cups (2.4.7-1.2ubuntu7.14) noble-security; urgency=medium
* SECURITY REGRESSION: crash with large printer PPD (LP: #2156339)
- debian/patches/misc-fix-1-2.patch: Make sure we have room for another
space in cups/raster-error.c.
- unknown
* SECURITY REGRESSION: off-by-one write copying snmp supply names
- debian/patches/CVE-2026-41079-2.patch: Increase supply name buffer by 1
byte in backend/snmp-supplies.c.
- CVE-2026-41079
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Jun 2026 10:49:47 -0400
cups (2.4.7-1.2ubuntu7.13) noble-security; urgency=medium
* SECURITY UPDATE: authorization bypass vulnerability
- debian/patches/CVE-2026-27447-1.patch: The scheduler treated local user
and group names as case-insensitive. in scheduler/auth.c.
- debian/patches/CVE-2026-27447-2.patch: Fix cupsd crash if user does not
exist on server in scheduler/auth.c.
- debian/patches/CVE-2026-27447-3.patch: Fix unauthenticated print policies
(Issue #1557) in scheduler/auth.c.
- CVE-2026-27447
* SECURITY UPDATE: RSS notifier path traversal issue
- debian/patches/CVE-2026-34978.patch: Fix RSS notifier. in notifier/rss.c,
scheduler/ipp.c.
- CVE-2026-34978
* SECURITY UPDATE: heap overflow in building filter option strings
- debian/patches/CVE-2026-34979-1.patch: Expand allocation of options
string. in scheduler/job.c.
- debian/patches/CVE-2026-34979-2.patch: Fix get_options regression (Issue
#1532) in scheduler/job.c, test/5.5-lp.sh.
- CVE-2026-34979
* SECURITY UPDATE: embedded newline issue in print jobs
- debian/patches/CVE-2026-34980-1.patch: Filter out control characters from
option values. in scheduler/job.c.
- debian/patches/CVE-2026-34980-2.patch: Fix filter PPD keyword processing
(Issue #1562) in scheduler/job.c.
- CVE-2026-34980
* SECURITY UPDATE: incorrectly accepts local certificates over the
loopback interface
- debian/patches/CVE-2026-34990-1.patch: Don't allow local certificates over
the loopback interface, drop support for writing to plain files. in
cups/auth.c, scheduler/auth.c, scheduler/client.c, scheduler/ipp.c,
scheduler/job.c, test/4.2-cups-printer-ops.test, test/5.1-lpadmin.sh.
- debian/patches/CVE-2026-34990-2.patch: Fix builds against GSSAPI
(Kerberos) in cups/auth.c.
- CVE-2026-34990
* SECURITY UPDATE: integer underflow in _ppdCreateFromIPP()
- debian/patches/CVE-2026-39314.patch: Range check job-password-supported.
in cups/ppd-cache.c.
- CVE-2026-39314
* SECURITY UPDATE: use-after-free when temp printers are deleted
- debian/patches/CVE-2026-39316.patch: Expire per-printer subscriptions
before deleting. in scheduler/printers.c.
- CVE-2026-39316
* SECURITY UPDATE: OOB read via SNMP response
- debian/patches/CVE-2026-41079.patch: Limit num_bytes for SNMP string
values. in cups/snmp-private.h, cups/snmp.c.
- CVE-2026-41079
* Miscellaneous additional fixes:
- debian/patches/misc-fix-1.patch: Improve page header validation in
cupsRasterReadHeader in cups/raster-error.c, cups/raster-stream.c.
- debian/patches/misc-fix-2.patch: Protect against a driver reporting a
supply type with a trailing '-'. in scheduler/printers.c.
- debian/patches/misc-fix-3.patch: Range check cupsBytesPerLine in
rastertoepson. in filter/rastertoepson.c.
- debian/patches/misc-fix-4.patch: Sanity check HWResolution when writing
Apple Raster. in cups/raster-stream.c.
- debian/patches/misc-fix-5.patch: Protect against deep collection values
(Issue #1539) in cups/cups-private.h, cups/dest-options.c, cups/encode.c.
- debian/patches/misc-fix-6.patch: Update processing of LimitRequestBody,
MaxLogSize, and MaxRequestSize to support full range of file sizes in
scheduler/conf.c, scheduler/conf.h.
- debian/patches/misc-fix-6-2.patch: Fix builds on systems that don't define
OFF_MAX in scheduler/conf.c.
- debian/patches/misc-fix-7.patch: Fix blank line detection in rastertolabel
in filter/rastertolabel.c.
- debian/patches/misc-fix-8.patch: Add buffer size check from CUPS 2.5.x to
_ippFileReadToken (Issue #1542) in cups/ipp-file.c.
- debian/patches/misc-fix-9.patch: Fix regression in
cupsRasterRead/WriteHeader. in cups/raster-stream.c.
* debian/tests/utils/test-drivers: disable most tests since the security
update no longer accepts writing to files. Needs to be adapted. Taken
from 2.4.18-1.
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 05 Jun 2026 09:38:55 -0400
cups (2.4.7-1.2ubuntu7.9) noble-security; urgency=medium
* SECURITY UPDATE: Slow client communication leads to a possible DoS
attack
- debian/patches/CVE-2025-58436-1.patch: fix unresponsive cupsd process
caused by a slow client in cups/http-private.h, cups/http.c,
cups/tls-openssl.c, scheduler/client.c, scheduler/client.h,
scheduler/select.c.
- debian/patches/CVE-2025-58436-2.patch: fix an infinite loop issue in
GTK+ in cups/http.c.
- CVE-2025-58436
* SECURITY REGRESSION: issue with invalid configuration (LP: #2133207)
- debian/patches/lp2133207.patch: fix stopping scheduler on unknown
directive in scheduler/conf.c.
