Hello community, here is the log from the commit of package cups for openSUSE:Factory checked in at 2018-04-25 09:57:26 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cups (Old) and /work/SRC/openSUSE:Factory/.cups.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cups" Wed Apr 25 09:57:26 2018 rev:145 rq:597768 version:2.3b4 Changes: -------- --- /work/SRC/openSUSE:Factory/cups/cups.changes 2017-11-16 13:59:25.661075236 +0100 +++ /work/SRC/openSUSE:Factory/.cups.new/cups.changes 2018-04-25 09:57:41.714891129 +0200 @@ -1,0 +2,117 @@ +Wed Apr 18 13:44:46 CEST 2018 - jsm...@suse.de + +- issue5296_fix_policy_limits_using_All.patch fixes + https://github.com/apple/cups/issues/5296 + by only the actually relevant part of + https://github.com/apple/cups/commit/0873f681e43c04972b3d6bc90bdbdedb29e6e913 + (follow-up of boo#936309 and bsc#577936 starting at comment 13) + +------------------------------------------------------------------- +Wed Mar 28 13:58:32 CEST 2018 - jsm...@suse.de + +- Version upgrade to 2.3b4: + This is the fourth beta of the CUPS 2.3 series. + For details see https://github.com/apple/cups/releases + or the CHANGES.md file. + Changes include: + * Additional security fixes for: + bsc#1061066 DBUS library aborts caller process + in _dbus_check_is_valid_utf8 (in particular that aborts cupsd) + and + bsc#1087018 CVE-2017-18248: cups: The add_job function in + scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is + enabled, can be crashed by remote attackers by sending print + jobs with an invalid username, related to a D-Bus notification + which are the CUPS upstream issues + https://github.com/apple/cups/issues/5143 + Remote DoS attack against cupsd via invalid username + and malicious D-Bus library + and + https://github.com/apple/cups/issues/5186 + squash non-UTF-8 strings into ASCII on plain IPP level + and + https://github.com/apple/cups/issues/5229 + persistently substitute invalid job attributes + with default values - not only in add_job + see also + bsc#1087072 dbus-1: + Disable assertions to prevent un-expected DDoS attacks + * NOTICE: Raw print queues are now deprecated (Issue #5269) + so that now there is a warning message when you + add or modify a queue to use the "raw driver" but + raw printing will continue to work through CUPS 2.3.x, cf. + https://lists.cups.org/pipermail/cups/2018-March/074060.html + * Kerberized printing to another CUPS server did not work + correctly (Issue #5233) + * The scheduler now supports using temporary print queues + for older IPP/1.1 print queues like those shared by CUPS 1.3 + and earlier (Issue #5241) + * Systemd did not restart cupsd when configuration changes + were made that required a restart (Issue #5263) + * Fixed an Avahi crash bug in the scheduler (Issue #5268) + * TLS connections now properly timeout (rdar://34938533) + * Removed support for the `-D_PPD_DEPRECATED=""` developer + cheat - the PPD API should no longer be used. + * Removed support for `-D_IPP_PRIVATE_STRUCTURES=1` developer + cheat - the IPP accessor functions should be used instead. + * The symlink rastertodymo -> rastertolabel + in /usr/lib/cups/filter is no longer provided. +- Removed fix_filter_Makefile.patch + because since CUPS 2.3b4 it is fixed in the upstream code via + https://github.com/apple/cups/issues/5247 more precisely via + https://github.com/apple/cups/commit/ab89234de2d9bf36bb59f2aa4873d98e95ca4df2 + +------------------------------------------------------------------- +Thu Feb 8 14:21:22 CET 2018 - jsm...