Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Control: tags -1 + pending On Fri, 2017-07-21 at 14:59 +0200, Didier 'OdyX' Raboud wrote: > Le mardi, 27 juin 2017, 20.32:11 h CEST Cyril Brulebois a écrit : > > Assuming that this was successfully tested (including by setting those > > two options to restore support for insecure crypto) on a jessie system, > > and once you've fixed the codename in debian/changelog (you want jessie > > rather than jessie-security), feel free to upload. > > Uploaded now after testing. I also fixed a typo in the changelog: AllowSSLv3 > vs AllowSSL3 (superfluous 'v'). Flagged for acceptance. Regards, Adam
Processed: Re: Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Processing control commands: > tags -1 + pending Bug #840643 [release.debian.org] jessie-pu: package cups/1.7.5-11+deb8u1 Added tag(s) pending. -- 840643: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840643 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Le mardi, 27 juin 2017, 20.32:11 h CEST Cyril Brulebois a écrit : > Assuming that this was successfully tested (including by setting those > two options to restore support for insecure crypto) on a jessie system, > and once you've fixed the codename in debian/changelog (you want jessie > rather than jessie-security), feel free to upload. Uploaded now after testing. I also fixed a typo in the changelog: AllowSSLv3 vs AllowSSL3 (superfluous 'v'). Sorry for the delay. Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Control: tag -1 confirmed Hi, Didier 'OdyX' Raboud (2017-01-31): > That's Ubuntu's patch as released in their 1.7.2-0ubuntu1.7 trusty-security > upload from Nov 2015, fixing [LP:1505328], written by Bryan Quigley and > reviewed by their security team member Marc Deslauriers. But they arguably > missed that wrong documentation change, indeed. > > Updated debdiff attached. Assuming that this was successfully tested (including by setting those two options to restore support for insecure crypto) on a jessie system, and once you've fixed the codename in debian/changelog (you want jessie rather than jessie-security), feel free to upload. Thanks. KiBi. signature.asc Description: Digital signature
Processed: Re: Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Processing control commands: > tag -1 confirmed Bug #840643 [release.debian.org] jessie-pu: package cups/1.7.5-11+deb8u1 Added tag(s) confirmed. -- 840643: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840643 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Processing control commands: > tags -1 -moreinfo Bug #840643 [release.debian.org] jessie-pu: package cups/1.7.5-11+deb8u1 Removed tag(s) moreinfo. -- 840643: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840643 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Control: tags -1 -moreinfo Hi there Adam, Le samedi, 28 janvier 2017, 17.15:32 h CET Adam D. Barratt a écrit : > On Tue, 2016-12-20 at 09:20 +0100, Didier 'OdyX' Raboud wrote: > > Le samedi, 17 décembre 2016, 11.38:59 h CET Julien Cristau a écrit : > > > The debdiff is the one we tend to look at, but it looks like it was not > > > attached. > > > > Indeed, sorry. Here it comes. > > +--- a/doc/help/ref-cupsd-conf.html.in > b/doc/help/ref-cupsd-conf.html.in > +@@ -2004,23 +2004,23 @@ > + variable that should be passed to child processes. > + > + > +-SSLListen > ++SSLOptions > + > + Examples > + > + > +-SSLListen 127.0.0.1:443 > +-SSLListen 192.0.2.1:443 > ++SSLOptions 127.0.0.1:443 > ++SSLOptions 192.0.2.1:443 > + > > This looks wrong, as do the remainder of the changes to that hunk of the > diff. That's