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 03 Dec 2025 09:43:23 -0500
cups (2.4.7-1.2ubuntu7.7) noble-security; urgency=medium
* SECURITY UPDATE: Local denial-of-service via cupsd.conf update and
related issues
- debian/patches/CVE-2025-61915.patch: fix various issues in cupsd in
conf/cups-files.conf.in, config-scripts/cups-defaults.m4,
config.h.in, configure, doc/help/man-cups-files.conf.html,
man/cups-files.conf.5, scheduler/auth.c, scheduler/auth.h,
scheduler/client.c, scheduler/conf.c, test/run-stp-tests.sh,
vcnet/config.h, xcode/CUPS.xcodeproj/project.pbxproj, xcode/config.h.
- CVE-2025-61915
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 19 Nov 2025 09:25:04 -0500
cups (2.4.7-1.2ubuntu7.4) noble-security; urgency=medium
* SECURITY UPDATE: authorization bypass
- d/p/CVE-2025-58060.patch: only allow basic and kerberos authentication
if it is enabled.
- CVE-2025-58060
* SECURITY UPDATE: remote DoS
- d/p/CVE-2025-58364.patch: fix null dereference in ipp_read_io().
- CVE-2025-58364
-- Eduardo Barretto <eduardo.barretto@canonical.com> Fri, 05 Sep 2025 17:58:36 +0200
cups (2.4.7-1.2ubuntu7.3) noble-security; urgency=medium
* SECURITY UPDATE: PPD injection issues (LP: #2082335)
- debian/patches/sec-202409-1.patch: validate URIs, attribute names,
and capabilities in cups/ppd-cache.c, scheduler/ipp.c.
- debian/patches/sec-202409-2.patch: sanitize make and model in
cups/ppd-cache.c.
- debian/patches/sec-202409-3.patch: PPDize preset and template names
in cups/ppd-cache.c.
- debian/patches/sec-202409-4.patch: quote PPD localized strings in
cups/ppd-cache.c.
- debian/patches/sec-202409-5.patch: fix warnings in cups/ppd-cache.c.
- CVE number pending
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 26 Sep 2024 07:15:36 -0400
cups (2.4.7-1.2ubuntu7.2) noble-security; urgency=medium
* SECURITY REGRESSION: early exit on missing listen directive
- d/p/fix-scheduler-start-if-only-domain-socket-to-listen.patch: don't
exit if no valid Listen or Port found (LP: #2070315)
-- Sudhakar Verma <sudhakar.verma@canonical.com> Thu, 27 Jun 2024 19:17:32 +0530
cups (2.4.7-1.2ubuntu7.1) noble-security; urgency=medium
* SECURITY UPDATE: cupsd listen arbitrary chmod 0140777
- debian/patches/CVE-2024-35235.patch: validate status of unlink and bind
in cups/http-addr.c
- CVE-2024-35235
-- Sudhakar Verma <sudhakar.verma@canonical.com> Fri, 21 Jun 2024 13:37:25 +0530
cups (2.4.7-1.2ubuntu7) noble; urgency=low
* Another fix for crash caused by the fix of the background polling of
printer capability information in ...ubuntu4. Added also commit 6aeb03b
from 2.4.x GIT branch to the patch (LP: #2060692, Upstream issue #934,
pull request #935).
-- Till Kamppeter <till.kamppeter@gmail.com> Fri, 12 Apr 2024 22:13:19 +0200
cups (2.4.7-1.2ubuntu6) noble; urgency=low
* Fix crash caused by the fix of the background polling of printer
capability information in ...ubuntu4. Added commit 2e65a35 from 2.4.x
GIT branch to the patch (LP: #2060692, Upstream issue #934, pull
request #937).
* Backported upstream commits 939368f from 2.4.x GIT branch, to
fix the auto-repeating of a job in Raster mode when failed printing
in PDF mode, due to printer-internal bug/incompatibility (Upstream
issue #391).
-- Till Kamppeter <till.kamppeter@gmail.com> Thu, 11 Apr 2024 23:23:19 +0200
cups (2.4.7-1.2ubuntu5) noble; urgency=low
* Longer timeout for Avahi resolving for cupsGetDests() API function, used
by "lpstat -l -e" (Upstream issues #47, #751, fix is already in place
in the CUPS Snap).
-- Till Kamppeter <till.kamppeter@gmail.com> Sat, 6 Apr 2024 00:05:19 +0200
cups (2.4.7-1.2ubuntu4) noble; urgency=low
* Backported upstream commits 6c6e1b0, ff16dab, and df3718b from 2.4.x GIT
branch, to
- Fix race condition due to removal of temporary queue while still accessing
it. Now timeout clock is reset on every access, temporary queues not
created if there is a permanent queue to the same printer, temporary queues
expire after 5 min instead of 1 min (Upstream issue #871).
- Fix temporary queue appearing as raw queue while CUPS is still polling
the capability information from the printer. This breaks print dialogs and
printing itself. Now queue creation is deleayed until the PPD is ready
(Upstream issue #347).
-- Till Kamppeter <till.kamppeter@gmail.com> Fri, 5 Apr 2024 22:48:19 +0200
cups (2.4.7-1.2ubuntu3) noble; urgency=medium
* No-change rebuild for CVE-2024-3094
-- Steve Langasek <steve.langasek@ubuntu.com> Sun, 31 Mar 2024 07:31:09 +0000
cups (2.4.7-1.2ubuntu2) noble; urgency=low
* Remove Debian's own (broken) cups.pc file, CUPS has it upstreanm from
2.4.6 on (LP: #2059157).
-- Till Kamppeter <till.kamppeter@gmail.com> Tue, 26 Mar 2024 23:17:19 +0100
cups (2.4.7-1.2ubuntu1) noble; urgency=low
* Merge from Debian unstable. Remaining changes:
- Added "--enable-snapped-clients" to the "./configure" options to use
the correct Snap mediation mode for an unsnapped cupsd, like provided
by this package.
- In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
to allow cupsd to determine which interfaces a snapped client
is plugging.
- Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
Snap mediation.
- Added fully automatic generation of PPD option setting presets to
be applied depending on the settings of the job IPP attributes
"print-color-mode", "print-quality", and "print-content-optimize".
