Hello community, here is the log from the commit of package hplip for openSUSE:Factory checked in at 2013-12-06 11:45:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/hplip (Old) and /work/SRC/openSUSE:Factory/.hplip.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "hplip" Changes: -------- --- /work/SRC/openSUSE:Factory/hplip/hplip.changes 2013-10-25 12:59:36.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.hplip.new/hplip.changes 2013-12-06 11:45:56.000000000 +0100 @@ -1,0 +2,38 @@ +Wed Dec 4 14:25:51 CET 2013 - [email protected] + +- disable_hp-upgrade.patch disables hp-upgrade/upgrade.py for + security reasons (bnc#853405). To upgrade HPLIP an openSUSE + software package manager like YaST or zypper should be used. + +------------------------------------------------------------------- +Tue Nov 26 19:33:01 UTC 2013 - [email protected] + +- Version upgrade to 3.13.11: + Added Support for the Following New Printers: + HP Color LaserJet Pro MPF M176 series + HP Color LaserJet Pro MPF M176n + HP Color LaserJet Pro MPF M177 series + HP Color LaserJet Pro MPF M177fw + HP Color LaserJet Enterprise M750 Printer series + HP Color LaserJet Enterprise M750n + HP Color LaserJet Enterprise M750dn + HP Color LaserJet Enterprise M750xh + HP Color LaserJet Enterprise M855 Printer series + HP Color LaserJet Enterprise M855dn Printer + HP Color LaserJet Enterprise M855xh Printer + HP Color LaserJet Enterprise M855x+ Printer + HP Color LaserJet Enterprise flow M880 Multifunction Printer series + HP Color LaserJet Enterprise flow M880z Multifunction Printer + HP Color LaserJet Enterprise flow M880z+ Multifunction Printer + HP LaserJet Pro MFP M127 series + HP LaserJet Pro MFP M127fn + HP LaserJet Pro MFP M127fw + HP Officejet 2620 All-in-One + HP Officejet 2621 All-in-One + HP Officejet 2622 All-in-One + Added Pin Printing support for HP LaserJet m5035 MFP device +- Added a devel package +- Update the .desktop database on install/uninstall +- Use .desktop files provided by upstream + +------------------------------------------------------------------- Old: ---- hplip-3.13.10.tar.gz hplip-3.13.10.tar.gz.asc hplip.desktop New: ---- disable_hp-upgrade.patch hplip-3.13.11.tar.gz hplip-3.13.11.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ hplip.spec ++++++ --- /var/tmp/diff_new_pack.CGHf8u/_old 2013-12-06 11:45:59.000000000 +0100 +++ /var/tmp/diff_new_pack.CGHf8u/_new 2013-12-06 11:45:59.000000000 +0100 @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + Name: hplip # BuildRequires foomatic-filters to avoid /usr/lib/rpm/brp-symlink ERROR: # link target doesn't exist (neither in build root nor in installed system): @@ -58,7 +59,7 @@ # where 'a' or 'b' do not mean 'alpha' or 'beta' but 'second' or 'third' release in the month # (usually bugfix releases have the suffix like 3.12.10a = first bugfix release for 3.12.10). # Official releases have a 3 digit number and release candidates have a 4 digit number: x.y.m.rc -Version: 3.13.10 +Version: 3.13.11 Release: 0 Url: http://hplipopensource.com # Source0...Source9 is for sources from HP: @@ -77,10 +78,10 @@ # Patch11 fix_gcc44_glib.diff is obsolete since version 3.9.6b because it is fixed in the source. # Patch12 hplip-3.9.8-CVE-2010-4267.patch fixeed a remote buffer overflow in hpmud/pml.c which # is no longer needed because it is fixed in the upstream sources in HPLIP version 3.13.7 -# Source100... is for special Suse sources: -# Source100 is