@suse.de + +- Version upgrade to 2.3b3: + This is the third beta of the CUPS 2.3 series. + For details see https://github.com/apple/cups/releases + Changes include: + * More fixes for printing to old CUPS servers (Issue #5211) + * Additional changes for the scheduler to substitute + default values for invalid job attributes + when running in "relaxed conformance" mode + (Issue #5229 - a follow-up of issues #5186 and #5143) + A detailed list of changes can be found in the CHANGES.md file. +- fix_filter_Makefile.patch fixes + https://github.com/apple/cups/issues/5247 + +------------------------------------------------------------------- +Thu Jan 18 10:26:58 CET 2018 - jsm...@suse.de + +- Version upgrade to 2.3b2: + This is the second beta of the CUPS 2.3 series. + For details see https://github.com/apple/cups/releases + Changes include: + * Printing to old CUPS servers has been fixed (Issue #5211) + A detailed list of changes can be found in the CHANGES.md file. + +------------------------------------------------------------------- +Wed Dec 20 11:40:23 CET 2017 - jsm...@suse.de + +- Version upgrade to 2.3b1: + This is the first beta of the CUPS 2.3 series which + adopts the new CUPS license (Apache License, Version 2.0), + adds support for IPP presets and finishing templates, + and fixes a number of bugs and "polish" issues. + For details see https://github.com/apple/cups/releases + Changes include: + * CUPS is now provided under the Apache License, Version 2.0 + * The CUPS library now supports the latest HTTP Digest + authentication specification including support for SHA-256 + (Issue #4862) + * Dropped RSS subscription management from the + web interface (Issue #5012) + * The lpadmin command now provides a better error message when + an unsupported System V interface script is used (Issue #5111) + * The SSLOptions directive now supports MinTLS and MaxTLS + options to control the minimum and maximum TLS versions + that will be allowed, respectively (Issue #5119) + * Dropped hard-coded CGI scripting language support (Issue #5124) + * The scheduler now substitutes default values for invalid + job attributes when running in "relaxed conformance" + mode (Issue #5186 - a follow-up of issue #5143) + A detailed list of changes can be found in the CHANGES.md file. + +------------------------------------------------------------------- @@ -4 +121 @@ -- Make sure cups-libs-<targettype> is removed +- Make sure cups-libs-<targettype> is removed. @@ -14,0 +132 @@ + A detailed list of changes can be found in the CHANGES.md file. Old: ---- cups-2.2.6-source.tar.gz cups-2.2.6-source.tar.gz.sig New: ---- cups-2.3b4-source.tar.gz cups-2.3b4-source.tar.gz.sig issue5296_fix_policy_limits_using_All.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cups.spec ++++++ --- /var/tmp/diff_new_pack.N85Adf/_old 2018-04-25 09:57:42.662856353 +0200 +++ /var/tmp/diff_new_pack.N85Adf/_new 2018-04-25 09:57:42.666856207 +0200 @@ -1,7 +1,7 @@ # # spec file for package cups # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,25 +19,38 @@ # _tmpfilesdir is not defined in systemd macros up to openSUSE 13.2 %{!?