Hello community, here is the log from the commit of package system-config-printer for openSUSE:11.4 checked in at Thu Dec 8 10:28:13 CET 2011.
-------- --- old-versions/11.4/all/system-config-printer/system-config-printer.changes 2011-02-13 17:24:28.000000000 +0100 +++ 11.4/system-config-printer/system-config-printer.changes 2011-12-06 17:43:59.000000000 +0100 @@ -1,0 +2,8 @@ +Tue Dec 6 16:42:31 UTC 2011 - [email protected] + +- Add system-config-printer-no-openprinting.patch: this disables + the feature where PPD drivers can be downloaded from + OpenPrinting.org. See discussion in bnc#733542. As a side-effect, + this fixes CVE-2011-4405. + +------------------------------------------------------------------- Package does not exist at destination yet. Using Fallback old-versions/11.4/all/system-config-printer Destination is old-versions/11.4/UPDATES/all/system-config-printer calling whatdependson for 11.4-i586 New: ---- system-config-printer-no-openprinting.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ system-config-printer.spec ++++++ --- /var/tmp/diff_new_pack.o99FfQ/_old 2011-12-08 10:27:55.000000000 +0100 +++ /var/tmp/diff_new_pack.o99FfQ/_new 2011-12-08 10:27:55.000000000 +0100 @@ -22,7 +22,7 @@ License: GPLv2+ Group: Hardware/Printing Version: 1.2.5 -Release: 2 +Release: 5.<RELEASE6> Summary: A printer administration tool Url: http://cyberelk.net/tim/software/system-config-printer/ Source0: http://cyberelk.net/tim/data/system-config-printer/1.0.x/system-config-printer-%{version}.tar.bz2 @@ -30,6 +30,8 @@ Patch13: system-config-printer-icon-brp-friendly.patch # PATCH-FIX-OPENSUSE system-config-printer-firewall-menu.patch [email protected] -- Fix string to mention correct path in menus to firewall tool Patch18: system-config-printer-firewall-menu.patch +# PATCH-FIX-OPENSUSE system-config-printer-no-openprinting.patch bnc#733542 [email protected] -- Disable feature that downloads ppd from openprinting.org +Patch19: system-config-printer-no-openprinting.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Obsoletes: gnome-cups-manager <= 0.33 BuildRequires: cups-devel @@ -104,6 +106,7 @@ gnome-patch-translation-prepare %patch13 -p1 %patch18 -p1 +%patch19 -p1 gnome-patch-translation-update %build ++++++ system-config-printer-no-openprinting.patch ++++++ Index: system-config-printer-1.2.5/cupshelpers/openprinting.py =================================================================== --- system-config-printer-1.2.5.orig/cupshelpers/openprinting.py +++ system-config-printer-1.2.5/cupshelpers/openprinting.py @@ -46,6 +46,11 @@ class _QueryThread (threading.Thread): self.setDaemon (True) def run (self): + ## Disabled on openSUSE, see discussion in https://bugzilla.novell.com/show_bug.cgi?id=733542 + if self.callback != None: + self.callback (403, self.user_data, None) + return + # CGI script to be executed query_command = "/query.cgi" # Headers for the post request Index: system-config-printer-1.2.5/system-config-printer.py =================================================================== --- system-config-printer-1.2.5.orig/system-config-printer.py +++ system-config-printer-1.2.5/system-config-printer.py @@ -3974,6 +3974,8 @@ class NewPrinterGUI(GtkGUI): # Set up OpenPrinting widgets. self.openprinting = cupshelpers.openprinting.OpenPrinting () self.openprinting_query_handle = None + ## Disabled on openSUSE, see discussion in https://bugzilla.novell.com/show_bug.cgi?id=733542 + self.rbtnNPDownloadableDriverSearch.hide() combobox = self.cmbNPDownloadableDriverFoundPrinters cell = gtk.CellRendererText() combobox.pack_start (cell, True) @@ -4712,6 +4714,7 @@ class NewPrinterGUI(GtkGUI): self.btnNPBack.hide() self.btnNPForward.show() downloadable_selected = False + ## openSUSE: just a guard to know when the name of the widget to hide changes if self.rbtnNPDownloadableDriverSearch.get_active (): combobox = self.cmbNPDownloadableDriverFoundPrinters iter = combobox.get_active_iter () @@ -6677,6 +6680,8 @@ class NewPrinterGUI(GtkGUI): elif self.rbtnNPPPD.get_active(): ppd = cups.PPD(self.filechooserPPD.get_filename()) else: + ## Disabled on openSUSE, see discussion in https://bugzilla.novell.com/show_bug.cgi?id=733542 + return # PPD of the driver downloaded from OpenPrinting XXX treeview = self.tvNPDownloadableDrivers model, iter = treeview.get_selection ().get_selected () continue with "q"... Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
