dwww Home | Show directory contents | Find package

cups (2.4.7-1.2ubuntu7.14) noble-security; urgency=medium

  * SECURITY REGRESSION: crash with large printer PPD (LP: #2156339)
    - debian/patches/misc-fix-1-2.patch: Make sure we have room for another
      space in cups/raster-error.c.
    - unknown
  * SECURITY REGRESSION: off-by-one write copying snmp supply names
    - debian/patches/CVE-2026-41079-2.patch: Increase supply name buffer by 1
      byte in backend/snmp-supplies.c.
    - CVE-2026-41079

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 11 Jun 2026 10:49:47 -0400

cups (2.4.7-1.2ubuntu7.13) noble-security; urgency=medium

  * SECURITY UPDATE: authorization bypass vulnerability
    - debian/patches/CVE-2026-27447-1.patch: The scheduler treated local user
      and group names as case-insensitive. in scheduler/auth.c.
    - debian/patches/CVE-2026-27447-2.patch: Fix cupsd crash if user does not
      exist on server in scheduler/auth.c.
    - debian/patches/CVE-2026-27447-3.patch: Fix unauthenticated print policies
      (Issue #1557) in scheduler/auth.c.
    - CVE-2026-27447
  * SECURITY UPDATE: RSS notifier path traversal issue 
    - debian/patches/CVE-2026-34978.patch: Fix RSS notifier. in notifier/rss.c,
      scheduler/ipp.c.
    - CVE-2026-34978
  * SECURITY UPDATE: heap overflow in building filter option strings
    - debian/patches/CVE-2026-34979-1.patch: Expand allocation of options
      string. in scheduler/job.c.
    - debian/patches/CVE-2026-34979-2.patch: Fix get_options regression (Issue
      #1532) in scheduler/job.c, test/5.5-lp.sh.
    - CVE-2026-34979
  * SECURITY UPDATE: embedded newline issue in print jobs
    - debian/patches/CVE-2026-34980-1.patch: Filter out control characters from
      option values. in scheduler/job.c.
    - debian/patches/CVE-2026-34980-2.patch: Fix filter PPD keyword processing
      (Issue #1562) in scheduler/job.c.
    - CVE-2026-34980
  * SECURITY UPDATE: incorrectly accepts local certificates over the
    loopback interface
    - debian/patches/CVE-2026-34990-1.patch: Don't allow local certificates over
      the loopback interface, drop support for writing to plain files. in
      cups/auth.c, scheduler/auth.c, scheduler/client.c, scheduler/ipp.c,
      scheduler/job.c, test/4.2-cups-printer-ops.test, test/5.1-lpadmin.sh.
    - debian/patches/CVE-2026-34990-2.patch: Fix builds against GSSAPI
      (Kerberos) in cups/auth.c.
    - CVE-2026-34990
  * SECURITY UPDATE: integer underflow in _ppdCreateFromIPP()
    - debian/patches/CVE-2026-39314.patch: Range check job-password-supported.
      in cups/ppd-cache.c.
    - CVE-2026-39314
  * SECURITY UPDATE: use-after-free when temp printers are deleted
    - debian/patches/CVE-2026-39316.patch: Expire per-printer subscriptions
      before deleting. in scheduler/printers.c.
    - CVE-2026-39316
  * SECURITY UPDATE: OOB read via SNMP response
    - debian/patches/CVE-2026-41079.patch: Limit num_bytes for SNMP string
      values. in cups/snmp-private.h, cups/snmp.c.
    - CVE-2026-41079
  * Miscellaneous additional fixes:
    - debian/patches/misc-fix-1.patch: Improve page header validation in
      cupsRasterReadHeader in cups/raster-error.c, cups/raster-stream.c.
    - debian/patches/misc-fix-2.patch: Protect against a driver reporting a
      supply type with a trailing '-'. in scheduler/printers.c.
    - debian/patches/misc-fix-3.patch: Range check cupsBytesPerLine in
      rastertoepson. in filter/rastertoepson.c.
    - debian/patches/misc-fix-4.patch: Sanity check HWResolution when writing
      Apple Raster. in cups/raster-stream.c.
    - debian/patches/misc-fix-5.patch: Protect against deep collection values
      (Issue #1539) in cups/cups-private.h, cups/dest-options.c, cups/encode.c.
    - debian/patches/misc-fix-6.patch: Update processing of LimitRequestBody,
      MaxLogSize, and MaxRequestSize to support full range of file sizes in
      scheduler/conf.c, scheduler/conf.h.
    - debian/patches/misc-fix-6-2.patch: Fix builds on systems that don't define
      OFF_MAX in scheduler/conf.c.
    - debian/patches/misc-fix-7.patch: Fix blank line detection in rastertolabel
      in filter/rastertolabel.c.
    - debian/patches/misc-fix-8.patch: Add buffer size check from CUPS 2.5.x to
      _ippFileReadToken (Issue #1542) in cups/ipp-file.c.
    - debian/patches/misc-fix-9.patch: Fix regression in
      cupsRasterRead/WriteHeader. in cups/raster-stream.c.
  * debian/tests/utils/test-drivers: disable most tests since the security
    update no longer accepts writing to files. Needs to be adapted. Taken
    from 2.4.18-1.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 05 Jun 2026 09:38:55 -0400

cups (2.4.7-1.2ubuntu7.9) noble-security; urgency=medium

  * SECURITY UPDATE: Slow client communication leads to a possible DoS
    attack
    - debian/patches/CVE-2025-58436-1.patch: fix unresponsive cupsd process
      caused by a slow client in cups/http-private.h, cups/http.c,
      cups/tls-openssl.c, scheduler/client.c, scheduler/client.h,
      scheduler/select.c.
    - debian/patches/CVE-2025-58436-2.patch: fix an infinite loop issue in
      GTK+ in cups/http.c.
    - CVE-2025-58436
  * SECURITY REGRESSION: issue with invalid configuration (LP: #2133207)
    - debian/patches/lp2133207.patch: fix stopping scheduler on unknown
      directive in scheduler/conf.c.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 03 Dec 2025 09:43:23 -0500

cups (2.4.7-1.2ubuntu7.7) noble-security; urgency=medium

  * SECURITY UPDATE: Local denial-of-service via cupsd.conf update and
    related issues
    - debian/patches/CVE-2025-61915.patch: fix various issues in cupsd in
      conf/cups-files.conf.in, config-scripts/cups-defaults.m4,
      config.h.in, configure, doc/help/man-cups-files.conf.html,
      man/cups-files.conf.5, scheduler/auth.c, scheduler/auth.h,
      scheduler/client.c, scheduler/conf.c, test/run-stp-tests.sh,
      vcnet/config.h, xcode/CUPS.xcodeproj/project.pbxproj, xcode/config.h.
    - CVE-2025-61915

