Hello community,

here is the log from the commit of package cups for openSUSE:Factory checked in 
at 2020-10-26 16:11:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/cups (Old)
 and      /work/SRC/openSUSE:Factory/.cups.new.3463 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "cups"

Mon Oct 26 16:11:53 2020 rev:151 rq:843399 version:2.3.3

Changes:
--------
--- /work/SRC/openSUSE:Factory/cups/cups.changes        2020-07-05 
01:10:38.647500233 +0200
+++ /work/SRC/openSUSE:Factory/.cups.new.3463/cups.changes      2020-10-26 
16:12:24.222721224 +0100
@@ -1,0 +2,154 @@
+Wed Oct 14 09:11:00 UTC 2020 - Michael Gorse <mgo...@suse.com>
+
+- Version upgrade to 2.3.3:
+  - CVE-2020-3898: The `ppdOpen` function did not handle invalid UI
+    constraint.  `ppdcSource::get_resolution` function did not
+    handle invalid resolution strings.
+  - CVE-2019-8842: The `ippReadIO` function may under-read an
+    extension field.
+  - Fixed WARNING_OPTIONS support for GCC 9.x
+  Changes in CUPS 2.3.2:
+  Localization updates
+  Changes in CUPS 2.3.1:
+  - CVE-2019-2228: The `ippSetValuetag` function did not validate
+    the default language value.
+  - Fixed a crash bug in the web interface.
+  - The PPD cache code now looks up page sizes using their
+    dimensions.
+  - PPD files containing "custom" option keywords did not work.
+  - Added a workaround for the scheduler's systemd support.
+  - Added a DigestOptions directive for the `client.conf` file to
+    control whether MD5-based Digest authentication is allowed.
+  - Fixed a bug in the handling of printer resource files.
+  - The libusb-based USB backend now reports an error when the
+    distribution permissions are wrong.
+  - Added paint can labels to Dymo driver.
+  - The `ippeveprinter` program now supports authentication.
+  - The `ippeveprinter` program now advertises DNS-SD services on
+    the correct interfaces, and provides a way to turn them off.
+  - The `--with-dbusdir` option was ignored by the configure
+    script.
+  - Sandboxed applications were not able to get the default
+    printer.
+  - Log file access controls were not preserved by `cupsctl`.
+  - Default printers set with `lpoptions` did not work in all
+    cases.
+  - Fixed an error in the jobs web interface template.
+  - Fixed an off-by-one error in `ippEnumString`.
+  - Fixed some new compiler warnings.
+  - Fixed a few issues with the Apple Raster support.
+  - The IPP backend did not detect all cases where a job should be
+    retried using a raster format.
+  - Fixed spelling of "fold-accordion".
+  - Fixed the default common name for TLS certificates used by
+    `ippeveprinter`.
+  - Fixed the option names used for IPP Everywhere finishing
+    options.
+  - Added support for the second roll of the DYMO Twin/DUO label
+    printers.
+  Changes in CUPS v2.3.0:
+  - CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows.
+  - Added a GPL2/LGPL2 exception to the new CUPS license terms.
+  - Fixed a bug in the scheduler job cleanup code.
+  - Fixed builds when there is no TLS library.
+  - "make" failed with GZIP options.
+  - Fixed potential excess logging from the scheduler when removing
+    job files.
+  - Fixed a NULL pointer dereference bug in `httpGetSubField2`.
+  - Added FIPS-140 workarounds for GNU TLS.
+  - The scheduler no longer provides a default value for the
+     description.
+  - The scheduler now logs jobs held for authentication using the
+    error level so it is clear what happened.
+  - The `lpadmin` command did not always update the PPD file for
+    changes to the `cupsIPPSupplies` and `cupsSNMPSupplies` keywords.
+  - The scheduler now uses both the group's membership list as well
+    as the various OS-specific membership functions to determine
+    whether a user belongs to a named group.
+  - Added USB quirks rule for HP LaserJet 1015.
+  - Fixed some PPD parser issues.
+  - The IPP parser no longer allows invalid member attributes in
+    collections.
+  - The configure script now treats the "wheel" group as a
