Hello community, here is the log from the commit of package cups-filters for openSUSE:Factory checked in at 2015-07-16 17:13:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cups-filters (Old) and /work/SRC/openSUSE:Factory/.cups-filters.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cups-filters" Changes: -------- --- /work/SRC/openSUSE:Factory/cups-filters/cups-filters.changes 2015-05-23 13:03:06.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.cups-filters.new/cups-filters.changes 2015-07-16 17:13:51.000000000 +0200 @@ -1,0 +2,65 @@ +Mon Jul 6 11:56:23 CEST 2015 - [email protected] + +- Version upgrade to 1.0.71 + Change in 1.0.71 (cf. the NEWS file but there is a typo + in the NEWS file that claims the CVE number is 3259 + while the correct CVE number is 3279): + * texttopdf: The Page allocation is moved into textcommon.c, + where it does all the necessary checking: lower-bounds + for CVE-2015-3258 and upper-bounds for CVE-2015-3279 + due to integer overflows for the calloc() call + initialising Page[0] and the memset() call in texttopdf.c's + WritePage() function zeroing the entire array. + Thanks to Tim Waugh from Red Hat for the patch. + * texttopdf: Upper-bounds checking (CVE-2015-3279). + +------------------------------------------------------------------- +Mon Jun 29 09:40:08 CEST 2015 - [email protected] + +- Version upgrade to 1.0.70 + Changes in 1.0.70 (excerpt - for details see the NEWS file): + * texttopdf: Fixed buffer overflow on size allocation + of texttopdf when working with extremely small line sizes, + which causes the size calculation to result in 0 + (CVE-2015-3258, thanks to Stefan Cornelius fro Red Hat + for the patch). + * cups-browsed: leak fixes + * cups-browsed: Further BrowseAllow fixing + * cups-browsed: BrowsePoll is an array of pointers, + not structures, so allocate room for the pointers + * cups-browsed: Prevent NULL dereference when handling + BrowseAllow without value + * cups-browsed: Use memory deallocation function + corresponding to allocation function used + * cups-browsed: Fixes for glib source handling + (Red Hat bug #1228555) +- Version upgrade to 1.0.69 + Changes in 1.0.69 (excerpt - for details see the NEWS file): + * cups-browsed: When checking whether a queue name already + exists as a locally defined queue, do case-insensitive + comparing as for CUPS printer names are case-insensitive. + This assures that already existing queues do never get + overwritten. + * cups-browsed: Added "IPPPrinterQueueType Auto/PPD/NoPPD" + directive to cups-browsed.conf to allow controlling how + cups-browsed creates queues fr native IPP network printers: + with PPD, with System V interface script, or selecting + automatically. + * pdftopdf: Center Landscape-oriented jobs correctly + on the page if the "fitplot" or "number-up" options + are used (Bug #1284). + * pstopdf: Removed "-dUseCIEColor" from the Ghostscript command + line. In modern Ghostscript versions (9.11 and newer) it is + recommended to not use it with the pdfwrite and ps2write + output devices any more. + * imagetopdf: Corrections in PDF output: Let evince display + the PDF with the correct size including margins and let + ghostscript not complain about an invalid xref entry. + * sys5ippprinter: Renamed pdftoippprinter to reflect that it is + once a System 5 interface script and second does not accept + only PDF as input. + * pdftoippprinter: Support also PWG Raster and JPEG as input + formats so that an auto-generated, PPD-less queue for an + IPP printer emulates an IPP Everywhere printer. + +------------------------------------------------------------------- Old: ---- cups-filters-1.0.68.tar.xz New: ---- cups-filters-1.0.71.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cups-filters.spec ++++++ --- /var/tmp/diff_new_pack.9729Ib/_old 2015-07-16 17:13:52.000000000 +0200 +++ /var/tmp/diff_new_pack.9729Ib/_new 2015-07-16 17:13:52.000000000 +0200 @@ -36,7 +36,7 @@ # and also run: zypper vcmp 'next version' 'current version' # e.g. zypper vcmp '1.0.49' '1.0.49.20140326' -> 1.0.49 is older than 1.0.49.20140326 # and zypper vcmp '1.0.50' '1.0.49.20140326' -> 1.0.50 is newer than 1.0.49.20140326 -Version: 1.0.68 +Version: 1.0.71 Release: 0 Source0: http://www.openprinting.org/download/cups-filters/cups-filters-%{version}.tar.xz # Since cups-filters version 1.0.42 foomatic-rip is also provided by cups-filters. @@ -422,7 +422,6 @@ %attr(0755,root,root) /usr/lib/cups/filter/imagetops %attr(0755,root,root) /usr/lib/cups/filter/imagetoraster %attr(0755,root,root) /usr/lib/cups/filter/pdftoijs -%attr(0755,root,root) /usr/lib/cups/filter/pdftoippprinter %attr(0755,root,root) /usr/lib/cups/filter/pdftoopvp %attr(0755,root,root) /usr/lib/cups/filter/pdftopdf %attr(0755,root,root) /usr/lib/cups/filter/pdftops @@ -431,6 +430,7 @@ %attr(0755,root,root) /usr/lib/cups/filter/rastertoescpx %attr(0755,root,root) /usr/lib/cups/filter/rastertopclx %attr(0755,root,root) /usr/lib/cups/filter/rastertopdf +%attr(0755,root,root) /usr/lib/cups/filter/sys5ippprinter %attr(0755,root,root) /usr/lib/cups/filter/textonly %attr(0755,root,root) /usr/lib/cups/filter/texttopdf %attr(0755,root,root) /usr/lib/cups/filter/texttops ++++++ cups-filters-1.0.68.tar.xz -> cups-filters-1.0.71.tar.xz ++++++ ++++ 3698 lines of diff (skipped)