Ubuntu's patch as released in their 1.7.2-0ubuntu1.7 trusty-security upload from Nov 2015, fixing [LP:1505328], written by Bryan Quigley and reviewed by their security team member Marc Deslauriers. But they arguably missed that wrong documentation change, indeed. Updated debdiff attached. -- OdyX [LP:1505328] https://bugs.launchpad.net/ubuntu/+source/cups/+bug/1505328diff -Nru cups-1.7.5/debian/changelog cups-1.7.5/debian/changelog --- cups-1.7.5/debian/changelog 2015-06-09 09:45:50.0 +0200 +++ cups-1.7.5/debian/changelog 2016-10-10 10:05:10.0 +0200 @@ -1,3 +1,13 @@ +cups (1.7.5-11+deb8u2) jessie-security; urgency=high + + * Disable SSLv3 and RC4 by default to address POODLE vulnerability +(Closes: #839226) +- Implement SSLOptions to permit the use of AllowSSLv3 and AllowRC4 + respectively + * Refresh patches + + -- Didier Raboud Mon, 10 Oct 2016 10:05:10 +0200 + cups (1.7.5-11+deb8u1) jessie-security; urgency=high * Import 1.7 upstream fix for CERT VU#810572: Privilege escalation through diff -Nru cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch --- cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch 2016-10-10 10:05:10.0 +0200 @@ -27,7 +27,7 @@ LaunchdTimeout = 10; --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -246,6 +246,9 @@ +@@ -248,6 +248,9 @@ /* SSL/TLS options */ #endif /* HAVE_SSL */ diff -Nru cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch --- cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch 2016-10-10 10:05:10.0 +0200 @@ -21,7 +21,7 @@ LaunchdTimeout = 10; --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -251,6 +251,9 @@ +@@ -253,6 +253,9 @@ VAR int IdleExitTimeout VALUE(0); /* Time after which an idle cupsd will exit */ @@ -51,7 +51,7 @@ #endif /* HAVE_SYSTEMD */ --- a/man/cupsd.conf.man.in +++ b/man/cupsd.conf.man.in -@@ -521,6 +521,12 @@ +@@ -528,6 +528,12 @@ "notify-events", "notify-pull-method", "notify-recipient-uri", "notify-subscriber-user-name", and "notify-user-data". .TP 5 diff -Nru cups-1.7.5/debian/patches/log-debug-history-nearly-unlimited.patch cups-1.7.5/debian/patches/log-debug-history-nearly-unlimited.patch --- cups-1.7.5/debian/patches/log-debug-history-nearly-unlimited.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/log-debug-history-nearly-unlimited.patch 2016-10-10 10:05:10.0 +0200 @@ -13,7 +13,7 @@ LogTimeFormat= CUPSD_TIME_STANDARD; --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -166,7 +166,7 @@ +@@ -168,7 +168,7 @@ /* Allow overrides? */ ConfigFilePerm VALUE(0640), /* Permissions for config files */ diff -Nru cups-1.7.5/debian/patches/pidfile.patch cups-1.7.5/debian/patches/pidfile.patch --- cups-1.7.5/debian/patches/pidfile.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/pidfile.patch 2016-10-10 10:05:10.0 +0200 @@ -24,7 +24,7 @@ if (!strcmp(CUPS_DEFAULT_PRINTCAP, "/etc/printers.conf")) PrintcapFormat = PRINTCAP_SOLARIS; -@@ -,6 +3335,7 @@ +@@ -3370,6 +3372,7 @@ !_cups_strcasecmp(line, "SystemGroup") || !_cups_strcasecmp(line, "SystemGroupAuthKey") || !_cups_strcasecmp(line, "TempDir") || @@ -34,7 +34,7 @@ cupsdLogMessage(CUPSD_LOG_INFO, --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -245,6 +245,8 @@ +@@ -247,6 +247,8 @@ VAR int SSLOptions VALUE(CUPSD_SSL_NONE); /* SSL/TLS options */ #endif /* HAVE_SSL */ diff -Nru cups-1.7.5/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch cups-1.7.5/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch --- cups-1.7.5/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patc
Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Control: tags -1 + moreinfo On Tue, 2016-12-20 at 09:20 +0100, Didier 'OdyX' Raboud wrote: > Control: tag -1 -moreinfo > > Le samedi, 17 décembre 2016, 11.38:59 h CET Julien Cristau a écrit : > > > - and debdiff > > > cups_1.7.5-11+deb8u2.debdiff > > > > The debdiff is the one we tend to look at, but it looks like it was not > > attached. > > Indeed, sorry. Here it comes. +--- a/doc/help/ref-cupsd-conf.html.in b/doc/help/ref-cupsd-conf.html.in +@@ -2004,23 +2004,23 @@ + variable that should be passed to child processes. + + +-SSLListen ++SSLOptions + + Examples + + +-SSLListen 127.0.0.1:443 +-SSLListen 192.0.2.1:443 ++SSLOptions 127.0.0.1:443 ++SSLOptions 192.0.2.1:443 + This looks wrong, as do the remainder of the changes to that hunk of the diff. Regards, Adam
Processed: Re: Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Processing control commands: > tags -1 + moreinfo Bug #840643 [release.debian.org] jessie-pu: package cups/1.7.5-11+deb8u1 Added tag(s) moreinfo. -- 840643: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840643 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Processing control commands: > tag -1 -moreinfo Bug #840643 [release.debian.org] jessie-pu: package cups/1.7.5-11+deb8u1 Removed tag(s) moreinfo. -- 840643: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840643 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Control: tag -1 -moreinfo Le samedi, 17 décembre 2016, 11.38:59 h CET Julien Cristau a écrit : > > - and debdiff > > cups_1.7.5-11+deb8u2.debdiff > > The debdiff is the one we tend to look at, but it looks like it was not > attached. Indeed, sorry. Here it comes. -- Cheers, OdyXdiff -Nru cups-1.7.5/debian/changelog cups-1.7.5/debian/changelog --- cups-1.7.5/debian/changelog 2015-06-09 09:45:50.0 +0200 +++ cups-1.7.5/debian/changelog 2016-10-10 10:05:10.0 +0200 @@ -1,3 +1,13 @@ +cups (1.7.5-11+deb8u2) jessie-security; urgency=high + + * Disable SSLv3 and RC4 by default to address POODLE vulnerability +(Closes: #839226) +- Implement SSLOptions to permit the use of AllowSSLv3 and AllowRC4 + respectively + * Refresh patches + + -- Didier Raboud Mon, 10 Oct 2016 10:05:10 +0200 + cups (1.7.5-11+deb8u1) jessie-security; urgency=high * Import 1.7 upstream fix for CERT VU#810572: Privilege escalation through diff -Nru cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch --- cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch 2016-10-10 09:55:05.0 +0200 @@ -27,7 +27,7 @@ LaunchdTimeout = 10; --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -246,6 +246,9 @@ +@@ -248,6 +248,9 @@ /* SSL/TLS options */ #endif /* HAVE_SSL */ diff -Nru cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch --- cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch 2016-10-10 09:55:10.0 +0200 @@ -21,7 +21,7 @@ LaunchdTimeout = 10; --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -251,6 +251,9 @@ +@@ -253,6 +253,9 @@ VAR int IdleExitTimeout VALUE(0); /* Time after which an idle cupsd will exit */ @@ -51,7 +51,7 @@ #endif /* HAVE_SYSTEMD */ --- a/man/cupsd.conf.man.in +++ b/man/cupsd.conf.man.in -@@ -521,6 +521,12 @@ +@@ -528,6 +528,12 @@ "notify-events", "notify-pull-method", "notify-recipient-uri", "notify-subscriber-user-name", and "notify-user-data". .TP 5 diff -Nru cups-1.7.5/debian/patches/log-debug-history-nearly-unlimited.patch cups-1.7.5/debian/patches/log-debug-history-nearly-unlimited.patch --- cups-1.7.5/debian/patches/log-debug-history-nearly-unlimited.