+    potential system group.
+  - Fixed IPP buffer overflow.
+  - Fixed memory disclosure issue in the scheduler.
+  - Fixed DoS issues in the scheduler.
+  - Fixed an issue with unsupported "sides" values in the IPP
+    backend.
+  - The scheduler would restart continuously when idle and printers
+    were not shared.
+  - Fixed an issue with `EXPECT !name WITH-VALUE ...` tests.
+  - Fixed a command ordering issue in the Zebra ZPL driver.
+  - Fixed a memory leak in `ppdOpen`.
+  Changes in CUPS v2.3rc1:
+  - The `cups-config` script no longer adds extra libraries when linking 
against
+    shared libraries.
+  - The supplied example print documents have been optimized for
+    size.
+  - The `cupsctl` command now prevents setting "cups-files.conf"
+    directives.
+  - The "forbidden" message in the web interface is now explained.
+  - The footer in the web interface covered some content on small
+    displays.
+  - The libusb-based USB backend now enforces read limits,
+    improving print speed in many cases.
+  - The `ippeveprinter` command now looks for print commands in
+    the "command" subdirectory.
+  - The `ipptool` command now supports `$date-current` and
+    `$date-start` variables to insert the current and starting date
+    and time values, as well as ISO-8601 relative time values such
+    as "PT30S" for 30 seconds in the future.
+  Changes in CUPS v2.3b8
+  - Media size matching now uses a tolerance of 0.5mm.
+  - The lpadmin command would hang with a bad PPD file.
+  - Fixed a potential crash bug in cups-driverd.
+  - Fixed a performance regression with large PPDs.
+  - Fixed a memory reallocation bug in HTTP header value expansion.
+  - Timed out job submission now yields an error.
+  - Restored minimal support for the `Emulators` keyword in PPD
+    files to allow old Samsung printer drivers to continue to work.
+  - The scheduler did not encode octetString values like
+    "job-password" correctly for the print filters.
+  - The `cupsCheckDestSupported` function did not check octetString
+    values correctly.
+  - Added support for `UserAgentTokens` directive in "client.conf".
+  - Updated the systemd service file for cupsd.
+  - The `ippValidateAttribute` function did not catch all instances
+    of invalid UTF-8 strings.
+  - Fixed an issue with the self-signed certificates generated by
+    GNU TLS.
+  - Fixed a potential memory leak when reading at the end of a
+    file.
+  - Fixed potential unaligned accesses in the string pool.
+  - Fixed a potential memory leak when loading a PPD file.
+  - Added a USB quirks rule for the Lexmark E120n.
+  - Updated the USB quirks rule for Zebra label printers.
+  - The lpadmin command, web interface, and scheduler all queried
+    an IPP Everywhere printer differently, resulting in different
+    PPDs for the same printer.
+  - The web interface no longer provides access to the log files.
+  - Non-Kerberized printing to Windows via IPP was broken.
+  - The scheduler no longer stops a printer if an error occurs when
+    a job is canceled or aborted.
+  - Added a USB quirks rule for the DYMO 450 Turbo.
+  - Added a USB quirks rule for Xerox printers.
+  - The scheduler's self-signed certificate did not include all of
+    the alternate names for the server when using GNU TLS.
+  - Fixed some PPD caching and IPP Everywhere PPD
+    accounting/password bugs.
+  - Fixed `PreserveJobHistory` bug with time values.
+  - The scheduler no longer advertises the HTTP methods it
+    supports.
+  - The scheduler did not always idle exit as quickly as it could.
+  - Added a new `ippeveprinter` command based on the old ippserver
+    sample code.
+  Changes in CUPS v2.3b7
+  - Running ppdmerge with the same input and output filenames did
+    not work as advertised.
+  - Rebase let-cupsd-start-after-network.patch and
+    cups-config-libs.patch.
+  - Drop issue5509-fix-utf-8-validation-issue.patch and
+    issue5453.patch: fixed upstream.
+
+-------------------------------------------------------------------