the primary source for the suse_update_desktop_file stuff. +# Source100... is for special SUSE sources: +# Source100 is obsolete as upstream provides .desktop files now # It is found automatically in $RPM_SOURCE_DIR by 'suse_update_desktop_file -i hplip': -Source100: hplip.desktop +# Source100: hplip.desktop # Source101 hp-toolbox.wrapper was a wrapper for hp-toolbox which is no longer needed # see https://bugzilla.novell.com/show_bug.cgi?id=755820 # Source102 is a small man page for /usr/bin/hpijs: @@ -113,6 +114,10 @@ # the add_group function that would add the groups ('lp') to user which # would cause security issues see https://bugs.launchpad.net/bugs/1197416 # which is no longer needed because there is no longer that "chgrp" stuff in HPLIP version 3.13.10. +# Patch106 disable_hp-upgrade.patch disables hp-upgrade/upgrade.py for security reasons, +# see https://bugzilla.novell.com/show_bug.cgi?id=853405 +# To upgrade HPLIP an openSUSE software package manager like YaST or zypper should be used. +Patch106: disable_hp-upgrade.patch # Install into this non-root directory (required when norootforbuild is used): BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: coreutils @@ -124,7 +129,8 @@ # The exact matching version-release of the sub-package is available on the same # repository where the main-package is (compare the "Recommends: hplip" entry below). Requires: %{name}-hpijs = %{version}-%{release} -# Same rationale for the sane subpackage. +# Require the exact matching version-release of the sane sub-package to make sure +# to have the exact matching version of libsane-hpaio installed: Requires: %{name}-sane = %{version}-%{release} # Because foomatic-rip-hplip has CVE-2011-2697 (bnc#698451) # plus a leftover in CVE-2004-0801 (bnc#59233) @@ -314,6 +320,20 @@ with the scan drivers in HPLIP for standard HP all-in-one printers. +%package devel +Summary: Development files for hplip +Group: Development/Languages/C and C++ +# Require the exact matching version-release of the hpijs sub-package to make sure +# to have the exact matching version of libhpip and libhpmud installed: +Requires: %{name}-hpijs = %{version}-%{release} +# Require the exact matching version-release of the sane sub-package to make sure +# to have the exact matching version of libsane-hpaio installed: +Requires: %{name}-sane = %{version}-%{release} + +%description devel +This sub-package is only required by developers. + + %prep # first thing is to verify the GPG signed tarball, starting with openSUSE 12.3. %if 0%{?suse_version} > 1220 @@ -327,6 +347,10 @@ # in distros.dat for SUSE distros to avoid security issues when ports in the firewall # get opened. see https://bugs.launchpad.net/bugs/426161 %patch104 -b .do_not_open_mdns_port.orig +# Patch106 disable_hp-upgrade.patch disables hp-upgrade/upgrade.py for security reasons, +# see https://bugzilla.novell.com/show_bug.cgi?id=853405 +# To upgrade HPLIP an openSUSE software package manager like YaST or zypper should be used. +%patch106 -b .disable_hp-upgrade.orig %build # If AUTOMAKE='automake --foreign' is not set, autoreconf (in fact automake) @@ -486,18 +510,8 @@ # /usr/lib/cups/filter/foomatic-rip-hplip # which points to foomatic-rip is installed: ln -s ../../../bin/foomatic-rip %{buildroot}/usr/lib/cups/filter/foomatic-rip-hplip -# Begin "Desktop menue entry stuff": -# Install /usr/share/hplip/data/images/64x64/hp_logo.png as desktop icon file -# because it is used in