SECURITY UPDATE: use-after-free in cupsdAcceptClient()
    - debian/patches/CVE-2023-34241.patch: log result of httpGetHostname
      BEFORE closing the connection in scheduler/client.c.
    - CVE-2023-34241

 -- Marc Deslauriers <email address hidden>  Thu, 22 Jun 2023 12:06:19 -0400

Available diffs

Superseded in jammy-updates
Superseded in jammy-security
cups (2.4.1op1-1ubuntu4.4) jammy-security; urgency=medium

  * SECURITY UPDATE: use-after-free in cupsdAcceptClient()
    - debian/patches/CVE-2023-34241.patch: log result of httpGetHostname
      BEFORE closing the connection in scheduler/client.c.
    - CVE-2023-34241
  * This package does _not_ contain the changes from 2.4.1op1-1ubuntu4.3 in
    jammy-proposed.

 -- Marc Deslauriers <email address hidden>  Tue, 13 Jun 2023 08:17:22 -0400
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
cups (2.4.5-0ubuntu1) mantic; urgency=medium

  * Update to new upstream version 2.4.5.
    - Fixes color printing on printers with "CMYK" choice instead of "RGB"
      in "ColorModel" option of their PPD (Upstream issues #451 and #500,
      LP: 1971242).
  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
    - In debian/rules updated ./configure arguments from --enable-gnutls to
      --with-tls=gnutls. Now libcups has support for all hash types again,
      especially can provide sha2-256 to PAPPL.
    - When polling capabilities of a driverless printer via
      get-printer-attributes IPP request, do a separate poll of the
      media-col-database attribute in case it did not get obtained by the
      first polls.
    - In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
  * Manually refreshed patch 9100-ppd-cache-add-auto-presets.patch.
  * Removed patches included upstream:
    - 9110-create-local-printer-localhost-fix.patch
    - CVE-2022-26691-2.patch
    - snapd-glib-2.patch
    - poll-media-col-database-separately.patch
    - CVE-2023-32324.patch

 -- Till Kamppeter <email address hidden>  Wed, 14 Jun 2023 15:38:00 +0200

Available diffs

Deleted in jammy-proposed (Reason: moved to -updates)
cups (2.4.1op1-1ubuntu4.3) jammy; urgency=medium

  * Fixes to assure color printing on color printers by default or on request
    (LP: #1971242)
    - check-colormodel-also-for-cmyk.patch: Take into account that on some
      printers the ColorModel option's choice for color printing is CMYK and
      not RGB.
    - dont-override-color-settings-from-print-dialog.patch: Prioritize
      the ColorModel PPD file option over the print-color-mode IPP
      attribute.

 -- Till Kamppeter <email address hidden>  Wed, 14 Jun 2023 14:36:00 +0200
Superseded in focal-updates
Superseded in focal-security
cups (2.3.1-9ubuntu1.4) focal-security; urgency=medium

  * SECURITY UPDATE: use-after-free in cupsdAcceptClient()
    - debian/patches/CVE-2023-34241.patch: log result of httpGetHostname
      BEFORE closing the connection in scheduler/client.c.
    - CVE-2023-34241

 -- Marc Deslauriers <email address hidden>  Tue, 13 Jun 2023 08:17:47 -0400
Obsolete in kinetic-updates
Obsolete in kinetic-security
cups (2.4.2-1ubuntu2.2) kinetic-security; urgency=medium

  * SECURITY UPDATE: use-after-free in cupsdAcceptClient()
    - debian/patches/CVE-2023-34241.patch: log result of httpGetHostname
      BEFORE closing the connection in scheduler/client.c.
    - CVE-2023-34241

 -- Marc Deslauriers <email address hidden>  Tue, 13 Jun 2023 08:16:59 -0400
Superseded in lunar-updates
Superseded in lunar-security
cups (2.4.2-3ubuntu2.2) lunar-security; urgency=medium