This allows easy control of any printer with only standard IPP
attributes, as for example from a phone (functionality overtaken
from cups-filters, mot (yet) upstream in CUPS).
- In debian/rules updated ./configure arguments from --enable-gnutls to
--with-tls=gnutls. Now libcups has support for all hash types again,
especially can provide sha2-256 to PAPPL.
- In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
-- Till Kamppeter <till.kamppeter@gmail.com> Tue, 19 Mar 2024 10:46:19 +0100
cups (2.4.7-1.2) unstable; urgency=medium
* Non-maintainer upload.
* Rename libraries for 64-bit time_t transition.
-- Michael Hudson-Doyle <mwhudson@debian.org> Wed, 28 Feb 2024 23:20:02 +0000
cups (2.4.7-1ubuntu2) noble; urgency=medium
* No-change rebuild against libgnutls30t64
-- Steve Langasek <steve.langasek@ubuntu.com> Sun, 10 Mar 2024 02:03:25 +0000
cups (2.4.7-1ubuntu1) noble; urgency=low
* Merge from Debian unstable. Remaining changes:
- Added "--enable-snapped-clients" to the "./configure" options to use
the correct Snap mediation mode for an unsnapped cupsd, like provided
by this package.
- In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
to allow cupsd to determine which interfaces a snapped client
is plugging.
- Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
Snap mediation.
- Added fully automatic generation of PPD option setting presets to
be applied depending on the settings of the job IPP attributes
"print-color-mode", "print-quality", and "print-content-optimize".
This allows easy control of any printer with only standard IPP
attributes, as for example from a phone (functionality overtaken
from cups-filters, mot (yet) upstream in CUPS).
- In debian/rules updated ./configure arguments from --enable-gnutls to
--with-tls=gnutls. Now libcups has support for all hash types again,
especially can provide sha2-256 to PAPPL.
- In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
* Removed patches included upstream:
- CVE-2023-4504.patch
-- Till Kamppeter <till.kamppeter@gmail.com> Wed, 28 Feb 2024 20:07:19 +0100
cups (2.4.7-1) unstable; urgency=medium
* Update to new upstream version 2.4.7.
(Closes: #1039983 this should have been fixed in 2.4.3)
(Closes: #1041466 this should have been fixed in 2.4.3)
(Closes: #1043331 this should have been fixed in 2.4.3)
(Closes: #998004 this should have been fixed in 2.4.3)
(Closes: #1008053 this should have been fixed in 2.4.3)
(Closes: #1009146 this should have been fixed in 2.4.3)
(Closes: #1009147 this should have been fixed in 2.4.3)
* debian/watch: update watch file (Closes: #1043470)
(thanks a lot to t3b4in+2gxh764v647us@cs.email)
* debian/rules: switch on testing again
* debian/control: bump standard to 4.6.2 (no changes)
* debian/cups-daemon.NEWS: reword last entry (Closes: #1052419)
(thanks to IOhannes m zmoelnig)
* debian/local/apparmor-profile: add drop-in for cups-pdf as well
(Closes: #954974)
* Provide a cups.pc file. (Closes: #971625)
(thanks a lot to Helmut Grohne for the patch)
* update debian/*.lintian-overrides and use new syntax
-- Thorsten Alteholz <debian@alteholz.de> Fri, 06 Oct 2023 20:16:49 +0200
cups (2.4.6-0ubuntu3) mantic; urgency=medium
* Let pkg-config data file cups.pc get installed into
/usr/lib/<ARCH>/pkgconfig/
* Include pkg-config data file cups.pc in libcups2-dev
-- Till Kamppeter <till.kamppeter@gmail.com> Tue, 26 Sep 2023 14:56:43 +0200
cups (2.4.6-0ubuntu2) mantic; urgency=medium
* SECURITY UPDATE: Postscript parsing heap overflow
- debian/patches/CVE-2023-4504.patch: properly check for end of buffer
in cups/raster-interpret.c.
- CVE-2023-4504
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 20 Sep 2023 12:42:21 -0400
cups (2.4.6-0ubuntu1) mantic; urgency=medium
* Update to new upstream version 2.4.6.
- Fix printing multiple files on specific printers (Upstream issue #643)
-- Till Kamppeter <till.kamppeter@gmail.com> Wed, 16 Aug 2023 21:53:43 +0200
cups (2.4.5-0ubuntu2) mantic; urgency=medium
* SECURITY UPDATE: use-after-free in cupsdAcceptClient()
- debian/patches/CVE-2023-34241.patch: log result of httpGetHostname
BEFORE closing the connection in scheduler/client.c.
- CVE-2023-34241
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 22 Jun 2023 12:06:19 -0400
cups (2.4.5-0ubuntu1) mantic; urgency=medium
* Update to new upstream version 2.4.5.
- Fixes color printing on printers with "CMYK" choice instead of "RGB"
in "ColorModel" option of their PPD (Upstream issues #451 and #500,
LP: 1971242).
* Merge from Debian unstable. Remaining changes:
- Added "--enable-snapped-clients" to the "./configure" options to use
the correct Snap mediation mode for an unsnapped cupsd, like provided
by this package.
- In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
to allow cupsd to determine which interfaces a snapped client
is plugging.
- Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
Snap mediation.
- Added fully automatic generation of PPD option setting presets to
be applied depending on the settings of the job IPP attributes
"print-color-mode", "print-quality", and "print-content-optimize".
This allows easy control of any printer with only standard IPP
attributes, as for example from a phone (functionality overtaken
from cups-filters, mot (yet) upstream in CUPS).
- In debian/rules updated ./configure arguments from --enable-gnutls to
--with-tls=gnutls. Now libcups has support for all hash types again,
especially can provide sha2-256 to PAPPL.
- When polling capabilities of a driverless printer via
get-printer-attributes IPP request, do a separate poll of the
media-col-database attribute in case it did not get obtained by the
first polls.
- In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
* Manually refreshed patch 9100-ppd-cache-add-auto-presets.patch.