Old:
----
  cups-2.3b6-source.tar.gz
  cups-2.3b6-source.tar.gz.sig
  issue5453.patch
  issue5509-fix-utf-8-validation-issue.patch

New:
----
  cups-2.3.3-source.tar.gz
  cups-2.3.3-source.tar.gz.sig

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ cups.spec ++++++
--- /var/tmp/diff_new_pack.5bZR0z/_old  2020-10-26 16:12:26.310723146 +0100
+++ /var/tmp/diff_new_pack.5bZR0z/_new  2020-10-26 16:12:26.314723150 +0100
@@ -23,24 +23,24 @@
 # "zypper vcmp 2.3.b99 2.3.0" shows "2.3.b99 is older than 2.3.0" and
 # "zypper vcmp 2.2.99 2.3b6" show "2.2.99 is older than 2.3b6" so that
 # version upgrades from 2.2.x via 2.3.b* to 2.3.0 work:
-Version:        2.3b6
+Version:        2.3.3
 Release:        0
 Summary:        The Common UNIX Printing System
 License:        Apache-2.0
 Group:          Hardware/Printing
 URL:            http://www.cups.org/
 # To get Source0 go to https://www.cups.org/software.html or 
https://github.com/apple/cups/releases or use e.g.
-# wget --no-check-certificate -O cups-2.3b6-source.tar.gz 
https://github.com/apple/cups/releases/download/v2.3b6/cups-2.3b6-source.tar.gz
-Source0:        
https://github.com/apple/cups/releases/download/v2.3b6/cups-2.3b6-source.tar.gz
+# wget --no-check-certificate -O cups-2.3.3-source.tar.gz 
https://github.com/apple/cups/releases/download/v2.3.3/cups-2.3.3-source.tar.gz
+Source0:        
https://github.com/apple/cups/releases/download/v2.3.3/cups-2.3.3-source.tar.gz
 # To get Source1 go to https://www.cups.org/software.html or 
https://github.com/apple/cups/releases or use e.g.
-# wget --no-check-certificate -O cups-2.3b6-source.tar.gz.sig 
https://github.com/apple/cups/releases/download/v2.3b6/cups-2.3b6-source.tar.gz.sig
-Source1:        
https://github.com/apple/cups/releases/download/v2.3b6/cups-2.3b6-source.tar.gz.sig
+# wget --no-check-certificate -O cups-2.3.3-source.tar.gz.sig 
https://github.com/apple/cups/releases/download/v2.3.3/cups-2.3.3-source.tar.gz.sig
+Source1:        
https://github.com/apple/cups/releases/download/v2.3.3/cups-2.3.3-source.tar.gz.sig
 # To get Source2 go to https://www.cups.org/pgp.html
 Source2:        cups.keyring
 # To manually verify Source0 with Source1 and Source2 do e.g.
 #   gpg --import cups.keyring
 #   gpg --list-keys | grep -1 'CUPS.org' | grep -v 'expired'
-#   gpg --verify cups-2.3b6-source.tar.gz.sig cups-2.3b6-source.tar.gz
+#   gpg --verify cups-2.3.3-source.tar.gz.sig cups-2.3.3-source.tar.gz
 Source102:      Postscript.ppd.gz
 Source105:      Postscript-level1.ppd.gz
 Source106:      Postscript-level2.ppd.gz
@@ -60,8 +60,6 @@
 Patch12:        cups-2.1.0-cups-systemd-socket.patch
 # Patch42 Let cupsd start after possible network connection (boo#1111351)
 Patch42:        let-cupsd-start-after-network.patch
-# Patch43 Fix UTF-8 validation issue (bsc#1118118, Issue #5509)
-Patch43:        issue5509-fix-utf-8-validation-issue.patch
 # Patch100...Patch999 is for private patches from SUSE which are not intended 
for upstream:
 # Patch100 cups-pam.diff adds conf/pam.suse regarding support for PAM for SUSE:
 Patch100:       cups-pam.diff
@@ -77,8 +75,6 @@
 Patch103:       cups-1.4-do_not_strip_recommended_from_PPDs.patch
 # Patch104 cups-config-libs.patch fixes option --libs in cups-config script:
 Patch104:       cups-config-libs.patch
-# Patch105 issue5453.patch fixes https://github.com/apple/cups/issues/5453
-Patch105:       issue5453.patch
 # Build Requirements:
 BuildRequires:  dbus-1-devel
 BuildRequires:  fdupes
@@ -285,7 +281,6 @@
 #patch12 -b cups-systemd-socket.orig
 # Patch42 Let cupsd start after possible network connection (boo#1111351)
 %patch42 -p0
-%patch43 -p1
 # Patch100...Patch999 is for private patches from SUSE which are not intended 
for upstream:
 # Patch100 cups-pam.diff adds conf/pam.suse regarding support for PAM for SUSE:
 %patch100 -b cups-pam.orig
@@ -301,8 +296,6 @@
 %patch103 -b do_not_strip_recommended_from_PPDs.orig
 # Patch104 cups-config-libs.patch fixes option --libs in cups-config script:
 %patch104 -b cups-config-libs.orig
-# Patch105 issue5453.patch fixes https://github.com/apple/cups/issues/5453
-%patch105 -b issue5453.orig
 