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 19 Nov 2025 09:25:04 -0500

cups (2.4.7-1.2ubuntu7.4) noble-security; urgency=medium

  * SECURITY UPDATE: authorization bypass
    - d/p/CVE-2025-58060.patch: only allow basic and kerberos authentication
      if it is enabled.
    - CVE-2025-58060
  * SECURITY UPDATE: remote DoS
    - d/p/CVE-2025-58364.patch: fix null dereference in ipp_read_io().
    - CVE-2025-58364

 -- Eduardo Barretto <eduardo.barretto@canonical.com>  Fri, 05 Sep 2025 17:58:36 +0200

cups (2.4.7-1.2ubuntu7.3) noble-security; urgency=medium

  * SECURITY UPDATE: PPD injection issues (LP: #2082335)
    - debian/patches/sec-202409-1.patch: validate URIs, attribute names,
      and capabilities in cups/ppd-cache.c, scheduler/ipp.c.
    - debian/patches/sec-202409-2.patch: sanitize make and model in
      cups/ppd-cache.c.
    - debian/patches/sec-202409-3.patch: PPDize preset and template names
      in cups/ppd-cache.c.
    - debian/patches/sec-202409-4.patch: quote PPD localized strings in
      cups/ppd-cache.c.
    - debian/patches/sec-202409-5.patch: fix warnings in cups/ppd-cache.c.
    - CVE number pending

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 26 Sep 2024 07:15:36 -0400

cups (2.4.7-1.2ubuntu7.2) noble-security; urgency=medium

  * SECURITY REGRESSION: early exit on missing listen directive
    - d/p/fix-scheduler-start-if-only-domain-socket-to-listen.patch: don't
      exit if no valid Listen or Port found (LP: #2070315)

 -- Sudhakar Verma <sudhakar.verma@canonical.com>  Thu, 27 Jun 2024 19:17:32 +0530

cups (2.4.7-1.2ubuntu7.1) noble-security; urgency=medium

  * SECURITY UPDATE: cupsd listen arbitrary chmod 0140777
    - debian/patches/CVE-2024-35235.patch: validate status of unlink and bind
      in cups/http-addr.c
    - CVE-2024-35235

 -- Sudhakar Verma <sudhakar.verma@canonical.com>  Fri, 21 Jun 2024 13:37:25 +0530

cups (2.4.7-1.2ubuntu7) noble; urgency=low

  * Another fix for crash caused by the fix of the background polling of
    printer capability information in ...ubuntu4. Added also commit 6aeb03b
    from 2.4.x GIT branch to the patch (LP: #2060692, Upstream issue #934,
    pull request #935).

 -- Till Kamppeter <till.kamppeter@gmail.com>  Fri, 12 Apr 2024 22:13:19 +0200

cups (2.4.7-1.2ubuntu6) noble; urgency=low

  * Fix crash caused by the fix of the background polling of printer
    capability information in ...ubuntu4. Added commit 2e65a35 from 2.4.x
    GIT branch to the patch (LP: #2060692, Upstream issue #934, pull
    request #937).
  * Backported upstream commits 939368f from 2.4.x GIT branch, to
    fix the auto-repeating of a job in Raster mode when failed printing
    in PDF mode, due to printer-internal bug/incompatibility (Upstream
    issue #391).

 -- Till Kamppeter <till.kamppeter@gmail.com>  Thu, 11 Apr 2024 23:23:19 +0200

cups (2.4.7-1.2ubuntu5) noble; urgency=low

  * Longer timeout for Avahi resolving for cupsGetDests() API function, used
    by "lpstat -l -e" (Upstream issues #47, #751, fix is already in place
    in the CUPS Snap).

 -- Till Kamppeter <till.kamppeter@gmail.com>  Sat,  6 Apr 2024 00:05:19 +0200

cups (2.4.7-1.2ubuntu4) noble; urgency=low

  * Backported upstream commits 6c6e1b0, ff16dab, and df3718b from 2.4.x GIT
    branch, to
    - Fix race condition due to removal of temporary queue while still accessing
      it. Now timeout clock is reset on every access, temporary queues not
      created if there is a permanent queue to the same printer, temporary queues
      expire after 5 min instead of 1 min (Upstream issue #871).
    - Fix temporary queue appearing as raw queue while CUPS is still polling
      the capability information from the printer. This breaks print dialogs and
      printing itself. Now queue creation is deleayed until the PPD is ready
      (Upstream issue #347).

 -- Till Kamppeter <till.kamppeter@gmail.com>  Fri,  5 Apr 2024 22:48:19 +0200

cups (2.4.7-1.2ubuntu3) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <steve.langasek@ubuntu.com>  Sun, 31 Mar 2024 07:31:09 +0000

cups (2.4.7-1.2ubuntu2) noble; urgency=low

  * Remove Debian's own (broken) cups.pc file, CUPS has it upstreanm from
    2.4.6 on (LP: #2059157).