* Removed patches included upstream:
- 9110-create-local-printer-localhost-fix.patch
- CVE-2022-26691-2.patch
- snapd-glib-2.patch
- poll-media-col-database-separately.patch
- CVE-2023-32324.patch
-- Till Kamppeter <till.kamppeter@gmail.com> Wed, 14 Jun 2023 15:38:00 +0200
cups (2.4.2-6) unstable; urgency=medium
* CVE-2023-4504
Postscript parsing heap-based buffer overflow
* CVE-2023-32360 (Closes: #1051953)
authentication issue
-- Thorsten Alteholz <debian@alteholz.de> Tue, 19 Sep 2023 21:20:27 +0200
cups (2.4.2-5) unstable; urgency=medium
* CVE-2023-34241 (Closes: #1038885)
use-after-free in cupsdAcceptClient()
-- Thorsten Alteholz <debian@alteholz.de> Wed, 21 Jun 2023 22:30:27 +0200
cups (2.4.2-4) unstable; urgency=medium
* CVE-2023-32324
A heap buffer overflow vulnerability would allow a remote attacker to
lauch a dos attack.
-- Thorsten Alteholz <debian@alteholz.de> Wed, 31 May 2023 21:30:27 +0200
cups (2.4.2-3ubuntu3) mantic; urgency=medium
* SECURITY UPDATE: DoS via buffer overflow in format_log_line
- debian/patches/CVE-2023-32324.patch: check _cups_strlcpy size in
cups/string.c.
- CVE-2023-32324
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 25 May 2023 08:37:20 -0400
cups (2.4.2-3ubuntu2) lunar; urgency=low
* In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
-- Till Kamppeter <till.kamppeter@gmail.com> Mon, 27 Mar 2023 23:12:00 +0200
cups (2.4.2-3ubuntu1) lunar; urgency=low
* Merge from Debian unstable. Remaining changes:
- Added "--enable-snapped-clients" to the "./configure" options to use
the correct Snap mediation mode for an unsnapped cupsd, like provided
by this package.
- In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
to allow cupsd to determine which interfaces a snapped client
is plugging.
- Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
Snap mediation.
- Added fully automatic generation of PPD option setting presets to
be applied depending on the settings of the job IPP attributes
"print-color-mode", "print-quality", and "print-content-optimize".
This allows easy control of any printer with only standard IPP
attributes, as for example from a phone (functionality overtaken
from cups-filters, mot (yet) upstream in CUPS).
- Fixed printing on temporary CUPS queues for local services, like
IPP-over-USB or Printer Applications. Especially when printing from
the GTK print dialog printing on such queues did not work (Upstream
pull request #353, LP: #1965112).
- Comment in CVE-2022-26691 patch fixed.
- In debian/rules updated ./configure arguments from --enable-gnutls to
--with-tls=gnutls. Now libcups has support for all hash types again,
especially can provide sha2-256 to PAPPL.
- When polling capabilities of a driverless printer via
get-printer-attributes IPP request, do a separate poll of the
media-col-database attribute in case it did not get obtained by the
first polls.
- Patch to build with snapd-glib-2
* Refreshed patches 9100-ppd-cache-add-auto-presets.patch and
9110-create-local-printer-localhost-fix.patch with quilt.
-- Till Kamppeter <till.kamppeter@gmail.com> Sun, 26 Mar 2023 21:01:00 +0200
cups (2.4.2-3) unstable; urgency=medium
[ Helge Kreutzmann ]
* update translations (Closes: #1032833)
* add more translated man pages to binary packages (Closes: #1032621)
[ Thorsten Alteholz]
* fix typo in French translation
* debian/rules: remove link handling for manpages of cups-ipp-utils
-- Thorsten Alteholz <debian@alteholz.de> Sun, 26 Mar 2023 10:54:05 +0200
cups (2.4.2-2) unstable; urgency=medium
[ Helge Kreutzmann ]
* Update German man page (2220t)
[ Thorsten Alteholz]
* debian/control: add Recommends: avahi-daemon to cups-ipp-utils
(Closes: #904605)
* debian/manpage-po4a: add Portuguese translation
(Closes: #1001890)
* add ippevepcl and ippeveps (and manpages) to cups-ipp-utils
(Closes: #990410)
-- Thorsten Alteholz <debian@alteholz.de> Sun, 26 Feb 2023 12:54:05 +0100
cups (2.4.2-1ubuntu4) lunar; urgency=medium
* In debian/rules updated ./configure arguments from --enable-gnutls to
--with-tls=gnutls. Now libcups has support for all hash types again,
especially can provide sha2-256 to PAPPL.
-- Till Kamppeter <till.kamppeter@gmail.com> Wed, 8 Feb 2023 00:07:31 +0100
cups (2.4.2-1ubuntu3) kinetic; urgency=medium
* When polling capabilities of a driverless printer via
get-printer-attributes IPP request, do a separate poll
of the media-col-database attribute in case it did not
get obtained by the first polls.
-- Till Kamppeter <till.kamppeter@gmail.com> Sat, 21 Jan 2023 14:27:31 -0300
cups (2.4.2-1ubuntu2) kinetic; urgency=medium
* Add patch to build with snapd-glib-2
-- Jeremy Bicha <jbicha@ubuntu.com> Thu, 25 Aug 2022 21:54:33 -0400
cups (2.4.2-1ubuntu1) kinetic; urgency=low
* Merge from Debian unstable. Remaining changes:
- Added "--enable-snapped-clients" to the "./configure" options to use
the correct Snap mediation mode for an unsnapped cupsd, like provided
by this package.
- In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
to allow cupsd to determine which interfaces a snapped client
is plugging.
- Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
Snap mediation.
- Added fully automatic generation of PPD option setting presets to
be applied depending on the settings of the job IPP attributes
"print-color-mode", "print-quality", and "print-content-optimize".
This allows easy control of any printer with only standard IPP
attributes, as for example from a phone (functionality overtaken
from cups-filters, mot (yet) upstream in CUPS).