_tmpfilesdir: %global _tmpfilesdir %{_libexecdir}/tmpfiles.d } Name: cups -Version: 2.2.6 +# CUPS beta version numbers like "2.3b4" can be used as is because +# "zypper vcmp 2.3.b99 2.3.0" shows "2.3.b99 is older than 2.3.0" and +# "zypper vcmp 2.2.99 2.3b4" show "2.2.99 is older than 2.3b4" so that +# version upgrades from 2.2.x via 2.3.b* to 2.3.0 work: +Version: 2.3b4 Release: 0 Summary: The Common UNIX Printing System -License: GPL-2.0 and LGPL-2.1 +License: Apache-2.0 Group: Hardware/Printing Url: http://www.cups.org/ -# To download it use e.g. -# wget --no-check-certificate -O cups-2.2.6-source.tar.gz https://github.com/apple/cups/releases/download/v2.2.6/cups-2.2.6-source.tar.gz -Source0: https://github.com/apple/cups/releases/download/v2.2.6/cups-2.2.6-source.tar.gz -# To download it use e.g. -# wget --no-check-certificate -O cups-2.2.6-source.tar.gz.sig https://github.com/apple/cups/releases/download/v2.2.6/cups-2.2.6-source.tar.gz.sig -Source1: https://github.com/apple/cups/releases/download/v2.2.6/cups-2.2.6-source.tar.gz.sig +# To get Source0 go to https://www.cups.org/software.html or https://github.com/apple/cups/releases or use e.g. +# wget --no-check-certificate -O cups-2.3b4-source.tar.gz https://github.com/apple/cups/releases/download/v2.3b4/cups-2.3b4-source.tar.gz +Source0: https://github.com/apple/cups/releases/download/v2.3b4/cups-2.3b4-source.tar.gz +# To get Source1 go to https://www.cups.org/software.html or https://github.com/apple/cups/releases or use e.g. +# wget --no-check-certificate -O cups-2.3b4-source.tar.gz.sig https://github.com/apple/cups/releases/download/v2.3b4/cups-2.3b4-source.tar.gz.sig +Source1: https://github.com/apple/cups/releases/download/v2.3b4/cups-2.3b4-source.tar.gz.sig +# To get Source2 go to https://www.cups.org/pgp.html Source2: cups.keyring +# To manually verify Source0 with Source1 and Source2 do e.g. +# gpg --import cups.keyring +# gpg --list-keys | grep -1 'CUPS.org' | grep -v 'expired' +# gpg --verify cups-2.3b4-source.tar.gz.sig cups-2.3b4-source.tar.gz Source102: Postscript.ppd.gz Source105: Postscript-level1.ppd.gz Source106: Postscript-level2.ppd.gz Source108: cups-client.conf Source109: baselibs.conf # Patch0...Patch9 is for patches from upstream: +# Patch1 fixes CUPS upstream isssue https://github.com/apple/cups/issues/5296 +# by only the actually relevant part of CUPS upstream commit +# https://github.com/apple/cups/commit/0873f681e43c04972b3d6bc90bdbdedb29e6e913 +Patch1: issue5296_fix_policy_limits_using_All.patch # Source10...Source99 is for sources from SUSE which are intended for upstream: # Patch10...Patch99 is for patches from SUSE which are intended for upstream: # Patch10 cups-2.1.0-choose-uri-template.patch adds 'smb://...' URIs to templates/choose-uri.tmpl: @@ -89,11 +102,10 @@ BuildRequires: pkgconfig(libsystemd-daemon) %endif BuildRequires: pkgconfig(systemd) -# Require the exact matching version-release of the cups-client and cups-libs -# sub-package because because all CUPS software is built from the one same -# CUPS source tar ball do that there could be whatever subtle CUPS-internal -# dependencies. -# The exact matching version-release of the cups-client sub-package is available +# Require the exact matching version-release of the cups-client sub-package +# (that requires all native CUPS libraries i.e. the libcups* sub-packages) +# and the cups-config sub-package. +# The exact matching