 -- Till Kamppeter <till.kamppeter@gmail.com>  Tue, 26 Mar 2024 23:17:19 +0100

cups (2.4.7-1.2ubuntu1) noble; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
    - In debian/rules updated ./configure arguments from --enable-gnutls to
      --with-tls=gnutls. Now libcups has support for all hash types again,
      especially can provide sha2-256 to PAPPL.
    - In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Tue, 19 Mar 2024 10:46:19 +0100

cups (2.4.7-1.2) unstable; urgency=medium

  * Non-maintainer upload.
  * Rename libraries for 64-bit time_t transition.

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Wed, 28 Feb 2024 23:20:02 +0000

cups (2.4.7-1ubuntu2) noble; urgency=medium

  * No-change rebuild against libgnutls30t64

 -- Steve Langasek <steve.langasek@ubuntu.com>  Sun, 10 Mar 2024 02:03:25 +0000

cups (2.4.7-1ubuntu1) noble; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
    - In debian/rules updated ./configure arguments from --enable-gnutls to
      --with-tls=gnutls. Now libcups has support for all hash types again,
      especially can provide sha2-256 to PAPPL.
    - In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
  * Removed patches included upstream:
    - CVE-2023-4504.patch

 -- Till Kamppeter <till.kamppeter@gmail.com>  Wed, 28 Feb 2024 20:07:19 +0100

cups (2.4.7-1) unstable; urgency=medium

  * Update to new upstream version 2.4.7.
    (Closes: #1039983   this should have been fixed in 2.4.3)
    (Closes: #1041466   this should have been fixed in 2.4.3)
    (Closes: #1043331   this should have been fixed in 2.4.3)
    (Closes: #998004    this should have been fixed in 2.4.3)
    (Closes: #1008053   this should have been fixed in 2.4.3)
    (Closes: #1009146   this should have been fixed in 2.4.3)
    (Closes: #1009147   this should have been fixed in 2.4.3)
  * debian/watch: update watch file (Closes: #1043470)
                  (thanks a lot to t3b4in+2gxh764v647us@cs.email)
  * debian/rules: switch on testing again
  * debian/control: bump standard to 4.6.2 (no changes)
  * debian/cups-daemon.NEWS: reword last entry (Closes: #1052419)
                             (thanks to IOhannes m zmoelnig)
  * debian/local/apparmor-profile: add drop-in for cups-pdf as well
                                   (Closes: #954974)
  * Provide a cups.pc file. (Closes: #971625)
    (thanks a lot to Helmut Grohne for the patch)
  * update debian/*.lintian-overrides and use new syntax

 -- Thorsten Alteholz <debian@alteholz.de>  Fri, 06 Oct 2023 20:16:49 +0200

cups (2.4.6-0ubuntu3) mantic; urgency=medium

  * Let pkg-config data file cups.pc get installed into
    /usr/lib/<ARCH>/pkgconfig/
  * Include pkg-config data file cups.pc in libcups2-dev

 -- Till Kamppeter <till.kamppeter@gmail.com>  Tue, 26 Sep 2023 14:56:43 +0200

cups (2.4.6-0ubuntu2) mantic; urgency=medium

  * SECURITY UPDATE: Postscript parsing heap overflow
    - debian/patches/CVE-2023-4504.patch: properly check for end of buffer
      in cups/raster-interpret.c.
    - CVE-2023-4504

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 20 Sep 2023 12:42:21 -0400

cups (2.4.6-0ubuntu1) mantic; urgency=medium

  * Update to new upstream version 2.4.6.
    - Fix printing multiple files on specific printers (Upstream issue #643)

 -- Till Kamppeter <till.kamppeter@gmail.com>  Wed, 16 Aug 2023 21:53:43 +0200

cups (2.4.5-0ubuntu2) mantic; urgency=medium

  * SECURITY UPDATE: use-after-free in cupsdAcceptClient()
    - debian/patches/CVE-2023-34241.patch: log result of httpGetHostname
      BEFORE closing the connection in scheduler/client.c.
    - CVE-2023-34241

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 22 Jun 2023 12:06:19 -0400

cups (2.4.5-0ubuntu1) mantic; urgency=medium

  * Update to new upstream version 2.4.5.
    - Fixes color printing on printers with "CMYK" choice instead of "RGB"
      in "ColorModel" option of their PPD (Upstream issues #451 and #500,
      LP: 1971242).
  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
    - In debian/rules updated ./configure arguments from --enable-gnutls to
      --with-tls=gnutls. Now libcups has support for all hash types again,
      especially can provide sha2-256 to PAPPL.
    - When polling capabilities of a driverless printer via
      get-printer-attributes IPP request, do a separate poll of the
      media-col-database attribute in case it did not get obtained by the
      first polls.
    - In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
  * Manually refreshed patch 9100-ppd-cache-add-auto-presets.patch.
  * Removed patches included upstream:
    - 9110-create-local-printer-localhost-fix.patch
    - CVE-2022-26691-2.patch
    - snapd-glib-2.patch
    - poll-media-col-database-separately.patch
    - CVE-2023-32324.patch

 -- Till Kamppeter <till.kamppeter@gmail.com>  Wed, 14 Jun 2023 15:38:00 +0200

cups (2.4.2-6) unstable; urgency=medium

  * CVE-2023-4504
    Postscript parsing heap-based buffer overflow
  * CVE-2023-32360 (Closes: #1051953)
    authentication issue

 -- Thorsten Alteholz <debian@alteholz.de>  Tue, 19 Sep 2023 21:20:27 +0200

cups (2.4.2-5) unstable; urgency=medium

  * CVE-2023-34241 (Closes: #1038885)
    use-after-free in cupsdAcceptClient()

 -- Thorsten Alteholz <debian@alteholz.de>  Wed, 21 Jun 2023 22:30:27 +0200

cups (2.4.2-4) unstable; urgency=medium

  * CVE-2023-32324
    A heap buffer overflow vulnerability would allow a remote attacker to
    lauch a dos attack.