- Fixed printing on temporary CUPS queues for local services, like
IPP-over-USB or Printer Applications. Especially when printing from
the GTK print dialog printing on such queues did not work (Upstream
pull request #353, LP: #1965112).
- Comment in CVE-2022-26691 patch fixed.
-- Till Kamppeter <till.kamppeter@gmail.com> Mon, 06 Jun 2022 20:20:31 +0200
cups (2.4.2-1) unstable; urgency=medium
* Update to new upstream version 2.4.2.
* debian/rules: temporarily deactivate tests
(one test fails due to only generating 4 of 14 expected warnings)
-- Thorsten Alteholz <debian@alteholz.de> Thu, 26 May 2022 12:54:05 +0200
cups (2.4.1op1-2) unstable; urgency=medium
* debian/rules: in latest cups version, root is no longer automatically
added to SystemGroup in cups-files.conf, so add
--with-system-groups="root lpadmin"
to configure step
(Closes: #1006849 #1006727 #876207)
-- Thorsten Alteholz <debian@alteholz.de> Mon, 07 Mar 2022 22:08:09 +0100
cups (2.4.1op1-1ubuntu5) kinetic; urgency=medium
* SECURITY UPDATE: Local authorization cert bypass
- debian/patches/CVE-2022-26691-1.patch: fix string comparison in
scheduler/cert.c.
- debian/patches/CVE-2022-26691-2.patch: fix the comment in
scheduler/cert.c.
- CVE-2022-26691
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 27 May 2022 07:53:01 -0400
cups (2.4.1op1-1ubuntu4) jammy; urgency=low
* Fixed PPD file auto-generation when a print queue is created with
a DNS-SD-service-name-based URI and "-m everywhere" backporting the
fix from upstream (Upstream issue #340, #343).
-- Till Kamppeter <till.kamppeter@gmail.com> Sat, 19 Mar 2022 00:07:00 +0100
cups (2.4.1op1-1ubuntu3) jammy; urgency=low
* Fixed crasher in the patch for temporary queues for local services
in the previous release. Updated the patch and the upstream pull
request (LP: #1965112, Upstream pull request #353).
-- Till Kamppeter <till.kamppeter@gmail.com> Wed, 16 Mar 2022 18:24:08 +0100
cups (2.4.1op1-1ubuntu2) jammy; urgency=low
* Fixed printing on temporary CUPS queues for local services, like
IPP-over-USB or Printer Applications. Especially when printing from
the GTK print dialog printing on such queues did not work (Upstream
pull request #353).
-- Till Kamppeter <till.kamppeter@gmail.com> Mon, 14 Mar 2022 09:13:08 +0100
cups (2.4.1op1-1ubuntu1) jammy; urgency=low
* Merge from Debian unstable. Remaining changes:
- Added "--enable-snapped-clients" to the "./configure" options to use
the correct Snap mediation mode for an unsnapped cupsd, like provided
by this package.
- Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
default, as CUPS always worked this way but the new patch for
supporting the "cups-control" interface of Snaps does not allow
implicit permission to everything for root any more.
- In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
to allow cupsd to determine which interfaces a snapped client
is plugging.
- Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
Snap mediation.
- Added fully automatic generation of PPD option setting presets to
be applied depending on the settings of the job IPP attributes
"print-color-mode", "print-quality", and "print-content-optimize".
This allows easy control of any printer with only standard IPP
attributes, as for example from a phone (functionality overtaken
from cups-filters, mot (yet) upstream in CUPS).
* Updated 9100-ppd-cache-add-auto-presets.patch
-- Till Kamppeter <till.kamppeter@gmail.com> Tue, 22 Feb 2022 12:28:08 +0100
cups (2.4.1op1-1) unstable; urgency=medium
* new upstream release
* debian/patches/*: update and rebase
* debian/control: add myself to Uploaders:
* debian/copyright: remove unused BSD-3 license
* exlucde some newly generated files
* update symbols files
* move back to gbp based workflow
(git debrebase and dgit do not work in my world)
-- Thorsten Alteholz <debian@alteholz.de> Sun, 20 Feb 2022 20:08:09 +0100
cups (2.3.3op2-7ubuntu2) impish; urgency=low
* Updated patch for auto-generation of PPD presets to patch proposed
upstream (Upstream pull request #236) due to added PPD options taken into
account.
-- Till Kamppeter <till.kamppeter@gmail.com> Fri, 10 Sep 2021 19:20:00 +0200
cups (2.3.3op2-7ubuntu1) impish; urgency=low
* Merge from Debian unstable. Remaining changes:
- Added extra checking when administrative requests (create queue,
remove someone else's job, ...) reach cupsd. If the client is a Snap,
it has to plug the cups-control interface to be allowed to do the
task. Added libapparmor-dev and libsnapd-glib-dev to the build
dependencies. Also added needed permissions to AppArmor profile.
- Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
default, as CUPS always worked this way but the new patch for
supporting the "cups-control" interface of Snaps does not allow
implicit permission to everything for root any more.
- Added "--enable-snapped-clients"
to the "./configure" options to use the correct checking mode for an
unsnapped cupsd, like provided by this package.
- Added fully automatic generation of PPD option setting presets to
be applied depending on the settings of the job IPP attributes
"print-color-mode", "print-quality", and "print-content-optimize".
This allows easy control of any printer with only standard IPP
attributes, as for example from a phone (functionality overtaken
from cups-filters, mot (yet) upstream in CUPS).
* Updated patch for auto-generation of PPD presets to patch proposed
upstream (Upstream pull request #236).