  * SECURITY UPDATE: use-after-free in cupsdAcceptClient()
    - debian/patches/CVE-2023-34241.patch: log result of httpGetHostname
      BEFORE closing the connection in scheduler/client.c.
    - CVE-2023-34241

 -- Marc Deslauriers <email address hidden>  Tue, 13 Jun 2023 08:15:36 -0400
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
cups (2.4.2-3ubuntu3) mantic; urgency=medium

  * SECURITY UPDATE: DoS via buffer overflow in format_log_line
    - debian/patches/CVE-2023-32324.patch: check _cups_strlcpy size in
      cups/string.c.
    - CVE-2023-32324

 -- Marc Deslauriers <email address hidden>  Thu, 25 May 2023 08:37:20 -0400

Available diffs

Published in bionic-updates
Published in bionic-security
cups (2.2.7-1ubuntu2.10) bionic-security; urgency=medium

  * SECURITY UPDATE: DoS via buffer overflow in format_log_line
    - debian/patches/CVE-2023-32324.patch: check _cups_strlcpy size in
      cups/string.c.
    - CVE-2023-32324

 -- Marc Deslauriers <email address hidden>  Thu, 25 May 2023 08:44:11 -0400
Superseded in focal-updates
Superseded in focal-security
cups (2.3.1-9ubuntu1.3) focal-security; urgency=medium

  * SECURITY UPDATE: DoS via buffer overflow in format_log_line
    - debian/patches/CVE-2023-32324.patch: check _cups_strlcpy size in
      cups/string.c.
    - CVE-2023-32324

 -- Marc Deslauriers <email address hidden>  Thu, 25 May 2023 08:43:14 -0400
Superseded in jammy-updates
Superseded in jammy-security
cups (2.4.1op1-1ubuntu4.2) jammy-security; urgency=medium

  * SECURITY UPDATE: DoS via buffer overflow in format_log_line
    - debian/patches/CVE-2023-32324.patch: check _cups_strlcpy size in
      cups/string.c.
    - CVE-2023-32324

 -- Marc Deslauriers <email address hidden>  Thu, 25 May 2023 08:42:49 -0400
Superseded in lunar-updates
Superseded in lunar-security
cups (2.4.2-3ubuntu2.1) lunar-security; urgency=medium

  * SECURITY UPDATE: DoS via buffer overflow in format_log_line
    - debian/patches/CVE-2023-32324.patch: check _cups_strlcpy size in
      cups/string.c.
    - CVE-2023-32324

 -- Marc Deslauriers <email address hidden>  Thu, 25 May 2023 08:37:20 -0400
Superseded in kinetic-updates
Superseded in kinetic-security
cups (2.4.2-1ubuntu2.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: DoS via buffer overflow in format_log_line
    - debian/patches/CVE-2023-32324.patch: check _cups_strlcpy size in
      cups/string.c.
    - CVE-2023-32324

 -- Marc Deslauriers <email address hidden>  Thu, 25 May 2023 08:42:29 -0400
Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar)
cups (2.4.2-3ubuntu2) lunar; urgency=low

  * In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.

 -- Till Kamppeter <email address hidden>  Mon, 27 Mar 2023 23:12:00 +0200
Superseded in lunar-proposed
cups (2.4.2-3ubuntu1) lunar; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
    - Fixed printing on temporary CUPS queues for local services, like
      IPP-over-USB or Printer Applications. Especially when printing from
      the GTK print dialog printing on such queues did not work (Upstream
      pull request #353, LP: #1965112).
    - Comment in CVE-2022-26691 patch fixed.
    - In debian/rules updated ./configure arguments from --enable-gnutls to
      --with-tls=gnutls. Now libcups has support for all hash types again,
      especially can provide sha2-256 to PAPPL.
    - When polling capabilities of a driverless printer via
      get-printer-attributes IPP request, do a separate poll of the
      media-col-database attribute in case it did not get obtained by the
      first polls.
    - Patch to build with snapd-glib-2
  * Refreshed patches 9100-ppd-cache-add-auto-presets.patch and
    9110-create-local-printer-localhost-fix.patch with quilt.