 -- Thorsten Alteholz <debian@alteholz.de>  Wed, 31 May 2023 21:30:27 +0200

cups (2.4.2-3ubuntu3) mantic; urgency=medium

  * SECURITY UPDATE: DoS via buffer overflow in format_log_line
    - debian/patches/CVE-2023-32324.patch: check _cups_strlcpy size in
      cups/string.c.
    - CVE-2023-32324

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 25 May 2023 08:37:20 -0400

cups (2.4.2-3ubuntu2) lunar; urgency=low

  * In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Mon, 27 Mar 2023 23:12:00 +0200

cups (2.4.2-3ubuntu1) lunar; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
    - Fixed printing on temporary CUPS queues for local services, like
      IPP-over-USB or Printer Applications. Especially when printing from
      the GTK print dialog printing on such queues did not work (Upstream
      pull request #353, LP: #1965112).
    - Comment in CVE-2022-26691 patch fixed.
    - In debian/rules updated ./configure arguments from --enable-gnutls to
      --with-tls=gnutls. Now libcups has support for all hash types again,
      especially can provide sha2-256 to PAPPL.
    - When polling capabilities of a driverless printer via
      get-printer-attributes IPP request, do a separate poll of the
      media-col-database attribute in case it did not get obtained by the
      first polls.
    - Patch to build with snapd-glib-2
  * Refreshed patches 9100-ppd-cache-add-auto-presets.patch and
    9110-create-local-printer-localhost-fix.patch with quilt.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Sun, 26 Mar 2023 21:01:00 +0200

cups (2.4.2-3) unstable; urgency=medium

  [ Helge Kreutzmann ]
  * update translations (Closes: #1032833)
  * add more translated man pages to binary packages (Closes: #1032621)

  [ Thorsten Alteholz]
  * fix typo in French translation
  * debian/rules: remove link handling for manpages of cups-ipp-utils

 -- Thorsten Alteholz <debian@alteholz.de>  Sun, 26 Mar 2023 10:54:05 +0200

cups (2.4.2-2) unstable; urgency=medium

  [ Helge Kreutzmann ]
  * Update German man page (2220t)

  [ Thorsten Alteholz]
  * debian/control: add Recommends: avahi-daemon to cups-ipp-utils
                    (Closes: #904605)
  * debian/manpage-po4a: add Portuguese translation
                         (Closes: #1001890)
  * add ippevepcl and ippeveps (and manpages) to cups-ipp-utils
    (Closes: #990410)

 -- Thorsten Alteholz <debian@alteholz.de>  Sun, 26 Feb 2023 12:54:05 +0100

cups (2.4.2-1ubuntu4) lunar; urgency=medium

  * In debian/rules updated ./configure arguments from --enable-gnutls to
    --with-tls=gnutls. Now libcups has support for all hash types again,
    especially can provide sha2-256 to PAPPL.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Wed,  8 Feb 2023 00:07:31 +0100

cups (2.4.2-1ubuntu3) kinetic; urgency=medium

  * When polling capabilities of a driverless printer via
    get-printer-attributes IPP request, do a separate poll
    of the media-col-database attribute in case it did not
    get obtained by the first polls.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Sat, 21 Jan 2023 14:27:31 -0300

cups (2.4.2-1ubuntu2) kinetic; urgency=medium

  * Add patch to build with snapd-glib-2

 -- Jeremy Bicha <jbicha@ubuntu.com>  Thu, 25 Aug 2022 21:54:33 -0400

cups (2.4.2-1ubuntu1) kinetic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
    - Fixed printing on temporary CUPS queues for local services, like
      IPP-over-USB or Printer Applications. Especially when printing from
      the GTK print dialog printing on such queues did not work (Upstream
      pull request #353, LP: #1965112).
    - Comment in CVE-2022-26691 patch fixed.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Mon, 06 Jun 2022 20:20:31 +0200

cups (2.4.2-1) unstable; urgency=medium

  * Update to new upstream version 2.4.2.
  * debian/rules: temporarily deactivate tests
    (one test fails due to only generating 4 of 14 expected warnings)

 -- Thorsten Alteholz <debian@alteholz.de>  Thu, 26 May 2022 12:54:05 +0200

cups (2.4.1op1-2) unstable; urgency=medium

  * debian/rules: in latest cups version, root is no longer automatically
                  added to SystemGroup in cups-files.conf, so add
                     --with-system-groups="root lpadmin"
                  to configure step
                  (Closes: #1006849 #1006727 #876207)

 -- Thorsten Alteholz <debian@alteholz.de>  Mon, 07 Mar 2022 22:08:09 +0100

cups (2.4.1op1-1ubuntu5) kinetic; urgency=medium

  * SECURITY UPDATE: Local authorization cert bypass
    - debian/patches/CVE-2022-26691-1.patch: fix string comparison in
      scheduler/cert.c.
    - debian/patches/CVE-2022-26691-2.patch: fix the comment in
      scheduler/cert.c.
    - CVE-2022-26691

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 27 May 2022 07:53:01 -0400

cups (2.4.1op1-1ubuntu4) jammy; urgency=low

  * Fixed PPD file auto-generation when a print queue is created with
    a DNS-SD-service-name-based URI and "-m everywhere" backporting the
    fix from upstream (Upstream issue #340, #343).

 -- Till Kamppeter <till.kamppeter@gmail.com>  Sat, 19 Mar 2022 00:07:00 +0100

cups (2.4.1op1-1ubuntu3) jammy; urgency=low

  * Fixed crasher in the patch for temporary queues for local services
    in the previous release. Updated the patch and the upstream pull
    request (LP: #1965112, Upstream pull request #353).

 -- Till Kamppeter <till.kamppeter@gmail.com>  Wed, 16 Mar 2022 18:24:08 +0100

cups (2.4.1op1-1ubuntu2) jammy; urgency=low

  * Fixed printing on temporary CUPS queues for local services, like
    IPP-over-USB or Printer Applications. Especially when printing from
    the GTK print dialog printing on such queues did not work (Upstream
    pull request #353).