-- Till Kamppeter <till.kamppeter@gmail.com> Mon, 06 Sep 2021 21:26:41 +0200
cups (2.3.3op2-7) unstable; urgency=medium
[ Didier Raboud ]
* Remove myself from Uploaders
[ Roger Lynn ]
* Apparmor: allow CUPS to read /etc/letsencrypt/archive/ (Closes: #992378)
-- Didier Raboud <odyx@debian.org> Mon, 06 Sep 2021 12:08:09 +0200
cups (2.3.3op2-6) unstable; urgency=medium
* Migrate to unstable
* Packaging cleanup
- Update S-V to 4.6.0 without changes needed
- Remove 3 obsolete maintscript entries
-- Didier Raboud <odyx@debian.org> Tue, 24 Aug 2021 15:38:05 +0200
cups (2.3.3op2-5ubuntu1) impish; urgency=low
* Merge from Debian unstable. Remaining changes:
- Added extra checking when administrative requests (create queue,
remove someone else's job, ...) reach cupsd. If the client is a Snap,
it has to plug the cups-control interface to be allowed to do the
task. Added libapparmor-dev and libsnapd-glib-dev to the build
dependencies. Also added needed permissions to AppArmor profile.
- Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
default, as CUPS always worked this way but the new patch for
supporting the "cups-control" interface of Snaps does not allow
implicit permission to everything for root any more.
- Added "--enable-snapped-clients"
to the "./configure" options to use the correct checking mode for an
unsnapped cupsd, like provided by this package.
* Added fully automatic generation of PPD option setting presets to
be applied depending on the settings of the job IPP attributes
"print-color-mode", "print-quality", and "print-content-optimize".
This allows easy control of any printer with only standard IPP
attributes, as for example from a phone (functionality overtaken
from cups-filters, mot (yet) upstream in CUPS).
-- Till Kamppeter <till.kamppeter@gmail.com> Tue, 17 Aug 2021 23:47:41 +0200
cups (2.3.3op2-5) experimental; urgency=low
* Backport 2 upstream USB backend fixes:
- Revert enforcing read limits (caused a regression with Lexmark filters)
- Use 60s timeout (instead of 250ms) for reading at backchannel, as some
older models malfunction if timeout is too short (Closes: #989073)
-- Didier Raboud <odyx@debian.org> Thu, 27 May 2021 09:07:26 +0200
cups (2.3.3op2-4) experimental; urgency=medium
[ Helge Kreutzmann ]
* Update German man page (2212t)
[ Didier Raboud ]
* Reorder and cleanup patch queue by replacing some by upstream's
* Drop ancient symlink handling in preinsts (Closes: #986165)
-- Didier Raboud <odyx@debian.org> Wed, 31 Mar 2021 08:56:11 +0200
cups (2.3.3op2-3+deb11u1) unstable; urgency=medium
* Backport 2 upstream USB backend fixes:
- Revert enforcing read limits (caused a regression with Lexmark filters)
- Use 60s timeout (instead of 250ms) for reading at backchannel, as some
older models malfunction if timeout is too short (Closes: #989073)
-- Didier Raboud <odyx@debian.org> Thu, 27 May 2021 08:49:36 +0200
cups (2.3.3op2-3ubuntu3) hirsute; urgency=low
* Updated AppArmor profile entries for CUPS accessing snapd to
check whether a client is a Snap and which interfaces it plugs to.
-- Till Kamppeter <till.kamppeter@gmail.com> Fri, 19 Mar 2021 18:26:41 +0100
cups (2.3.3op2-3ubuntu2) hirsute; urgency=low
* Replaced patch for extra checking of admin requests from snapped
clients by the current upstream code. Added "--enable-snapped-clients"
to the "./configure" options to use the correct checking mode for an
unsnapped cupsd, like provided by this package.
-- Till Kamppeter <till.kamppeter@gmail.com> Fri, 19 Mar 2021 16:32:41 +0100
cups (2.3.3op2-3ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- Added extra checking when administrative requests (create queue,
remove someone else's job, ...) reach cupsd. If the client is a Snap,
it has to plug the cups-control interface to be allowed to do the
task. Added libapparmor-dev and libsnapd-glib-dev to the build
dependencies. Also added needed permissions to AppArmor profile.
- Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
default, as CUPS always worked this way but the new patch for
supporting the "cups-control" interface of Snaps does not allow
implicit permission to everything for root any more.
* Clean up "Build-Depends:" to be in sync with Debian (delta overlooked
for near a decade when cups-filters was introduced in 2012), removing
the unneeded entries: ghostscript, libavahi-compat-libdnssd-dev,
libfontconfig1-dev, libfreetype6-dev, libijs-dev, libjpeg-dev,
libldap2-dev, libpng-dev, libtiff-dev, poppler-utils, sharutils
* Removed the changes on the machine-generated "configure" file in the
patch for checking snapped clients, the changes easily mis-match on
updates and we run "autoconf" in debian/rules anyway.
-- Till Kamppeter <till.kamppeter@gmail.com> Fri, 12 Feb 2021 20:44:41 +0100
cups (2.3.3op2-3) unstable; urgency=medium
[ Helge Kreutzmann ]
* Update German man page (2212t)
[ Didier Raboud ]
* Wrap-and-sort -baskt, keep comments
* Let cups.1 point to client.conf.5, not client.conf.7 (Closes: #982303)
* Make CUPS reproducible by patching it to;
- skip the httpAddrGetHostname() test (that fails under reprotest)
- skip the stp tests if ran as root, without aborting
- run testlang for each provided CUPS locale only
-- Didier Raboud <odyx@debian.org> Fri, 12 Feb 2021 14:09:29 +0100
cups (2.3.3op2-2) unstable; urgency=medium
* Bump debhelper compat to 13, document not-installed files
-- Didier Raboud <odyx@debian.org> Wed, 03 Feb 2021 13:13:18 +0100
cups (2.3.3op2-1) unstable; urgency=medium
* New OpenPrinting 2.3.3op2 release
- CVE-2020-10001: Fixed a buffer (read) overflow in the `ippReadIO`
function
- Drop 4 patches merged upstream
* Update d/copyright authors and years
-- Didier Raboud <odyx@debian.org> Tue, 02 Feb 2021 21:20:06 +0100
cups (2.3.3op1-7) unstable; urgency=medium
[ Helmut Grohne ]
* Reduce Build-Depends, move dh_apparmor to B-D-A (Closes: #980104)
-- Didier Raboud <odyx@debian.org> Fri, 15 Jan 2021 12:11:30 +0100
cups (2.3.3op1-6) unstable; urgency=medium
[ Till Kamppeter ]
* In the AppArmor profile, allow cupsd to write to /run/systemd/notify to
notify that it is up and running (systemd service type "notify")
-- Didier Raboud <odyx@debian.org> Mon, 11 Jan 2021 08:31:58 +0100
cups (2.3.3op1-5ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- Added extra checking when administrative requests (create queue,
remove someone else's job, ...) reach cupsd. If the client is a Snap,
it has to plug the cups-control interface to be allowed to do the
task. Added libapparmor-dev and libsnapd-glib-dev to the build
dependencies. Also added needed permissions to AppArmor profile.
- Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
default, as CUPS always worked this way but the new patch for
supporting the "cups-control" interface of Snaps does not allow
implicit permission to everything for root any more.
* In the AppArmor profile allow cupsd to write to /run/systemd/notify
to notify that it is up and running (systemd service type "notify").
-- Till Kamppeter <till.kamppeter@gmail.com> Fri, 08 Jan 2021 19:07:00 +0100
cups (2.3.3op1-5) unstable; urgency=medium
* Update Homepage and Source fields to point
https://github.com/OpenPrinting/cups/ as Debian's using the OpenPrinting
(friendly) fork (Closes: #979461)
-- Didier Raboud <odyx@debian.org> Fri, 08 Jan 2021 11:35:18 +0100
cups (2.3.3op1-4) unstable; urgency=medium
* Drop ancient manual link-doc setting in cups-bsd.postinst
* Let cups.service start after nslcd.service (Closes: #977198)
-- Didier Raboud <odyx@debian.org> Wed, 23 Dec 2020 14:53:09 +0100
cups (2.3.3op1-3ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- Added extra checking when administrative requests (create queue,
remove someone else's job, ...) rach cupsd. If the client is a Snap,
it has to plug the cups-control interface to be allowed to do the
task. Added libapparmor-dev and libsnapd-glib-dev to the build
dependencies. Also added needed permissions to AppArmor profile.
- Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
default, as CUPS always worked this way but the new patch for
supporting the "cups-control" interface of Snaps does not allow
implicit permission to everything for root any more.
-- Till Kamppeter <till.kamppeter@gmail.com> Fri, 14 Dec 2020 12:47:34 +0100
cups (2.3.3op1-3) unstable; urgency=medium
[ Helge Kreutzmann ]
* Update German man page (2211t)
[ Didier Raboud ]
* Patch configure scripts to fix FTBFS on freebsd-gnu systems
-- Didier Raboud <odyx@debian.org> Fri, 04 Dec 2020 10:32:55 +0100
cups (2.3.3op1-2) unstable; urgency=medium
* Backport upstream "Force a 5 second sleep to wait for the job control file
to be written" patch, to address s390x test suite timing issue
-- Didier Raboud <odyx@debian.org> Sat, 28 Nov 2020 16:50:59 +0100
cups (2.3.3op1-1) unstable; urgency=medium
* Use OpenPrinting CUPS fork instead of Apple's codebase
- Update d/upstream/metadata, d/watch
- d/upstream/signing-key.asc: Swap Apple's with Michael R Sweet's
* Large patch-suite cleanup thanks to lots of Debian proposals merged
upstream; from 40 to 9;
- Reorder (upstream-mergeable first, Debian-specific later)
- Reword and refresh metadata for the last patches
* Set Debian customizations in d/rules instead of patches;
- Set --with-max-log-size=0
- Set --enable-sync-on-close
- Set --with-error-policy=retry-job
* Packaging cleanup;
- Drop the Debian-specific systemd units' renaming, now upstream
- Drop pre-oldstable postinst ConfigFilePerm handling
- Add missing BSD-2-Clause block in debian/copyright
- Convert debian/po files to UTF-8
- Drop --as-needed as it's now default in Debian
- Drop Ubuntu-specific patch handling, in favour of compile-time option
for --disable-browsing
- Bump S-V to 4.5.1 without changes needed
- Use debian/main as head branch; update d/gbp.conf accordingly
- Drop outdated d/source/options
* Refresh manpage translation pofiles for 2.3.3op1
-- Didier Raboud <odyx@debian.org> Fri, 27 Nov 2020 17:27:21 +0100
cups (2.3.3-4) unstable; urgency=medium
* Drop Ubuntu "Make lpoptions list a printer's options correctly also when
CUPS is running on an alternative port" patch, refused upstream
(Closes: #970725)
* Use upstream-merged patches for fax numbers' fix and rastertopwg rounding
-- Didier Raboud <odyx@debian.org> Tue, 24 Nov 2020 08:49:46 +0100
cups (2.3.3-3ubuntu1) groovy; urgency=medium
* Merged with Debian unstable. Remaining changes:
- Added extra checking when administrative requests (create queue,
remove someone else's job, ...) rach cupsd. If the client is a Snap,
it has to plug the cups-control interface to be allowed to do the
task. Added libapparmor-dev and libsnapd-glib-dev to the build
dependencies. Also added needed permissions to AppArmor profile.
* Build CUPS with "SystemGroup lpadmin root" in cups-files.conf by
defualt, as CUPS always worked this way but the new patch for
supporting the "cups-control" interface of Snaps does not allow
implicit permission to everything for root any more.
-- Till Kamppeter <till.kamppeter@gmail.com> Fri, 4 Sep 2020 19:00:00 +0200
cups (2.3.3-3) unstable; urgency=medium
[ Didier Raboud ]
* Set lintian overrides for non-changeable upstream choices
* Add missing Build-Depends-Package in symbols' files
[ Till Kamppeter ]
* Resolve DNS-SD-service-name-based URIs correctly also if they are
from a service from localhost (like IPP-over-USB, Printer
Application, ...)