 %build
 # Remove ".SILENT" rule for verbose build output
@@ -542,6 +535,9 @@
 /usr/lib/cups/cgi-bin/help.cgi
 /usr/lib/cups/cgi-bin/jobs.cgi
 /usr/lib/cups/cgi-bin/printers.cgi
+%dir /usr/lib/cups/command
+/usr/lib/cups/command/ippevepcl
+/usr/lib/cups/command/ippeveps
 %dir /usr/lib/cups/daemon
 /usr/lib/cups/daemon/cups-deviced
 /usr/lib/cups/daemon/cups-driverd
@@ -567,6 +563,7 @@
 %doc %{_defaultdocdir}/cups
 %doc %{_mandir}/man1/cups.1.gz
 %doc %{_mandir}/man1/cupstestppd.1.gz
+%doc %{_mandir}/man1/ippeveprinter.1.gz
 %doc %{_mandir}/man5/classes.conf.5.gz
 %doc %{_mandir}/man5/client.conf.5.gz
 %doc %{_mandir}/man5/cups-snmp.conf.5.gz
@@ -580,6 +577,8 @@
 %doc %{_mandir}/man5/subscriptions.conf.5.gz
 %doc %{_mandir}/man7/backend.7.gz
 %doc %{_mandir}/man7/filter.7.gz
+%doc %{_mandir}/man7/ippevepcl.7.gz
+%doc %{_mandir}/man7/ippeveps.7.gz
 %doc %{_mandir}/man7/notifier.7.gz
 %doc %{_mandir}/man8/cups-deviced.8.gz
 %doc %{_mandir}/man8/cups-driverd.8.gz
@@ -596,6 +595,7 @@
 %files client
 %defattr(-,root,root)
 %{_bindir}/cancel
+%{_bindir}/ippeveprinter
 %{_bindir}/ippfind
 %{_bindir}/ipptool
 %{_bindir}/lp
@@ -604,7 +604,6 @@
 %{_bindir}/lpr
 %{_bindir}/lprm
 %{_bindir}/lpstat
-%{_sbindir}/accept
 %{_sbindir}/cupsaccept
 %{_sbindir}/cupsdisable
 %{_sbindir}/cupsenable
@@ -613,7 +612,6 @@
 %{_sbindir}/lpc
 %{_sbindir}/lpinfo
 %{_sbindir}/lpmove
-%{_sbindir}/reject
 %doc %{_mandir}/man1/cancel.1.gz
 %doc %{_mandir}/man1/ippfind.1.gz
 %doc %{_mandir}/man1/ipptool.1.gz
@@ -624,7 +622,6 @@
 %doc %{_mandir}/man1/lprm.1.gz
 %doc %{_mandir}/man1/lpstat.1.gz
 %doc %{_mandir}/man5/ipptoolfile.5.gz
-%doc %{_mandir}/man8/accept.8.gz
 %doc %{_mandir}/man8/cupsaccept.8.gz
 %doc %{_mandir}/man8/cupsdisable.8.gz
 %doc %{_mandir}/man8/cupsenable.8.gz
@@ -633,7 +630,6 @@
 %doc %{_mandir}/man8/lpc.8.gz
 %doc %{_mandir}/man8/lpinfo.8.gz
 %doc %{_mandir}/man8/lpmove.8.gz
-%doc %{_mandir}/man8/reject.8.gz
 
 %files devel
 %defattr(-,root,root)




++++++ cups-2.3b6-source.tar.gz -> cups-2.3.3-source.tar.gz ++++++
/work/SRC/openSUSE:Factory/cups/cups-2.3b6-source.tar.gz 
/work/SRC/openSUSE:Factory/.cups.new.3463/cups-2.3.3-source.tar.gz differ: char 
4, line 1

++++++ cups-config-libs.patch ++++++
--- /var/tmp/diff_new_pack.5bZR0z/_old  2020-10-26 16:12:26.438723263 +0100
+++ /var/tmp/diff_new_pack.5bZR0z/_new  2020-10-26 16:12:26.438723263 +0100
@@ -1,10 +1,10 @@
 --- cups-config.in.orig        2011-08-27 11:23:01.000000000 +0200
 +++ cups-config.in     2012-11-27 15:47:27.000000000 +0100
 @@ -35,7 +35,7 @@ INSTALLSTATIC=@INSTALLSTATIC@
- # flags for C++ compiler:
+ # flags for compiler and linker...
  CFLAGS=""
  LDFLAGS="@EXPORT_LDFLAGS@"
--LIBS="@LIBGSSAPI@ @EXPORT_SSLLIBS@ @LIBZ@ @LIBS@"
+-LIBS="@LIBGSSAPI@ @DNSSDLIBS@ @EXPORT_SSLLIBS@ @LIBZ@ @LIBS@"
 +LIBS=""
  
  # Check for local invocation...


++++++ let-cupsd-start-after-network.patch ++++++
--- /var/tmp/diff_new_pack.5bZR0z/_old  2020-10-26 16:12:26.466723289 +0100
+++ /var/tmp/diff_new_pack.5bZR0z/_new  2020-10-26 16:12:26.466723289 +0100
@@ -13,11 +13,12 @@
 
 --- scheduler/org.cups.cupsd.service.in
 +++ scheduler/org.cups.cupsd.service.in        2018-10-18 05:16:30.867333704 
+0000
-@@ -1,6 +1,7 @@
+@@ -1,7 +1,7 @@
  [Unit]
  Description=CUPS Scheduler
  Documentation=man:cupsd(8)
-+After=network.target
+-After=sssd.service
++After=sssd.service network.target
  
  [Service]
  ExecStart=@sbindir@/cupsd -l


Reply via email to