 -- Till Kamppeter <till.kamppeter@gmail.com>  Mon, 14 Mar 2022 09:13:08 +0100

cups (2.4.1op1-1ubuntu1) jammy; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
      default, as CUPS always worked this way but the new patch for
      supporting the "cups-control" interface of Snaps does not allow
      implicit permission to everything for root any more.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
  * Updated 9100-ppd-cache-add-auto-presets.patch

 -- Till Kamppeter <till.kamppeter@gmail.com>  Tue, 22 Feb 2022 12:28:08 +0100

cups (2.4.1op1-1) unstable; urgency=medium

  * new upstream release
  * debian/patches/*: update and rebase
  * debian/control: add myself to Uploaders:
  * debian/copyright: remove unused BSD-3 license
  * exlucde some newly generated files
  * update symbols files
  * move back to gbp based workflow
    (git debrebase and dgit do not work in my world)

 -- Thorsten Alteholz <debian@alteholz.de>  Sun, 20 Feb 2022 20:08:09 +0100

cups (2.3.3op2-7ubuntu2) impish; urgency=low

  * Updated patch for auto-generation of PPD presets to patch proposed
    upstream (Upstream pull request #236) due to added PPD options taken into
    account.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Fri, 10 Sep 2021 19:20:00 +0200

cups (2.3.3op2-7ubuntu1) impish; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added extra checking when administrative requests (create queue,
      remove someone else's job, ...) reach cupsd. If the client is a Snap,
      it has to plug the cups-control interface to be allowed to do the
      task. Added libapparmor-dev and libsnapd-glib-dev to the build
      dependencies. Also added needed permissions to AppArmor profile.
    - Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
      default, as CUPS always worked this way but the new patch for
      supporting the "cups-control" interface of Snaps does not allow
      implicit permission to everything for root any more.
    - Added "--enable-snapped-clients"
      to the "./configure" options to use the correct checking mode for an
      unsnapped cupsd, like provided by this package.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
  * Updated patch for auto-generation of PPD presets to patch proposed
    upstream (Upstream pull request #236).

 -- Till Kamppeter <till.kamppeter@gmail.com>  Mon, 06 Sep 2021 21:26:41 +0200

cups (2.3.3op2-7) unstable; urgency=medium

  [ Didier Raboud ]
  * Remove myself from Uploaders

  [ Roger Lynn ]
  * Apparmor: allow CUPS to read /etc/letsencrypt/archive/ (Closes: #992378)

 -- Didier Raboud <odyx@debian.org>  Mon, 06 Sep 2021 12:08:09 +0200

cups (2.3.3op2-6) unstable; urgency=medium

  * Migrate to unstable
  * Packaging cleanup
    - Update S-V to 4.6.0 without changes needed
    - Remove 3 obsolete maintscript entries

 -- Didier Raboud <odyx@debian.org>  Tue, 24 Aug 2021 15:38:05 +0200

cups (2.3.3op2-5ubuntu1) impish; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added extra checking when administrative requests (create queue,
      remove someone else's job, ...) reach cupsd. If the client is a Snap,
      it has to plug the cups-control interface to be allowed to do the
      task. Added libapparmor-dev and libsnapd-glib-dev to the build
      dependencies. Also added needed permissions to AppArmor profile.
    - Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
      default, as CUPS always worked this way but the new patch for
      supporting the "cups-control" interface of Snaps does not allow
      implicit permission to everything for root any more.
    - Added "--enable-snapped-clients"
      to the "./configure" options to use the correct checking mode for an
      unsnapped cupsd, like provided by this package.
  * Added fully automatic generation of PPD option setting presets to
    be applied depending on the settings of the job IPP attributes
    "print-color-mode", "print-quality", and "print-content-optimize".
    This allows easy control of any printer with only standard IPP
    attributes, as for example from a phone (functionality overtaken
    from cups-filters, mot (yet) upstream in CUPS).

 -- Till Kamppeter <till.kamppeter@gmail.com>  Tue, 17 Aug 2021 23:47:41 +0200

cups (2.3.3op2-5) experimental; urgency=low

  * Backport 2 upstream USB backend fixes:
    - Revert enforcing read limits (caused a regression with Lexmark filters)
    - Use 60s timeout (instead of 250ms) for reading at backchannel, as some
      older models malfunction if timeout is too short (Closes: #989073)

 -- Didier Raboud <odyx@debian.org>  Thu, 27 May 2021 09:07:26 +0200

cups (2.3.3op2-4) experimental; urgency=medium

  [ Helge Kreutzmann ]
  * Update German man page (2212t)

  [ Didier Raboud ]
  * Reorder and cleanup patch queue by replacing some by upstream's
  * Drop ancient symlink handling in preinsts (Closes: #986165)

 -- Didier Raboud <odyx@debian.org>  Wed, 31 Mar 2021 08:56:11 +0200

cups (2.3.3op2-3+deb11u1) unstable; urgency=medium

  * Backport 2 upstream USB backend fixes:
    - Revert enforcing read limits (caused a regression with Lexmark filters)
    - Use 60s timeout (instead of 250ms) for reading at backchannel, as some
      older models malfunction if timeout is too short (Closes: #989073)

 -- Didier Raboud <odyx@debian.org>  Thu, 27 May 2021 08:49:36 +0200

cups (2.3.3op2-3ubuntu3) hirsute; urgency=low

  * Updated AppArmor profile entries for CUPS accessing snapd to
    check whether a client is a Snap and which interfaces it plugs to.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Fri, 19 Mar 2021 18:26:41 +0100

cups (2.3.3op2-3ubuntu2) hirsute; urgency=low

  * Replaced patch for extra checking of admin requests from snapped
    clients by the current upstream code. Added "--enable-snapped-clients"
    to the "./configure" options to use the correct checking mode for an
    unsnapped cupsd, like provided by this package.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Fri, 19 Mar 2021 16:32:41 +0100

