-
cups (2.4.2-3ubuntu2.5) lunar-security; urgency=medium
* SECURITY UPDATE: Postscript parsing heap overflow
- debian/patches/CVE-2023-4504.patch: properly check for end of buffer
in cups/raster-interpret.c.
- CVE-2023-4504
-- Marc Deslauriers <email address hidden> Fri, 15 Sep 2023 07:16:41 -0400
-
cups (2.4.2-3ubuntu2.4) lunar-security; urgency=medium
* SECURITY UPDATE: recently printed documents authentication issue
- debian/patches/CVE-2023-32360.patch: require authentication for
CUPS-Get-Document in conf/cupsd.conf.in.
- CVE-2023-32360
-- Marc Deslauriers <email address hidden> Mon, 11 Sep 2023 12:27:52 -0400
-
cups (2.4.2-3ubuntu2.3) lunar; urgency=medium
* Fixes to assure color printing on color printers by default or on request
(LP: #1971242)
- check-colormodel-also-for-cmyk.patch: Take into account that on some
printers the ColorModel option's choice for color printing is CMYK and
not RGB.
- dont-override-color-settings-from-print-dialog.patch: Prioritize
the ColorModel PPD file option over the print-color-mode IPP
attribute.
-- Till Kamppeter <email address hidden> Fri, 21 Jul 2023 17:45:00 +0200
-
cups (2.4.2-3ubuntu2.2) lunar-security; urgency=medium
* SECURITY UPDATE: use-after-free in cupsdAcceptClient()
- debian/patches/CVE-2023-34241.patch: log result of httpGetHostname
BEFORE closing the connection in scheduler/client.c.
- CVE-2023-34241
-- Marc Deslauriers <email address hidden> Tue, 13 Jun 2023 08:15:36 -0400
-
cups (2.4.2-3ubuntu2.1) lunar-security; urgency=medium
* SECURITY UPDATE: DoS via buffer overflow in format_log_line
- debian/patches/CVE-2023-32324.patch: check _cups_strlcpy size in
cups/string.c.
- CVE-2023-32324
-- Marc Deslauriers <email address hidden> Thu, 25 May 2023 08:37:20 -0400
-
cups (2.4.2-3ubuntu2) lunar; urgency=low
* In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
-- Till Kamppeter <email address hidden> Mon, 27 Mar 2023 23:12:00 +0200
-
cups (2.4.2-3ubuntu1) lunar; urgency=low
* Merge from Debian unstable. Remaining changes:
- Added "--enable-snapped-clients" to the "./configure" options to use
the correct Snap mediation mode for an unsnapped cupsd, like provided
by this package.
- In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
to allow cupsd to determine which interfaces a snapped client
is plugging.
- Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
Snap mediation.
- Added fully automatic generation of PPD option setting presets to
be applied depending on the settings of the job IPP attributes
"print-color-mode", "print-quality", and "print-content-optimize".
This allows easy control of any printer with only standard IPP
attributes, as for example from a phone (functionality overtaken
from cups-filters, mot (yet) upstream in CUPS).
- Fixed printing on temporary CUPS queues for local services, like
IPP-over-USB or Printer Applications. Especially when printing from
the GTK print dialog printing on such queues did not work (Upstream
pull request #353, LP: #1965112).
- Comment in CVE-2022-26691 patch fixed.
- In debian/rules updated ./configure arguments from --enable-gnutls to
--with-tls=gnutls. Now libcups has support for all hash types again,
especially can provide sha2-256 to PAPPL.
- When polling capabilities of a driverless printer via
get-printer-attributes IPP request, do a separate poll of the
media-col-database attribute in case it did not get obtained by the
first polls.
- Patch to build with snapd-glib-2
* Refreshed patches 9100-ppd-cache-add-auto-presets.patch and
9110-create-local-printer-localhost-fix.patch with quilt.
-- Till Kamppeter <email address hidden> Sun, 26 Mar 2023 21:01:00 +0200
-
cups (2.4.2-1ubuntu4) lunar; urgency=medium
* In debian/rules updated ./configure arguments from --enable-gnutls to
--with-tls=gnutls. Now libcups has support for all hash types again,
especially can provide sha2-256 to PAPPL.
-- Till Kamppeter <email address hidden> Wed, 8 Feb 2023 00:07:31 +0100
-
cups (2.4.2-1ubuntu2) kinetic; urgency=medium
* Add patch to build with snapd-glib-2
-- Jeremy Bicha <email address hidden> Thu, 25 Aug 2022 21:54:33 -0400