version-release of each sub-package is available # on the same package repository where the cups package is because # all are built simulaneously from the same cups source package # and all required packages are provided on the same repository: @@ -101,7 +113,11 @@ Requires: cups-config = %{version}-%{release} Requires(pre): %{_sbindir}/groupadd Requires(pre): coreutils -# Since CUPS 1.6 all non-Mac filters are dropped +# Cf. https://en.opensuse.org/openSUSE:Systemd_packaging_guidelines +# versus https://lists.opensuse.org/opensuse-factory/2015-03/msg00218.html +%{?systemd_requires} +# Since CUPS 1.6 all non-Mac filters are dropped from CUPS +# and provided in the separated cups-filters software from OpenPrinting.org: Recommends: cups-filters # Our Source105 PSLEVEL1.PPD.bz2 and Source106 PSLEVEL2.PPD.bz2 need foomatic-rip # but this does not justify a RPM Requires so that a weak Recommends is sufficient: @@ -116,8 +132,8 @@ # (e.g. on client systems in the network where the filtering hapens on a CUPS server # or on a CUPS server with only "raw" queues), so that a weak Recommends fits better: Recommends: ghostscript +# Install into this non-root directory (required when it is built as non-root user): BuildRoot: %{_tmppath}/%{name}-%{version}-build -%{?systemd_requires} # Conflicts with other print spoolers which provide same binaries like # /usr/bin/lp and so on or which may listen on the same port (e.g. cups-lpd # versus traditional lpd on port 515): @@ -144,7 +160,6 @@ %package -n libcups2 Summary: HTTP/IPP communication and printer queue and job library -License: GPL-2.0 and LGPL-2.1 Group: System/Libraries Requires: cups-config Obsoletes: cups-libs < %{version}-%{release} @@ -159,7 +174,6 @@ %package -n libcupscgi1 Summary: CUPS web interface support function library -License: GPL-2.0 and LGPL-2.1 Group: System/Libraries %description -n libcupscgi1 @@ -169,7 +183,6 @@ %package -n libcupsimage2 Summary: CUPS library for working with large images -License: GPL-2.0 and LGPL-2.1 Group: System/Libraries %description -n libcupsimage2 @@ -181,7 +194,6 @@ %package -n libcupsmime1 Summary: MIME database file routines for CUPS -License: GPL-2.0 and LGPL-2.1 Group: System/Libraries %description -n libcupsmime1 @@ -191,7 +203,6 @@ %package -n libcupsppdc1 Summary: CUPS PostScript Printer Description (PPD) file compiler library -License: GPL-2.0 and LGPL-2.1 Group: System/Libraries %description -n libcupsppdc1 @@ -202,7 +213,6 @@ %package config Summary: CUPS library configuration files -License: GPL-2.0 and LGPL-2.1 Group: Hardware/Printing %if 0%{?suse_version} >= 1330 Requires(pre): user(lp) @@ -218,18 +228,21 @@ %package client Summary: CUPS Client Programs -License: GPL-2.0 Group: Hardware/Printing # Require the exact matching version-release of the libcups* sub-packages because # non-matching CUPS libraries may let CUPS software crash (e.g. segfault) -# because all CUPS software is built from the one same CUPS source tarball -# so that there are CUPS-internal dependencies via CUPS private API calls +# because all CUPS software is provided as one single CUPS source tarball +# and there are CUPS-internal dependencies via CUPS private API calls # (which do not happen for third-party software which uses only the CUPS public API). -# The exact matching version-release of the libcups* sub-packages is available +# The exact matching version-release of each libcups* sub-package is available # on the same package repository where the cups package is because # all are built simultaneously from the same cups source package # and all required packages are provided on the same repository: Requires: libcups2 = %{version}-%{release} +Requires: libcupscgi1 = %{version}-%{release} +Requires: libcupsimage2 = %{version}-%{release} +Requires: libcupsmime1 = %{version}-%{release} +Requires: libcupsppdc1 = %{version}-%{release} # Conflicts with other print spoolers which provide same binaries like /usr/bin/lp and so on: Conflicts: lprng Conflicts: lprold @@ -246,13 +259,13 @@ %package devel Summary: Development Environment for CUPS -License: GPL-2.0 Group: Development/Libraries/C and C++ -# Do not require the exact matching version-release of cups-libs -# but only a cups-libs package with matching version because +# Do not require the exact matching version-release +# of the native CUPS libraries (i.e. the libcups* sub-packages) +# but only CUPS libraries with matching version because # for building third-party software which uses only the CUPS public API # there are no CUPS-internal dependencies via CUPS private API calls -# (the latter would require the exact matching cups-libs version-release): +# (the latter would require the exact matching CUPS libraries version-release): Requires: glibc-devel Requires: libcups2 = %{version} Requires: libcupscgi1 = %{version} @@ -269,7 +282,6 @@ %package ddk Summary: CUPS Driver Development Kit -License: GPL-2.0 Group: Hardware/Printing Requires: cups = %{version} Requires: cups-devel = %{version} @@ -288,6 +300,10 @@ %prep %setup -q # Patch0...Patch9 is for patches from upstream: +# Patch1 fixes CUPS upstream isssue https://github.com/apple/cups/issues/5296 +# by only the actually relevant part of CUPS upstream commit +# https://github.com/apple/cups/commit/0873f681e43c04972b3d6bc90bdbdedb29e6e913 +%patch1 -b issue5296_fix_policy_limits_using_All.orig # Patch10...Patch99 is for patches from SUSE which are intended for upstream: # Patch10 cups-2.1.0-choose-uri-template.patch adds 'smb://...' URIs to templates/choose-uri.tmpl: %patch10 -b choose-uri-template.orig @@ -374,28 +390,6 @@ %install make BUILDROOT=%{buildroot} install -# Use CUPS' own fonts (i.e. make CUPS work again in compliance with upstream). -# In ancient times (see the RPM changelog entry dated "Thu Aug 16 17:05:19 CEST 2001") -# there was the general opinion it would be a great idea to deviate from CUPS upstream -# and save some disk space and do not install CUPS' own fonts in CUPS' own font directory. -# Therefore CUPS' own fonts were removed and the CUPS font directory was replaced -# by a symbolic link /usr/share/cups/fonts -> ../ghostscript/fonts -# because at that times the Ghostscript fonts had been the same as CUPS' own fonts. -# In any case such a link is a fragile non-future-proof interference because when either -# the Ghostscript fonts or CUPS' own fonts change, linking them as same is wrong. -# Meanwhile (I don't know exactly since when but since a long time) the Ghostscript fonts -# do no longer work for CUPS' particular needs (CUPS has its own fonts because it needs them). -# Nobody noticed it until 2014 via https://bugzilla.novell.com/show_bug.cgi?id=856731 -# But it is not possible with RPM to replace