cups (2.3.3op2-3ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added extra checking when administrative requests (create queue,
      remove someone else's job, ...) reach cupsd. If the client is a Snap,
      it has to plug the cups-control interface to be allowed to do the
      task. Added libapparmor-dev and libsnapd-glib-dev to the build
      dependencies. Also added needed permissions to AppArmor profile.
    - Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
      default, as CUPS always worked this way but the new patch for
      supporting the "cups-control" interface of Snaps does not allow
      implicit permission to everything for root any more.
  * Clean up "Build-Depends:" to be in sync with Debian (delta overlooked
    for near a decade when cups-filters was introduced in 2012), removing
    the unneeded entries: ghostscript, libavahi-compat-libdnssd-dev,
    libfontconfig1-dev, libfreetype6-dev, libijs-dev, libjpeg-dev,
    libldap2-dev, libpng-dev, libtiff-dev, poppler-utils, sharutils
  * Removed the changes on the machine-generated "configure" file in the
    patch for checking snapped clients, the changes easily mis-match on
    updates and we run "autoconf" in debian/rules anyway.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Fri, 12 Feb 2021 20:44:41 +0100

cups (2.3.3op2-3) unstable; urgency=medium

  [ Helge Kreutzmann ]
  * Update German man page (2212t)

  [ Didier Raboud ]
  * Wrap-and-sort -baskt, keep comments
  * Let cups.1 point to client.conf.5, not client.conf.7 (Closes: #982303)
  * Make CUPS reproducible by patching it to;
    - skip the httpAddrGetHostname() test (that fails under reprotest)
    - skip the stp tests if ran as root, without aborting
    - run testlang for each provided CUPS locale only

 -- Didier Raboud <odyx@debian.org>  Fri, 12 Feb 2021 14:09:29 +0100

cups (2.3.3op2-2) unstable; urgency=medium

  * Bump debhelper compat to 13, document not-installed files

 -- Didier Raboud <odyx@debian.org>  Wed, 03 Feb 2021 13:13:18 +0100

cups (2.3.3op2-1) unstable; urgency=medium

  * New OpenPrinting 2.3.3op2 release
    - CVE-2020-10001: Fixed a buffer (read) overflow in the `ippReadIO`
      function
    - Drop 4 patches merged upstream
  * Update d/copyright authors and years

 -- Didier Raboud <odyx@debian.org>  Tue, 02 Feb 2021 21:20:06 +0100

cups (2.3.3op1-7) unstable; urgency=medium

  [ Helmut Grohne ]
  * Reduce Build-Depends, move dh_apparmor to B-D-A (Closes: #980104)

 -- Didier Raboud <odyx@debian.org>  Fri, 15 Jan 2021 12:11:30 +0100

cups (2.3.3op1-6) unstable; urgency=medium

  [ Till Kamppeter ]
  * In the AppArmor profile, allow cupsd to write to /run/systemd/notify to
    notify that it is up and running (systemd service type "notify")

 -- Didier Raboud <odyx@debian.org>  Mon, 11 Jan 2021 08:31:58 +0100

cups (2.3.3op1-5ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added extra checking when administrative requests (create queue,
      remove someone else's job, ...) reach cupsd. If the client is a Snap,
      it has to plug the cups-control interface to be allowed to do the
      task. Added libapparmor-dev and libsnapd-glib-dev to the build
      dependencies. Also added needed permissions to AppArmor profile.
    - Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
      default, as CUPS always worked this way but the new patch for
      supporting the "cups-control" interface of Snaps does not allow
      implicit permission to everything for root any more.
  * In the AppArmor profile allow cupsd to write to /run/systemd/notify
    to notify that it is up and running (systemd service type "notify").

 -- Till Kamppeter <till.kamppeter@gmail.com>  Fri, 08 Jan 2021 19:07:00 +0100

cups (2.3.3op1-5) unstable; urgency=medium

  * Update Homepage and Source fields to point
    https://github.com/OpenPrinting/cups/ as Debian's using the OpenPrinting
    (friendly) fork (Closes: #979461)

 -- Didier Raboud <odyx@debian.org>  Fri, 08 Jan 2021 11:35:18 +0100

cups (2.3.3op1-4) unstable; urgency=medium

  * Drop ancient manual link-doc setting in cups-bsd.postinst
  * Let cups.service start after nslcd.service (Closes: #977198)

 -- Didier Raboud <odyx@debian.org>  Wed, 23 Dec 2020 14:53:09 +0100

cups (2.3.3op1-3ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Added extra checking when administrative requests (create queue,
      remove someone else's job, ...) rach cupsd. If the client is a Snap,
      it has to plug the cups-control interface to be allowed to do the
      task. Added libapparmor-dev and libsnapd-glib-dev to the build
      dependencies. Also added needed permissions to AppArmor profile.
    - Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
      default, as CUPS always worked this way but the new patch for
      supporting the "cups-control" interface of Snaps does not allow
      implicit permission to everything for root any more.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Fri, 14 Dec 2020 12:47:34 +0100

cups (2.3.3op1-3) unstable; urgency=medium

  [ Helge Kreutzmann ]
  * Update German man page (2211t)

  [ Didier Raboud ]
  * Patch configure scripts to fix FTBFS on freebsd-gnu systems

 -- Didier Raboud <odyx@debian.org>  Fri, 04 Dec 2020 10:32:55 +0100

cups (2.3.3op1-2) unstable; urgency=medium

  * Backport upstream "Force a 5 second sleep to wait for the job control file
    to be written" patch, to address s390x test suite timing issue

 -- Didier Raboud <odyx@debian.org>  Sat, 28 Nov 2020 16:50:59 +0100

cups (2.3.3op1-1) unstable; urgency=medium

  * Use OpenPrinting CUPS fork instead of Apple's codebase
    - Update d/upstream/metadata, d/watch
    - d/upstream/signing-key.asc: Swap Apple's with Michael R Sweet's
  * Large patch-suite cleanup thanks to lots of Debian proposals merged
    upstream; from 40 to 9;
    - Reorder (upstream-mergeable first, Debian-specific later)
    - Reword and refresh metadata for the last patches
  * Set Debian customizations in d/rules instead of patches;
    - Set --with-max-log-size=0
    - Set --enable-sync-on-close
    - Set --with-error-policy=retry-job
  * Packaging cleanup;
    - Drop the Debian-specific systemd units' renaming, now upstream
    - Drop pre-oldstable postinst ConfigFilePerm handling
    - Add missing BSD-2-Clause block in debian/copyright
    - Convert debian/po files to UTF-8
    - Drop --as-needed as it's now default in Debian
    - Drop Ubuntu-specific patch handling, in favour of compile-time option
      for --disable-browsing
    - Bump S-V to 4.5.1 without changes needed
    - Use debian/main as head branch; update d/gbp.conf accordingly
    - Drop outdated d/source/options
   * Refresh manpage translation pofiles for 2.3.3op1