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/log-debug-history-nearly-unlimited.patch 2016-10-10 09:55:09.0 +0200 @@ -13,7 +13,7 @@ LogTimeFormat= CUPSD_TIME_STANDARD; --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -166,7 +166,7 @@ +@@ -168,7 +168,7 @@ /* Allow overrides? */ ConfigFilePerm VALUE(0640), /* Permissions for config files */ diff -Nru cups-1.7.5/debian/patches/pidfile.patch cups-1.7.5/debian/patches/pidfile.patch --- cups-1.7.5/debian/patches/pidfile.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/pidfile.patch 2016-10-10 09:55:08.0 +0200 @@ -24,7 +24,7 @@ if (!strcmp(CUPS_DEFAULT_PRINTCAP, "/etc/printers.conf")) PrintcapFormat = PRINTCAP_SOLARIS; -@@ -,6 +3335,7 @@ +@@ -3370,6 +3372,7 @@ !_cups_strcasecmp(line, "SystemGroup") || !_cups_strcasecmp(line, "SystemGroupAuthKey") || !_cups_strcasecmp(line, "TempDir") || @@ -34,7 +34,7 @@ cupsdLogMessage(CUPSD_LOG_INFO, --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -245,6 +245,8 @@ +@@ -247,6 +247,8 @@ VAR int SSLOptions VALUE(CUPSD_SSL_NONE); /* SSL/TLS options */ #endif /* HAVE_SSL */ diff -Nru cups-1.7.5/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch cups-1.7.5/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch --- cups-1.7.5/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch 2016-10-10 09:55:07.0 +0200 @@ -11,7 +11,7 @@ --- a/scheduler/ipp.c +++ b/scheduler/ipp.c -@@ -8249,6 +8249,11 @@ +@@ -8206,6 +8206,11 @@ ipp_attribute_t *attr, /* Current attribute */ *attr2, /* Job attribute */ *prev2; /* Previous job attribute */ @@ -23,7 +23,7 @@ /* -@@ -8310,6 +8315,85 @@ +@@ -8267,6 +8272,85 @@ } /* diff -Nru cups-1.7.5/debian/patches/series cups-1.7.5/debian/patches/series --- cups-1.7.5/debian/patches/series 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/series 2016-10-10 09:54:51.0 +0200 @@ -6,6 +6,7 @@ str4500-cupsGetPPD3-Only-use-symlink-if-file-is-readable-STR.patch str4551-fix-buffer-overflow-in-cupsRasterReadPixels.patch str4609-prevent-privilege-escalation
Processed: Re: Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Processing control commands: > tag -1 moreinfo Bug #840643 [release.debian.org] jessie-pu: package cups/1.7.5-11+deb8u1 Added tag(s) moreinfo. -- 840643: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840643 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Control: tag -1 moreinfo On Thu, Oct 13, 2016 at 16:28:58 +0200, Didier 'OdyX' Raboud wrote: > We've been made aware that CUPS' SSL as of Jessie (and Wheezy, but I'll see > this with the LTS team) is vulnerable to POODLE. > > Here come: > - patch; > str4476-disable-sslv3-and-rc4-by-default.patch > - git commit series; > 0001-Disable-SSLv3-and-RC4-by-default-to-address-POODLE-v.patch > 0002-Refresh-patches.patch > 0003-cups-1.7.5-11-deb8u2-Debian-release.patch > - and debdiff > cups_1.7.5-11+deb8u2.debdiff > The debdiff is the one we tend to look at, but it looks like it was not attached. Cheers, Julien
Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu We've been made aware that CUPS' SSL as of Jessie (and Wheezy, but I'll see this with the LTS team) is vulnerable to POODLE. Here come: - patch; str4476-disable-sslv3-and-rc4-by-default.patch - git commit series; 0001-Disable-SSLv3-and-RC4-by-default-to-address-POODLE-v.patch 0002-Refresh-patches.patch 0003-cups-1.7.5-11-deb8u2-Debian-release.patch - and debdiff cups_1.7.5-11+deb8u2.debdiff Thanks for your consideration -- Cheers, OdyX >From c2aabd5199b3acb0a1b4f3b4866ef87dc8cd6e68 Mon Sep 17 00:00:00 2001 From: Didier Raboud Date: Mon, 10 Oct 2016 10:05:10 +0200 Subject: [PATCH 3/3] cups 1.7.5-11+deb8u2 Debian release --- debian/changelog | 10 ++ 1 file changed, 10 insertions(+) diff --git a/debian/changelog b/debian/changelog index bff361e..01fb495 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,13 @@ +cups (1.7.5-11+deb8u2) jessie-security; urgency=high + + * Disable SSLv3 and RC4 by default to address POODLE vulnerability +(Closes: #839226) +- Implement SSLOptions to permit the use of AllowSSLv3 and AllowRC4 + respectively + * Refresh patches + + -- Didier Raboud Mon, 10 Oct 2016 10:05:10 +0200 + cups (1.7.5-11+deb8u1) jessie-security; urgency=high * Import 1.7 upstream fix for CERT VU#810572: Privilege escalation through -- 2.9.3 >From c5d8f701e8d3cd9dc927705d16c31878bae0b5b0 Mon Sep 17 00:00:00 2001 From: Didier Raboud Date: Mon, 10 Oct 2016 10:03:37 +0200 Subject: [PATCH 2/3] Refresh patches --- debian/patches/cupsd-idleexittimeout-systemd.patch| 4 ++-- debian/patches/cupsd-idleexittimeout.patch| 2 +- debian/patches/log-debug-history-nearly-unlimited.patch | 2 +- debian/patches/pidfile.patch | 4 ++-- ...bedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch | 4 ++-- debian/patches/systemd-optional-socket-activation.patch | 2 +- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/debian/patches/cupsd-idleexittimeout-systemd.patch b/debian/patches/cupsd-idleexittimeout-systemd.patch index 4abc692..8800658 100644 --- a/debian/patches/cupsd-idleexittimeout-systemd.patch +++ b/debian/patches/cupsd-idleexittimeout-systemd.patch @@ -21,7 +21,7 @@ Last-Update: 2014-10-23 LaunchdTimeout = 10; --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -251,6 +251,9 @@ +@@ -253,6 +253,9 @@ VAR int IdleExitTimeout VALUE(0); /* Time after which an idle cupsd will exit */ @@ -51,7 +51,7 @@ Last-Update: 2014-10-23 #endif /* HAVE_SYSTEMD */ --- a/man/cupsd.conf.man.in +++ b/man/cupsd.conf.man.in -@@ -521,6 +521,12 @@ +@@ -528,6 +528,12 @@ "notify-events", "notify-pull-method", "notify-recipient-uri", "notify-subscriber-user-name", and "notify-user-data". .TP 5 diff --git a/debian/patches/cupsd-idleexittimeout.patch b/debian/patches/cupsd-idleexittimeout.patch index c799b3c..9f5f3b4 100644 --- a/debian/patches/cupsd-idleexittimeout.patch +++ b/debian/patches/cupsd-idleexittimeout.patch @@ -27,7 +27,7 @@ Last-Update: 2014-06-04 LaunchdTimeout = 10; --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -246,6 +246,9 @@ +@@ -248,6 +248,9 @@ /* SSL/TLS options */ #endif /* HAVE_SSL */ diff --git a/debian/patches/log-debug-history-nearly-unlimited.patch b/debian/patches/log-debug-history-nearly-unlimited.patch index 25378cb..fc66d3e 100644 --- a/debian/patches/log-debug-history-nearly-unlimited.patch +++ b/debian/patches/log-debug-history-nearly-unlimited.patch @@ -13,7 +13,7 @@ Author: till.kamppe...@gmail.com LogTimeFormat= CUPSD_TIME_STANDARD; --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -166,7 +166,7 @@ +@@ -168,7 +168,7 @@ /* Allow overrides? */ ConfigFilePerm VALUE(0640), /* Permissions for config files */ diff --git a/debian/patches/pidfile.patch b/debian/patches/pidfile.patch index 9496ed1..90bc57b 100644 --- a/debian/patches/pidfile.patch +++ b/debian/patches/pidfile.patch @@ -24,7 +24,7 @@ Last-Update: 2012-11-29 if (!strcmp(CUPS_DEFAULT_PRINTCAP, "/etc/printers.conf")) PrintcapFormat = PRINTCAP_SOLARIS; -@@ -,6 +3335,7 @@ +@@ -3370,6 +3372,7 @@ !_cups_strcasecmp(line, "SystemGroup") || !_cups_strcasecmp(line, "SystemGroupAuthKey") || !_cups_strcasecmp(line, "TempDir") || @@ -34,7 +34,7 @@ Last-Update: 2012-11-29 cupsdLogMessage(CUPSD_LOG_INFO, --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -245,6 +245,8 @@ +@@ -247,6 +247,8 @@ VAR int SSLOptions VALUE(CUPSD_SSL_NONE); /* SSL/TLS options */ #endif /* HAVE_SSL */ diff --git a/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch b/debian/patches/read-embedded-options-from-incoming-postscript-and-add