a directory by a symbolic link or vice versa -# see https://bugzilla.novell.com/show_bug.cgi?id=856731#c7 -# and https://bugzilla.novell.com/show_bug.cgi?id=856731#c8 -# This means /usr/share/cups/fonts must stay forever as a symbolic link -# and the only way out is to move CUPS' own fonts to an artificial -# surrogate directory /usr/share/cups/CUPSfonts and have the -# symbolic link /usr/share/cups/fonts -> /usr/share/cups/CUPSfonts: -pushd %{buildroot}%{_datadir}/cups/ -mv fonts CUPSfonts && ln -s CUPSfonts fonts -popd # Make directory for ssl files: mkdir -p %{buildroot}%{_sysconfdir}/cups/ssl # Add a client.conf as template (Source108: cups-client.conf): @@ -409,9 +403,8 @@ # Add conf/pam.suse regarding support for PAM (see Patch100: cups-pam.diff): install -m 644 -D conf/pam.suse %{buildroot}%{_sysconfdir}/pam.d/cups # Add missing usual documentation. -# (since CUPS-2.2.5 it is no longer CREDITS.txt INSTALL.txt README.txt but CREDITS.md INSTALL.md README.md): install -d -m755 %{buildroot}/%{_defaultdocdir}/cups -for f in CHANGES*.txt CREDITS.md INSTALL.md LICENSE.txt README.md +for f in CHANGES.md CREDITS.md INSTALL.md LICENSE README.md do install -m 644 "$f" %{buildroot}%{_defaultdocdir}/cups/ done # Add generic PostScript printer PPDs: @@ -431,15 +424,14 @@ # because if upstream changed it 'sed' would silently no longer change the files: grep -q '^# Configuration ' %{buildroot}/%{_sysconfdir}/cups/cupsd.conf.default sed -i -e 's/^# Configuration /# Default configuration /' %{buildroot}/%{_sysconfdir}/cups/cupsd.conf.default - -# install the systemd control files +# Install the systemd control files: mv %{buildroot}%{_unitdir}/org.cups.cupsd.path %{buildroot}%{_unitdir}/cups.path mv %{buildroot}%{_unitdir}/org.cups.cupsd.service %{buildroot}%{_unitdir}/cups.service mv %{buildroot}%{_unitdir}/org.cups.cupsd.socket %{buildroot}%{_unitdir}/cups.socket mv %{buildroot}%{_unitdir}/org.cups.cups-lpd.socket %{buildroot}%{_unitdir}/cups-lpd.socket mv %{buildroot}%{_unitdir}/org.cups.cups-lpd@.service %{buildroot}%{_unitdir}/cups-lpd@.service sed -i -e "s,org.cups.cupsd,cups,g" %{buildroot}%{_unitdir}/cups.service -# rcbla aliases +# rcbla aliases: ln -s service %{buildroot}%{_sbindir}/rccups ln -s service %{buildroot}%{_sbindir}/rccups-lpd # Install /usr/lib/tmpfiles.d/cups.conf @@ -593,7 +585,6 @@ %{_libexecdir}/cups/filter/commandtops %{_libexecdir}/cups/filter/gziptoany %{_libexecdir}/cups/filter/pstops -%{_libexecdir}/cups/filter/rastertodymo %{_libexecdir}/cups/filter/rastertoepson %{_libexecdir}/cups/filter/rastertohp %{_libexecdir}/cups/filter/rastertolabel ++++++ cups-2.2.6-source.tar.gz -> cups-2.3b4-source.tar.gz ++++++ /work/SRC/openSUSE:Factory/cups/cups-2.2.6-source.tar.gz /work/SRC/openSUSE:Factory/.cups.new/cups-2.3b4-source.tar.gz differ: char 5, line 1 ++++++ cups.keyring ++++++ --- /var/tmp/diff_new_pack.N85Adf/_old 2018-04-25 09:57:42.802851218 +0200 +++ /var/tmp/diff_new_pack.N85Adf/_new 2018-04-25 09:57:42.802851218 +0200 @@ -1,56 +1,54 @@ -pub rsa4096/08D76223 2013-12-18 [expires: 2017-12-18] -uid [ unknown] CUPS.org (CUPS.org PGP key) <secur...