 -- Till Kamppeter <email address hidden>  Sun, 26 Mar 2023 21:01:00 +0200

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar)
cups (2.4.2-1ubuntu4) lunar; urgency=medium

  * In debian/rules updated ./configure arguments from --enable-gnutls to
    --with-tls=gnutls. Now libcups has support for all hash types again,
    especially can provide sha2-256 to PAPPL.

 -- Till Kamppeter <email address hidden>  Wed,  8 Feb 2023 00:07:31 +0100

Available diffs

Superseded in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic)
cups (2.4.2-1ubuntu2) kinetic; urgency=medium

  * Add patch to build with snapd-glib-2

 -- Jeremy Bicha <email address hidden>  Thu, 25 Aug 2022 21:54:33 -0400

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic)
cups (2.4.2-1ubuntu1) kinetic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
    - Fixed printing on temporary CUPS queues for local services, like
      IPP-over-USB or Printer Applications. Especially when printing from
      the GTK print dialog printing on such queues did not work (Upstream
      pull request #353, LP: #1965112).
    - Comment in CVE-2022-26691 patch fixed.

 -- Till Kamppeter <email address hidden>  Mon, 06 Jun 2022 20:20:31 +0200
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic)
cups (2.4.1op1-1ubuntu5) kinetic; urgency=medium

  * SECURITY UPDATE: Local authorization cert bypass
    - debian/patches/CVE-2022-26691-1.patch: fix string comparison in
      scheduler/cert.c.
    - debian/patches/CVE-2022-26691-2.patch: fix the comment in
      scheduler/cert.c.
    - CVE-2022-26691

 -- Marc Deslauriers <email address hidden>  Fri, 27 May 2022 07:53:01 -0400
Superseded in bionic-updates
Superseded in bionic-security
cups (2.2.7-1ubuntu2.9) bionic-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in ippReadIO
    - debian/patches/CVE-2019-8842.patch: fix check in cups/ipp.c.
    - CVE-2019-8842
  * SECURITY UPDATE: buffer overflow in ippReadIO
    - debian/patches/CVE-2020-10001.patch: fix bounds checks in cups/ipp.c.
    - CVE-2020-10001
  * SECURITY UPDATE: Local authorization cert bypass
    - debian/patches/CVE-2022-26691-1.patch: fix string comparison in
      scheduler/cert.c.
    - debian/patches/CVE-2022-26691-2.patch: fix the comment in
      scheduler/cert.c.
    - CVE-2022-26691

 -- Marc Deslauriers <email address hidden>  Fri, 27 May 2022 11:03:33 -0400
Superseded in focal-updates
Superseded in focal-security
cups (2.3.1-9ubuntu1.2) focal-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in ippReadIO
    - debian/patches/CVE-2019-8842.patch: fix check in cups/ipp.c.
    - CVE-2019-8842
  * SECURITY UPDATE: buffer overflow in ippReadIO
    - debian/patches/CVE-2020-10001.patch: fix bounds checks in cups/ipp.c.
    - CVE-2020-10001
  * SECURITY UPDATE: Local authorization cert bypass
    - debian/patches/CVE-2022-26691-1.patch: fix string comparison in
      scheduler/cert.c.
    - debian/patches/CVE-2022-26691-2.patch: fix the comment in
      scheduler/cert.c.
    - CVE-2022-26691

 -- Marc Deslauriers <email address hidden>  Fri, 27 May 2022 10:51:54 -0400
Obsolete in impish-updates
Obsolete in impish-security
cups (2.3.3op2-7ubuntu2.1) impish-security; urgency=medium

  * SECURITY UPDATE: Local authorization cert bypass
    - debian/patches/CVE-2022-26691-1.patch: fix string comparison in
      scheduler/cert.c.
    - debian/patches/CVE-2022-26691-2.patch: fix the comment in
      scheduler/cert.c.
    - CVE-2022-26691