 -- Didier Raboud <odyx@debian.org>  Fri, 27 Nov 2020 17:27:21 +0100

cups (2.3.3-4) unstable; urgency=medium

  * Drop Ubuntu "Make lpoptions list a printer's options correctly also when
    CUPS is running on an alternative port" patch, refused upstream
    (Closes: #970725)
  * Use upstream-merged patches for fax numbers' fix and rastertopwg rounding

 -- Didier Raboud <odyx@debian.org>  Tue, 24 Nov 2020 08:49:46 +0100

cups (2.3.3-3ubuntu1) groovy; urgency=medium

  * Merged with Debian unstable. Remaining changes:
    - Added extra checking when administrative requests (create queue,
      remove someone else's job, ...) rach cupsd. If the client is a Snap,
      it has to plug the cups-control interface to be allowed to do the
      task. Added libapparmor-dev and libsnapd-glib-dev to the build
      dependencies. Also added needed permissions to AppArmor profile.
  * Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
    defualt, as CUPS always worked this way but the new patch for
    supporting the "cups-control" interface of Snaps does not allow
    implicit permission to everything for root any more.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Fri,  4 Sep 2020 19:00:00 +0200

cups (2.3.3-3) unstable; urgency=medium

  [ Didier Raboud ]
  * Set lintian overrides for non-changeable upstream choices
  * Add missing Build-Depends-Package in symbols' files

  [ Till Kamppeter ]
  * Resolve DNS-SD-service-name-based URIs correctly also if they are
    from a service from localhost (like IPP-over-USB, Printer
    Application, ...)
  * Make lpoptions list a printer's options correctly also when CUPS is
    running on an alternative port
  * Fix fax numbers supplied via GTK print dialog, removing a "Custom."
    prefix; do not choke if the GTK dialog sends "None" as phone number
    or pre-dial prefix
  * Let the rastertopwg filter check rounding errors when calculating
    the page geometry

 -- Didier Raboud <odyx@debian.org>  Thu, 03 Sep 2020 09:27:04 +0200

cups (2.3.3-2ubuntu5) groovy; urgency=medium

  * In all autopkgtests modify set "LogLevel debug2" in cupsd.conf and
    "SystemGroup lpadmin root" in cups-files.conf and restart cupsd,
    the former change to more easily find out what failed and the latter
    as the default configuration did not allow root to create queues,
    making all tests fail.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Thu, 27 Aug 2020 23:18:00 +0200

cups (2.3.3-2ubuntu4) groovy; urgency=medium

  * Let the rastertopwg filter check rounding errors when calculating the
    page geometry.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Wed, 27 Aug 2020 10:22:00 +0200

cups (2.3.3-2ubuntu3) groovy; urgency=medium

  * Do not choke if the GTK dialog sends "None" as phone number or pre-dial
    prefix.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Wed, 26 Aug 2020 22:33:00 +0200

cups (2.3.3-2ubuntu2) groovy; urgency=medium

  * Fix fax numbers supplied via GTK print dialog, removing a "Custom."
    prefix.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Wed, 26 Aug 2020 13:03:00 +0200

cups (2.3.3-2ubuntu1) groovy; urgency=medium

  * Added extra checking when administrative requests (create queue,
    remove someone else's job, ...) rach cupsd. If the client is a Snap,
    it has to plug the cups-control interface to be allowed to do the
    task. Added libapparmor-dev and libsnapd-glib-dev to the build
    dependencies. Also added needed permissions to AppArmor profile.
  * Resolve DNS-SD-service-name-based URIs correctly also if they are from
    a service from localhost (like IPP-over-USB, Printer Application, ...)
  * Make lpoptions list a printer's options correctly also when CUPS is
    running on an alternative port.

 -- Till Kamppeter <till.kamppeter@gmail.com>  Tue, 25 Aug 2020 21:34:00 +0200

cups (2.3.3-2) unstable; urgency=medium

  * Add missing dh-strip-nondeterminism B-D
  * cups-daemon: Add ipp-usb Recommends

 -- Didier Raboud <odyx@debian.org>  Thu, 03 Sep 2020 08:54:55 +0200

cups (2.3.3-1) unstable; urgency=medium

  * New 2.3.3 upstream release, with the two -12 security patches

 -- Didier Raboud <odyx@debian.org>  Fri, 01 May 2020 15:28:22 +0200

cups (2.3.1-12) unstable; urgency=medium

  * Backport two security patches
    - CVE-2020-3898: heap-buffer-overflow in libcups’s ppdFindOption()
      function in ppd-mark.c
    - CVE-2019-8842: The `ippReadIO` function may under-read an extension
      field

 -- Didier Raboud <odyx@debian.org>  Sat, 25 Apr 2020 16:13:13 +0200

cups (2.3.1-11) unstable; urgency=medium

  * CI Tests: fix cups-basiccommands:
    - swap awk with sed;
    - filter stderr away from known errors
    - add missing cups-bsd depends to test lpr commands

 -- Didier Raboud <odyx@debian.org>  Mon, 24 Feb 2020 19:40:39 +0100

cups (2.3.1-10) unstable; urgency=medium

  * Add Requires=cups.socket to cups.service, to make sure they start in
    the right order
  * CI Tests: Add a test for all CUPS' basic commands, thanks to RedHat
  * Add Pre-Depends: ${misc:Pre-Depends} to cups-daemon to fix
    skip-systemd-native-flag-missing-pre-depends lintian flag
  * Add patch proposal from RedHat to fix leakage of ppd (Issue: #5738)