@cups.org> -sub rsa4096/96A1A3AC 2013-12-18 [expires: 2017-12-18] - -----BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v2 +Comment: GPGTools - https://gpgtools.org -mQINBFKxnHMBEAC04LKGIEoC+0AhqroXWl7rt7+oJgbeWSbLNYYGSV6NA9BdIpne -kC4ZKJK60vsAKSLwLX636/Do2lVNJQQw8wE05GWI/SblDRQAyqD5N1DyQcYkVnLU -H3Q5O9sCTlSnbn6UREjJRL6+qGWH1euvNMaZwHdbMErrevyNVNpmRxSLy2w5rM03 -F6hOFUxeKl+KZutwiR5lXzqHU4e5fsJ8ICnyB+GZTMvCXrY6X/19g0szDYl7xseF -tGS0vF2WtRBlQzzz4IDwMin4O0ptUlwlioZlA4dPeENZmA288MMXi/RFW/+uoTs8 -niKY+v0a5Djs1neTKO3yNDtuhVOR2PqIlI5BBWKYzz4bBg4hgm7uASPqLEThITEK -7wQQrHd/1clX0XIAQ/+pPJyPj8Z3dLLsuscKoKVtkTy4/ELFGNU+06IiXOOG7q+W -nfM8rHOlMfT628kRVot+MOzN/pbVMbp0VJt6fqnJ+r8eayg2qNWISmAYTaLO9Jsw -tDzfdHbyqKSQj+t6c2iaDnAdBFUkBWFz1Ld7WUGWXe0qTrN2ECvSe03HKMZGEhYT -h71BWN+h1TLfRrO1/ZFhfka2xOqj9RsSNVyBTcvlw/ouZXkEPzDyMAd+egCv0w5X -AS0R2TWHSXOzgxvl6VYyvsCSelfXvrA0YWViHcy8/GbsypVgNKyTi91smQARAQAB -tC9DVVBTLm9yZyAoQ1VQUy5vcmcgUEdQIGtleSkgPHNlY3VyaXR5QGN1cHMub3Jn -PokCPQQTAQoAJwUCUrGccwIbAwUJB4YfgAULCQgHAwUVCgkICwUWAgMBAAIeAQIX -gAAKCRDbo6erCNdiI/4SEACCcH6qQtVUycbYaqnfUU9WRppKEFiYRN33UaNNPOpw -gyqgDBmPkihaNmOQ/1EbTLEOafbtb38J2neA+v/AmQc7fvrfYbVjugneOtvvCSSH -l30VBLE7QZ3szAyvx0zpngQD3JbdwqRQ9gGM0yt6eQjWb+1EqVGQzUqm/n+2Oa9W -mvbxATnGNX0TK24a2CexqwA2bRXxtHiI7C7/wQhuA31BBvVabJJS3jrvKh8dwlbL -FR8fT/0vipEkPQGXJzsa5dEn6RfDvFSiT+vOcEvsAqhiW0Uvd7xxCzQzQkLxRLZ3 -rT1sG01U+qGo98Zk7rVUF4GGG9rqUom89oW7RyvhWHrdjjG8h68nSC9+M9jmtHB8 -AoNxzTFlOTvQqdKDyrovz515RIRDFKL5aLPKfrFm3WADoFTSSMgmyTiv9AfHgaNr -AuWl4bwhZlc2P4m5sH5EhM2S99t62YoaotfZ5Ojv4K7Jfr6TSX8MDjgP9s8OYi2f -zElH5DZhWfwhmLiw7NF2wHioGnVH5eXgJC1cbX8++Brokf6wiPIA2rfHIJBCubrW -9KCW8bHQ/DmwWBAGc2z6ZwWynn8Rbes/guw34pD4mjsoj5PdPSRgjUSKnssHgKBo -CwRnoITeKK9XFnlkD2p2ZbtLkQ9kUc2l9tMGg78axBe5ddOqArvsqZB471pDqanO -pbkCDQRSsZxzARAAt+5QtxIyHOdkidfYSCaz/RKc8/QXbWgRwuoQwqhy/6yYlZZ+ -g7Dtqnu/DddCdXW5YYW0Jg6yDcGb3ApKIMiNPGEaYq5DwgveRmfmje7NgZIlji47 -twjHd1kYeicJaVIHOBZ4R+nimrzfcJJPzhbrU55Uuk4wLOdxuleeHWaejfkB9Nre -DZMS0wPi1QooKKIJSHVHdOyUwYCLuzm4Z+yL91uFvEEcjCLxPQm78l08Kca3E+Ch -2QLi4wVthd/qdns2LIk5jqeo7PBHebxoTeFtDGOT6OYtpplGoz22bLAxqxmJjO4f -qYZ8Tkw1sihwP7z5gLaiFKjCmAE7KI5Iqv2TUcZDNZIh8bk2pxSBqNajwAw7KkA1 -QaW/TVnF3Mj0JQqWEpA4vptk8uZ80Uy5fY5F2lKjDioWV0wN0Y81tZ+lV5khE/91 -sUZk7vD9JTWFlw3xunqoH4QDy6HvS44HrGjvUCXqMKxR633FS0c8rrvjV5vwo36v -AEk5H/MGaU4LTWs+eIvqegfxD+65Ht66DjzzNwkG/REs2e3pT3xSpqCS35xhKvNU -P0HDcgX0p38ecPGYpFBKHW9xSlK6HGOLlGWUQMcuGnNqbd7LPzldKEcZuYoZTcaK -3CCmsCA2y8DRIu2z2AHJPWJxSgJ7fLveJ+tAZWppxXXV9BqPpQpw4XlGnfMAEQEA -AYkCJQQYAQoADwUCUrGccwIbDAUJB4YfgAAKCRDbo6erCNdiI5CkEACYPhRZU8Ua -HoWo8cMfIDZIP6x33yA628N5UV+FTYA0N0UcNdVGcW1bW3cBg7S4Ccebgw60ykAQ -jGdqGp+QpYXdh7ZvxdB1geGqIevDNMcIULdOehbzOg4rsCnHIPPetezD8dsgFjul -3TuwNm6/leujJAcbHxCxo9bXg/i4T3MLpMTuwrMXVJ2zcdw0nTjtcw65y/TYT0D0 -NBZx1e2xR6DGGALkthg0RziSPaZ6YmWvX2W3nv+FB/ewHOWyMLObmMAIggeD2Ffq -q+wGa0KXhkjrouOvefVLjFowTVDQjjyz07ffUEDINGvX13XE1Ego+BlnF3UXmkcB -DZX7ZWJsoSouE29y03AO9ZZ2mM8WVWaJrOqFp/rcosujFyAOULOl1+gs6CbC3fYA -DdUmr5fy7eforVnZKYA1JK+SIdsKtfsNqYWPISuuS5iQwg/r80UhCknfO8sJIRpH -hHgGFXN9iF4WGFCvf+428FAnbhUeLVxSXmHQ6n9Qa1K9OV3fGENXNY8Mdq1psRmw -WUe6jKB1vO7LGhIKry8N1yWDnj+zJkJoy5DdEvj92riCat73uLRpq5MQgeoLhUta -e5/XI9Y7wrnRQAdeM3y19x+3wIL6rVqcGutv/Ew3G9CsHmqS+P0NTIfyAY7J3GCm -ut1GxdVtOgvKz7aFcETtujhb152ylfHleg== -=IQid +mQINBFo5hCYBEAD7WeR8qWUuD4Z3spmcjwIIcFsjF5V7MpqCZrGRcFiTH+MRiomQ +Ylr652+9JlQjS9e/6Gtist6ydADvHqELmg42wQX7MrOCTDfKpM/mP2InMIDkel16 +SZbtBORR44LOzsZ9Cm7739M4hZWp2PVn+ElWJr6t3l9NXVZDXaPWugHlxUYYGz7O +UxfYdkFQ3ND5ST60+Ir8P7YoSfCvxi2dus6/One7dhuTGdm/8+EtwrFPJWgbVxah +FQHD8TKht3poGm6+mqgDley6soo4vUlUnYRbrEe+oXRnTx4Yih3FsXNez7IHFtJv +MzHPSLE+2KsWp1gylp4hgLc5NGUD67nRO8GDqkhLK+PgJERx1NozLXqBa4XaoC6F +rq4i3C+JSsWqWUUs85tpZHwEnZmfYMV+cWcUkuHRwhls2PIVzm2b2BALXV8MY9yO +w8EBTrPo1ae1AplCZnLQX7gBdgBhX6ou+UKXqrAlaqiXlaxY2psajrmY+IqUXJL9 +H9IPMmzHz+apfAvIc4WY2APUI9BDT11gh8ko3ZWVUNxlL1rUwbCBjtwKdmVLLNmr +mU1JbKY9L1PAXElEbpyJ6KrXk49KrFE8lnhTE4g2rUZ0wdmzjbAL0oaBL5qdNupd +MjW20Y+PyYgvIrXNPTk/mhx79rAMlUIhNRYQhyATywr9/ubimhkNgYbcfQARAQAB +tBxDVVBTLm9yZyA8c2VjdXJpdHlAY3Vwcy5vcmc+iQJUBBMBCgA+FiEERdCDlG4w +NSgrPMqa9DQQQjXal+sFAlo5hCYCGwMFCQeGH4AFCwkIBwMFFQoJCAsFFgIDAQAC +HgECF4AACgkQ9DQQQjXal+v1Fg//YlAD/woMIwumfTIBGdc7oye+JLRKTXOnIDxb +VATpcSZOS6LMHy0x7k6kQ+G81r7NkfbQFHZRhvmf62qkg46JhPVJqWBqwVgrbQbk +RRFbo38NkZ37WW2xhImt8iGC8XjfpbfraVYaZQuU7Jbn4vrAppOZbzgVI1T2FIh/ ++GXWbv4WV7hNaNvjREZl1UrzzCTpxrSBgoyx+1P6SwDHYWrC/gp4CMLEj6zf2Hwz +KyIU+FmW54LIZafnswgNpoW1taZx7iSWfvqoyySomtL0PwhYWpKAyIZDf+6cffjx +Fwp5UufEkLjyui0b/6DbCjyWiNHh8BT7niLZ54VXcO8IWr/kQH61s41xp0xU9/Pr +N7Mn22Qd5SCFcDmbFvSI8m7Gn61G8mUfCL2zeAMUkNuzZgc+p2VhRCr+/9gk2eEg +BOqxrrsKDa0g5mWLA0y8a5oohlXKM6SoyRcujCfQxO3rCD1+qM48Zm+4l/6NBg8w +wRJNKoARnR2c9wGvHRbJY3kXllnd/3Fk/EzXwilFK4Fk0uIk8AtMSTh0Se1KNEum +/AbUxRG50dq9pyrfYxsjhNmzu92NIR5sR5PyRQRbGDJkIlNEEbh87TBCrYqnKaPU +lev+476zFE/raaum/DL0ANOUQCtX5ftWEK2Xo1s28DEo2DzyJWmYSmr/wnf8wrp7 +lNWA/F25Ag0EWjmEJgEQAPZvzo1nX/F4+9BGE9o0OSPZt/BLkusiyz6fd46k5vj7 +LGPFpjtMxUxbPNhMJi3QVBhtb8yiNugRmE0sWaA7b2COsXT8jaHZ2EBV0XnTr4Tv +hSxNbdXu9fiDRFQ9x3D/LhDvDRgq0lKQw5cRBLCZw4as9Ytxn1WnS8evwhHRMMYL +/lCyviyyj8zczXPmdWLVlMbhD02Yf5DpteSyhjMTvZFJWZiIUupnM1WXppDo4/Id +nr2Sc5awhuFxdrSYFpaB5+hOdsjhDENcm+GY10iUNCqklCP5BZOeDprap7XwMElW +/chdrwovPYn54Sugl9oHjUOfiJLi/e4J+ey86+2sWY0rZvmOViR1w4NldB+GbEQW +/HOyTwo1Og36+7Ci9m2yothSC0wJAb5Bvg2tc1u4AsG2ylaxMFmwX226d2jJlFNl +2crNFaIE/Uuo7YqH8pcm9kVZ+0apLHoxtZFnZF5QzLmcA83YFFWkqjEfmdLobWXX +pZ+jPkHZDEhj21D+6LYCtUjDwnICySLoIawoMpkV+tdRyHuzxdYX1Nkh74mC2A7d +koxMw86CgXP4UHJwCYunN+rUi7oC8oI1isqtMK8MZhcPdlvE721+fpdAdBIo8KVs +RxQJ3vzhTuugZl5w3E8Jt7lC/q6CC6VI7V74fCNJjXiytrcpYg+FYCyfvxJ/4GH/ +ABEBAAGJAjwEGAEKACYWIQRF0IOUbjA1KCs8ypr0NBBCNdqX6wUCWjmEJgIbDAUJ +B4YfgAAKCRD0NBBCNdqX65zoEACdIsOlto5FQtv2Yx/ayYklEsPgrx1IDnudvVUZ +C+vsDoF9aOUBjUvpHjdBWOBnc/ThOw8ARvOcZLT06HNyzvkJNjj05N+hy1hiSY5B +kL+TGCVkE/wUIDf69lt+KEG89EjpRDSTLDw8t05bEiaZ1XKfDmcIXbao38zhI2CD +r+h1eQotY8bGA7hC7knwQv4VRnN8zBgZhQZdapjC8fBoaY00YZ4wBvd4Yz13/HGi +gXssFNd35n+K+mnUaqulLIwjVfN1/luOubTpqCGVtSEVvHiq7XVRR6cSc345vFMa +3AtRtHKQpZutEz08gZqrXXwALom+HWNbPqdHXEE/mZxvpEVMQr325KLKSPQGZSCq +s8AFeYLYf66gn7T50VX5ws9sGANVvq1CHbouSbfc+UJkibeKG4/jSlqUwWNktEEJ +hI+yGJP5xitfA4IGPaipfVHsxP1z37oht6BTj0zUlfEg9YoPmuHEAhxP7CGOatMM +QkRQ7l0W3F05XL1HzynDnKkEigAUlwhq8Z5oO3Vf9b0MJg/V6T2+jzGIcy0PmliX +rR6FQB5SMRaGCrJxSaPeadnSkJOpFM0dRqKDB049IAIbSxz5ZuqCpbB8tH17ezqu +J3b3cDsSI2TOkacnMo01+IUcrgySKwl/4eUHd92FSq/m085HOQnlae4fjjJ/7qDd +/yDo+w== +=padA -----END PGP PUBLIC KEY BLOCK----- + ++++++ issue5296_fix_policy_limits_using_All.patch ++++++ --- scheduler/conf.c.orig 2018-03-23 21:39:17.000000000 +0100 +++ scheduler/conf.c 2018-04-18 13:38:45.000000000 +0200 @@ -3853,7 +3853,7 @@ read_policy(cups_file_t *fp, /* I - Con if (num_ops < (int)(sizeof(ops) / sizeof(ops[0]))) { if (!_cups_strcasecmp(value, "All")) - ops[num_ops] = IPP_ANY_OPERATION; + ops[num_ops ++] = IPP_ANY_OPERATION; else if ((ops[num_ops] = ippOpValue(value)) == IPP_BAD_OPERATION) cupsdLogMessage(CUPSD_LOG_ERROR, "Bad IPP operation name \"%s\" on line %d of %s.",