 -- Marc Deslauriers <email address hidden>  Fri, 27 May 2022 09:03:52 -0400
Superseded in jammy-updates
Superseded in jammy-security
cups (2.4.1op1-1ubuntu4.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Local authorization cert bypass
    - debian/patches/CVE-2022-26691-1.patch: fix string comparison in
      scheduler/cert.c.
    - debian/patches/CVE-2022-26691-2.patch: fix the comment in
      scheduler/cert.c.
    - CVE-2022-26691

 -- Marc Deslauriers <email address hidden>  Fri, 27 May 2022 07:53:01 -0400
Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
cups (2.4.1op1-1ubuntu4) jammy; urgency=low

  * Fixed PPD file auto-generation when a print queue is created with
    a DNS-SD-service-name-based URI and "-m everywhere" backporting the
    fix from upstream (Upstream issue #340, #343).

 -- Till Kamppeter <email address hidden>  Sat, 19 Mar 2022 00:07:00 +0100
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
cups (2.4.1op1-1ubuntu3) jammy; urgency=low

  * Fixed crasher in the patch for temporary queues for local services
    in the previous release. Updated the patch and the upstream pull
    request (LP: #1965112, Upstream pull request #353).

 -- Till Kamppeter <email address hidden>  Wed, 16 Mar 2022 18:24:08 +0100
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
cups (2.4.1op1-1ubuntu2) jammy; urgency=low

  * Fixed printing on temporary CUPS queues for local services, like
    IPP-over-USB or Printer Applications. Especially when printing from
    the GTK print dialog printing on such queues did not work (Upstream
    pull request #353).

 -- Till Kamppeter <email address hidden>  Mon, 14 Mar 2022 09:13:08 +0100
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
cups (2.4.1op1-1ubuntu1) jammy; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
      default, as CUPS always worked this way but the new patch for
      supporting the "cups-control" interface of Snaps does not allow
      implicit permission to everything for root any more.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
  * Updated 9100-ppd-cache-add-auto-presets.patch

 -- Till Kamppeter <email address hidden>  Tue, 22 Feb 2022 12:28:08 +0100
Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish)
cups (2.3.3op2-7ubuntu2) impish; urgency=low

  * Updated patch for auto-generation of PPD presets to patch proposed
    upstream (Upstream pull request #236) due to added PPD options taken into
    account.

 -- Till Kamppeter <email address hidden>  Fri, 10 Sep 2021 19:20:00 +0200
Superseded in impish-proposed
cups (2.3.3op2-7ubuntu1) impish; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added extra checking when administrative requests (create queue,
      remove someone else's job, ...) reach cupsd. If the client is a Snap,
      it has to plug the cups-control interface to be allowed to do the
      task. Added libapparmor-dev and libsnapd-glib-dev to the build
      dependencies. Also added needed permissions to AppArmor profile.
    - Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
      default, as CUPS always worked this way but the new patch for
      supporting the "cups-control" interface of Snaps does not allow
      implicit permission to everything for root any more.
    - Added "--enable-snapped-clients"
      to the "./configure" options to use the correct checking mode for an
      unsnapped cupsd, like provided by this package.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
  * Updated patch for auto-generation of PPD presets to patch proposed
    upstream (Upstream pull request #236).

 -- Till Kamppeter <email address hidden>  Mon, 06 Sep 2021 21:26:41 +0200
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish)
cups (2.3.3op2-5ubuntu1) impish; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added extra checking when administrative requests (create queue,
      remove someone else's job, ...) reach cupsd. If the client is a Snap,
      it has to plug the cups-control interface to be allowed to do the
      task. Added libapparmor-dev and libsnapd-glib-dev to the build
      dependencies. Also added needed permissions to AppArmor profile.
    - Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
      default, as CUPS always worked this way but the new patch for
      supporting the "cups-control" interface of Snaps does not allow
      implicit permission to everything for root any more.
    - Added "--enable-snapped-clients"
      to the "./configure" options to use the correct checking mode for an
      unsnapped cupsd, like provided by this package.
  * Added fully automatic generation of PPD option setting presets to
    be applied depending on the settings of the job IPP attributes
    "print-color-mode", "print-quality", and "print-content-optimize".
    This allows easy control of any printer with only standard IPP
    attributes, as for example from a phone (functionality overtaken
    from cups-filters, mot (yet) upstream in CUPS).