 -- Didier Raboud <odyx@debian.org>  Mon, 24 Feb 2020 12:25:39 +0100

cups (2.3.1-9) unstable; urgency=medium

  * CI Tests: Ensure the job files are non-empty; should detect more
    regressions

 -- Didier Raboud <odyx@debian.org>  Sat, 22 Feb 2020 17:19:46 +0100

cups (2.3.1-8) unstable; urgency=medium

  * Add patch to fix cupsctl when loading cupsd.conf (Issue: #5744)

 -- Didier Raboud <odyx@debian.org>  Sat, 22 Feb 2020 14:34:48 +0100

cups (2.3.1-7) unstable; urgency=medium

  * Add patch to fix conversion of PPD InputSlot choice names; this should fix
    printers ignoring the paper tray selection (Issue: #5740, Closes: #949315)
  * lintian-brush:
    - Set upstream metadata fields: Bug-Database, Repository, Repository-Browse
    - Rewrap some d/changelog entries

 -- Didier Raboud <odyx@debian.org>  Mon, 17 Feb 2020 09:19:56 +0100

cups (2.3.1-6) unstable; urgency=medium

  * Patch test suite to also ignore 'Job held' lines in error_log line
    counting

 -- Didier Raboud <odyx@debian.org>  Sat, 08 Feb 2020 11:52:44 +0100

cups (2.3.1-5) unstable; urgency=medium

  * Move towards driverless-centered installation:
    - Drop all printer-driver-* and hplip recommends/suggests
  * Cleanup all versions from pre- Debian stable
  * Bump S-V to 4.5.0 without changes needed

 -- Didier Raboud <odyx@debian.org>  Fri, 07 Feb 2020 17:08:48 +0100

cups (2.3.1-4) unstable; urgency=medium

  * Cleanup patch queue for cups' bts URLs and patch names
  * Update README.Debian to remove leftover SystemdIdleExit references

 -- Didier Raboud <odyx@debian.org>  Thu, 30 Jan 2020 20:35:47 +0100

cups (2.3.1-2) unstable; urgency=medium

  * Drop pwg-raster-attributes.patch
  * Amend 2.3.1-1 changelog entry to add missing Ubuntu package drop and CVE
    bug closure

 -- Didier Raboud <odyx@debian.org>  Sun, 26 Jan 2020 15:23:24 +0100

cups (2.3.1-1) unstable; urgency=medium

  [ Didier Raboud ]
  * New 2.3.1 upstream release:
    - CVE-2019-2228: The `ippSetValuetag` function did not validate the
      default language value (Closes: #946782)

  [ Steve Langasek ]
  * On Ubuntu i386, drop cups and cups-core-drivers (Closes: #947185)

  [ Helge Kreutzmann ]
  * Update German man page (2207t)

 -- Didier Raboud <odyx@debian.org>  Tue, 24 Dec 2019 13:02:06 +0100

cups (2.3.0-7) unstable; urgency=medium

  * Packaging cleanup:
    - Set upstream metadata fields: Repository
    - Rely on pre-initialized dpkg-architecture variables
    - Fix day-of-week for changelog entries 1.0.1-1
    - Bump Standards-Version to 4.4.1 without changes needed
    - Replace dh-exec usage with manual renaming in debian/rules

 -- Didier Raboud <odyx@debian.org>  Wed, 06 Nov 2019 08:57:40 +0100

cups (2.3.0-6) unstable; urgency=medium

  [ Didier Raboud ]
  * Tests-drivers: Cleanup output

  [ intrigeri ]
  * AppArmor: support cups-pdf "Out" directory pointing to almost anywhere
    below $HOME (Closes: #940578)

 -- Didier Raboud <odyx@debian.org>  Thu, 31 Oct 2019 08:44:29 +0100

cups (2.3.0-5) unstable; urgency=medium

  * Let the test-drivers script stop waiting when a filter is allegedly
    failed, and give context

 -- Didier Raboud <odyx@debian.org>  Sat, 21 Sep 2019 09:41:44 +0200

cups (2.3.0-4) unstable; urgency=medium

  [ Helge Kreutzmann ]
  * Update German man page (2197t)

 -- Didier Raboud <odyx@debian.org>  Fri, 20 Sep 2019 15:03:47 +0200

cups (2.3.0-3) unstable; urgency=low

  * Fix autopkgtests for real; refactor lpadmin stderr filtering

 -- Didier Raboud <odyx@debian.org>  Fri, 06 Sep 2019 09:32:07 +0200

cups (2.3.0-2) unstable; urgency=low

  [ Helge Kreutzmann ]
  * Update German man page (2100t58f39u)

  [ Didier Raboud ]
  * Fix autopkgtest by filtering away known stderr messages

 -- Didier Raboud <odyx@debian.org>  Thu, 05 Sep 2019 09:33:20 +0200

cups (2.3.0-1) unstable; urgency=low

  * New 2.3.0 upstream release, to unstable
    - CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows
    - Fixed IPP buffer overflow
    - Fixed memory disclosure and DoS issues in the scheduler
    - CUPS is now provided under the Apache License, Version 2.0, with a
      GPL2/LGPL2 exception
  * Rewrite debian/copyright with the above license change, install the
    NOTICE file
  * Refresh manpage translations
  * Refresh upstream metadata
  * Bump S-V to 4.4 without changes needed

 -- Didier Raboud <odyx@debian.org>  Mon, 02 Sep 2019 13:19:18 +0200

cups (2.3~rc1-2) experimental; urgency=medium

  * Merge 2.2.12-1 from unstable
  * Add missing colon in closes line.
  * Set upstream metadata fields: Contact, Name.
  * Bump debhelper from old 11 to 12.

 -- Didier Raboud <odyx@debian.org>  Sun, 18 Aug 2019 16:58:09 +0200

# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog libcups2t64`.

Generated by dwww version 1.16 on Sat Jul 11 11:01:14 CEST 2026.