the hplip.desktop.in and hplip-systray.desktop.in sources: -install -D -m 644 %{buildroot}%{_datadir}/hplip/data/images/32x32/hp_logo.png %{buildroot}%{_datadir}/icons/hicolor/32x32/apps/HPmenu.png -install -D -m 644 %{buildroot}%{_datadir}/hplip/data/images/64x64/hp_logo.png %%{buildroot}%{_datadir}/icons/hicolor/64x64/apps/HPmenu.png -install -D -m 644 %{buildroot}%{_datadir}/hplip/data/images/128x128/hp_logo.png %{buildroot}%{_datadir}/icons/hicolor/128x128/apps/HPmenu.png -install -D -m 644 %{buildroot}%{_datadir}/hplip/data/images/256x256/hp_logo.png %{buildroot}%{_datadir}/icons/hicolor/256x256/apps/HPmenu.png -# Set up and install the desktop menue entry stuff using "Categories=System;Monitor;" -# and remove HP's hplip.desktop and hplip-systray.desktop files before because we use Source100: -# (additionally there is/was a typo in HP's install because of the trailing blank at 'applications ') -rm %{buildroot}%{_datadir}/applications/hplip*.desktop -%suse_update_desktop_file -i %{name} System HardwareSettings Printing +# Replace the invalid Desktop categories +%suse_update_desktop_file -r %{buildroot}%{_datadir}/applications/hplip.desktop System HardwareSettings # Let suse_update_desktop_file add X-SuSE-translate key to /etc/xdg/autostart/hplip-systray.desktop # so that we can update its translations with translation-only packages. %suse_update_desktop_file %{buildroot}/etc/xdg/autostart/hplip-systray.desktop @@ -517,6 +531,9 @@ %fdupes -s %{buildroot}/%{_datadir}/hplip/data/images %post +%if 0%{?suse_version} >= 1140 +%desktop_database_post +%endif %if 0%{?suse_version} > 1130 %icon_theme_cache_post %else @@ -551,6 +568,9 @@ exit 0 %postun +%if 0%{?suse_version} >= 1140 +%desktop_database_postun +%endif %if 0%{?suse_version} > 1130 %icon_theme_cache_postun %else @@ -636,7 +656,6 @@ %dir /usr/lib/cups/filter /usr/lib/cups/filter/hpcupsfax %doc %{_defaultdocdir}/%{name}/ -%{_datadir}/icons/hicolor/*/apps/HPmenu.png %{_datadir}/applications/%{name}.desktop %{_datadir}/hplip/ %exclude %{_datadir}/hplip/data/models/models.dat @@ -648,8 +667,8 @@ %config %{_sysconfdir}/cups/pstotiff.types %{_bindir}/hpijs %doc %{_mandir}/man1/hpijs.1.gz -%{_libdir}/libhpip.* -%{_libdir}/libhpmud.* +%{_libdir}/libhpip.so.* +%{_libdir}/libhpmud.so.* %dir /usr/lib/cups %dir /usr/lib/cups/backend /usr/lib/cups/backend/hp @@ -676,6 +695,14 @@ %files sane %defattr(-, root, root) %dir %{_libdir}/sane -%{_libdir}/sane/libsane-hpaio.* +%{_libdir}/sane/libsane-hpaio.so.* + +%files devel +%defattr(-, root, root) +%{_libdir}/libhpip.so +%{_libdir}/libhpmud.so +%{_libdir}/*.la +%{_libdir}/sane/libsane-hpaio.so +%{_libdir}/sane/*.la %changelog ++++++ disable_hp-upgrade.patch ++++++ --- upgrade.py.orig 2013-10-31 12:46:54.000000000 +0100 +++ upgrade.py 2013-12-04 14:58:03.000000000 +0100 @@ -134,6 +134,11 @@ except getopt.GetoptError, e: if os.getenv("HPLIP_DEBUG"): log.set_level('debug') + +log.error("HPLIP upgrade is disabled by openSUSE for security reasons, see https://bugzilla.novell.com/show_bug.cgi?id=853405 - if you like to upgrade HPLIP, use an openSUSE software package manager like YaST or zypper.") +clean_exit(1) + + for o, a in opts: if o in ('-h', '--help'): usage() ++++++ hplip-3.13.10.tar.gz -> hplip-3.13.11.tar.gz ++++++ /work/SRC/openSUSE:Factory/hplip/hplip-3.13.10.tar.gz /work/SRC/openSUSE:Factory/.hplip.new/hplip-3.13.11.tar.gz differ: char 5, line 1 -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