 -- Till Kamppeter <email address hidden>  Tue, 17 Aug 2021 23:47:41 +0200
Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: Moved to hirsute)
cups (2.3.3op2-3ubuntu3) hirsute; urgency=low

  * Updated AppArmor profile entries for CUPS accessing snapd to
    check whether a client is a Snap and which interfaces it plugs to.

 -- Till Kamppeter <email address hidden>  Fri, 19 Mar 2021 18:26:41 +0100
Superseded in hirsute-proposed
cups (2.3.3op2-3ubuntu2) hirsute; urgency=low

  * Replaced patch for extra checking of admin requests from snapped
    clients by the current upstream code. Added "--enable-snapped-clients"
    to the "./configure" options to use the correct checking mode for an
    unsnapped cupsd, like provided by this package.

 -- Till Kamppeter <email address hidden>  Fri, 19 Mar 2021 16:32:41 +0100
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release)
cups (2.3.3op2-3ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added extra checking when administrative requests (create queue,
      remove someone else's job, ...) reach cupsd. If the client is a Snap,
      it has to plug the cups-control interface to be allowed to do the
      task. Added libapparmor-dev and libsnapd-glib-dev to the build
      dependencies. Also added needed permissions to AppArmor profile.
    - Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
      default, as CUPS always worked this way but the new patch for
      supporting the "cups-control" interface of Snaps does not allow
      implicit permission to everything for root any more.
  * Clean up "Build-Depends:" to be in sync with Debian (delta overlooked
    for near a decade when cups-filters was introduced in 2012), removing
    the unneeded entries: ghostscript, libavahi-compat-libdnssd-dev,
    libfontconfig1-dev, libfreetype6-dev, libijs-dev, libjpeg-dev,
    libldap2-dev, libpng-dev, libtiff-dev, poppler-utils, sharutils
  * Removed the changes on the machine-generated "configure" file in the
    patch for checking snapped clients, the changes easily mis-match on
    updates and we run "autoconf" in debian/rules anyway.

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release)
cups (2.3.3op1-5ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added extra checking when administrative requests (create queue,
      remove someone else's job, ...) reach cupsd. If the client is a Snap,
      it has to plug the cups-control interface to be allowed to do the
      task. Added libapparmor-dev and libsnapd-glib-dev to the build
      dependencies. Also added needed permissions to AppArmor profile.
    - Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
      default, as CUPS always worked this way but the new patch for
      supporting the "cups-control" interface of Snaps does not allow
      implicit permission to everything for root any more.
  * In the AppArmor profile allow cupsd to write to /run/systemd/notify
    to notify that it is up and running (systemd service type "notify").

Superseded in hirsute-proposed
cups (2.3.3op1-3ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added extra checking when administrative requests (create queue,
      remove someone else's job, ...) rach cupsd. If the client is a Snap,
      it has to plug the cups-control interface to be allowed to do the
      task. Added libapparmor-dev and libsnapd-glib-dev to the build
      dependencies. Also added needed permissions to AppArmor profile.
    - Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
      default, as CUPS always worked this way but the new patch for
      supporting the "cups-control" interface of Snaps does not allow
      implicit permission to everything for root any more.

Available diffs

Superseded in hirsute-release
Obsolete in groovy-release
Deleted in groovy-proposed (Reason: moved to Release)
cups (2.3.3-3ubuntu1) groovy; urgency=medium

  * Merged with Debian unstable. Remaining changes:
    - Added extra checking when administrative requests (create queue,
      remove someone else's job, ...) rach cupsd. If the client is a Snap,
      it has to plug the cups-control interface to be allowed to do the
      task. Added libapparmor-dev and libsnapd-glib-dev to the build
      dependencies. Also added needed permissions to AppArmor profile.
  * Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
    defualt, as CUPS always worked this way but the new patch for
    supporting the "cups-control" interface of Snaps does not allow
    implicit permission to everything for root any more.

 -- Till Kamppeter <email address hidden>  Fri,  4 Sep 2020 19:00:00 +0200

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release)
cups (2.3.3-2ubuntu5) groovy; urgency=medium

  * In all autopkgtests modify set "LogLevel debug2" in cupsd.conf and
    "SystemGroup lpadmin root" in cups-files.conf and restart cupsd,
    the former change to more easily find out what failed and the latter
    as the default configuration did not allow root to create queues,
    making all tests fail.

 -- Till Kamppeter <email address hidden>  Thu, 27 Aug 2020 23:18:00 +0200
Superseded in groovy-proposed
cups (2.3.3-2ubuntu4) groovy; urgency=medium

  * Let the rastertopwg filter check rounding errors when calculating the
    page geometry.

 -- Till Kamppeter <email address hidden>  Wed, 27 Aug 2020 10:22:00 +0200

Available diffs

Superseded in groovy-proposed
cups (2.3.3-2ubuntu3) groovy; urgency=medium

  * Do not choke if the GTK dialog sends "None" as phone number or pre-dial
    prefix.

 -- Till Kamppeter <email address hidden>  Wed, 26 Aug 2020 22:33:00 +0200

Available diffs

Superseded in groovy-proposed
cups (2.3.3-2ubuntu2) groovy; urgency=medium

  * Fix fax numbers supplied via GTK print dialog, removing a "Custom."
    prefix.

 -- Till Kamppeter <email address hidden>  Wed, 26 Aug 2020 13:03:00 +0200

Available diffs

Superseded in groovy-proposed
cups (2.3.3-2ubuntu1) groovy; urgency=medium

  * Added extra checking when administrative requests (create queue,
    remove someone else's job, ...) rach cupsd. If the client is a Snap,
    it has to plug the cups-control interface to be allowed to do the
    task. Added libapparmor-dev and libsnapd-glib-dev to the build
    dependencies. Also added needed permissions to AppArmor profile.
  * Resolve DNS-SD-service-name-based URIs correctly also if they are from
    a service from localhost (like IPP-over-USB, Printer Application, ...)
  * Make lpoptions list a printer's options correctly also when CUPS is
    running on an alternative port.

 -- Till Kamppeter <email address hidden>  Tue, 25 Aug 2020 21:34:00 +0200
Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release)
cups (2.3.3-2) unstable; urgency=medium

  * Add missing dh-strip-nondeterminism B-D
  * cups-daemon: Add ipp-usb Recommends

 -- Didier Raboud <email address hidden>  Wed, 29 Jul 2020 09:20:56 +0200

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release)
cups (2.3.3-1) unstable; urgency=medium

  * New 2.3.3 upstream release, with the two -12 security patches

 -- Didier Raboud <email address hidden>  Fri, 01 May 2020 15:28:22 +0200
Superseded in bionic-updates
Superseded in bionic-security
cups (2.2.7-1ubuntu2.8) bionic-security; urgency=medium

  * SECURITY UPDATE: information disclosure via OOB read
    - debian/patches/CVE-2019-2228.patch: fix ippSetValueTag validation of
      default language in cups/ipp.c.
    - CVE-2019-2228
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2020-3898.patch: properly handle invalid
      resolution names in cups/ppd.c, ppdc/ppdc-source.cxx.
    - CVE-2020-3898

 -- Marc Deslauriers <email address hidden>  Fri, 24 Apr 2020 10:42:08 -0400
175 of 546 results