* Make lpoptions list a printer's options correctly also when CUPS is
running on an alternative port
* Fix fax numbers supplied via GTK print dialog, removing a "Custom."
prefix; do not choke if the GTK dialog sends "None" as phone number
or pre-dial prefix
* Let the rastertopwg filter check rounding errors when calculating
the page geometry
-- Didier Raboud <odyx@debian.org> Thu, 03 Sep 2020 09:27:04 +0200
cups (2.3.3-2ubuntu5) groovy; urgency=medium
* In all autopkgtests modify set "LogLevel debug2" in cupsd.conf and
"SystemGroup lpadmin root" in cups-files.conf and restart cupsd,
the former change to more easily find out what failed and the latter
as the default configuration did not allow root to create queues,
making all tests fail.
-- Till Kamppeter <till.kamppeter@gmail.com> Thu, 27 Aug 2020 23:18:00 +0200
cups (2.3.3-2ubuntu4) groovy; urgency=medium
* Let the rastertopwg filter check rounding errors when calculating the
page geometry.
-- Till Kamppeter <till.kamppeter@gmail.com> Wed, 27 Aug 2020 10:22:00 +0200
cups (2.3.3-2ubuntu3) groovy; urgency=medium
* Do not choke if the GTK dialog sends "None" as phone number or pre-dial
prefix.
-- Till Kamppeter <till.kamppeter@gmail.com> Wed, 26 Aug 2020 22:33:00 +0200
cups (2.3.3-2ubuntu2) groovy; urgency=medium
* Fix fax numbers supplied via GTK print dialog, removing a "Custom."
prefix.
-- Till Kamppeter <till.kamppeter@gmail.com> Wed, 26 Aug 2020 13:03:00 +0200
cups (2.3.3-2ubuntu1) groovy; urgency=medium
* Added extra checking when administrative requests (create queue,
remove someone else's job, ...) rach cupsd. If the client is a Snap,
it has to plug the cups-control interface to be allowed to do the
task. Added libapparmor-dev and libsnapd-glib-dev to the build
dependencies. Also added needed permissions to AppArmor profile.
* Resolve DNS-SD-service-name-based URIs correctly also if they are from
a service from localhost (like IPP-over-USB, Printer Application, ...)
* Make lpoptions list a printer's options correctly also when CUPS is
running on an alternative port.
-- Till Kamppeter <till.kamppeter@gmail.com> Tue, 25 Aug 2020 21:34:00 +0200
cups (2.3.3-2) unstable; urgency=medium
* Add missing dh-strip-nondeterminism B-D
* cups-daemon: Add ipp-usb Recommends
-- Didier Raboud <odyx@debian.org> Thu, 03 Sep 2020 08:54:55 +0200
cups (2.3.3-1) unstable; urgency=medium
* New 2.3.3 upstream release, with the two -12 security patches
-- Didier Raboud <odyx@debian.org> Fri, 01 May 2020 15:28:22 +0200
cups (2.3.1-12) unstable; urgency=medium
* Backport two security patches
- CVE-2020-3898: heap-buffer-overflow in libcups’s ppdFindOption()
function in ppd-mark.c
- CVE-2019-8842: The `ippReadIO` function may under-read an extension
field
-- Didier Raboud <odyx@debian.org> Sat, 25 Apr 2020 16:13:13 +0200
cups (2.3.1-11) unstable; urgency=medium
* CI Tests: fix cups-basiccommands:
- swap awk with sed;
- filter stderr away from known errors
- add missing cups-bsd depends to test lpr commands
-- Didier Raboud <odyx@debian.org> Mon, 24 Feb 2020 19:40:39 +0100
cups (2.3.1-10) unstable; urgency=medium
* Add Requires=cups.socket to cups.service, to make sure they start in
the right order
* CI Tests: Add a test for all CUPS' basic commands, thanks to RedHat
* Add Pre-Depends: ${misc:Pre-Depends} to cups-daemon to fix
skip-systemd-native-flag-missing-pre-depends lintian flag
* Add patch proposal from RedHat to fix leakage of ppd (Issue: #5738)
-- Didier Raboud <odyx@debian.org> Mon, 24 Feb 2020 12:25:39 +0100
cups (2.3.1-9) unstable; urgency=medium
* CI Tests: Ensure the job files are non-empty; should detect more
regressions
-- Didier Raboud <odyx@debian.org> Sat, 22 Feb 2020 17:19:46 +0100
cups (2.3.1-8) unstable; urgency=medium
* Add patch to fix cupsctl when loading cupsd.conf (Issue: #5744)
-- Didier Raboud <odyx@debian.org> Sat, 22 Feb 2020 14:34:48 +0100
cups (2.3.1-7) unstable; urgency=medium
* Add patch to fix conversion of PPD InputSlot choice names; this should fix
printers ignoring the paper tray selection (Issue: #5740, Closes: #949315)
* lintian-brush:
- Set upstream metadata fields: Bug-Database, Repository, Repository-Browse
- Rewrap some d/changelog entries
-- Didier Raboud <odyx@debian.org> Mon, 17 Feb 2020 09:19:56 +0100
cups (2.3.1-6) unstable; urgency=medium
* Patch test suite to also ignore 'Job held' lines in error_log line
counting
-- Didier Raboud <odyx@debian.org> Sat, 08 Feb 2020 11:52:44 +0100
cups (2.3.1-5) unstable; urgency=medium
* Move towards driverless-centered installation:
- Drop all printer-driver-* and hplip recommends/suggests
* Cleanup all versions from pre- Debian stable
* Bump S-V to 4.5.0 without changes needed
-- Didier Raboud <odyx@debian.org> Fri, 07 Feb 2020 17:08:48 +0100
cups (2.3.1-4) unstable; urgency=medium
* Cleanup patch queue for cups' bts URLs and patch names
* Update README.Debian to remove leftover SystemdIdleExit references
-- Didier Raboud <odyx@debian.org> Thu, 30 Jan 2020 20:35:47 +0100
cups (2.3.1-2) unstable; urgency=medium
* Drop pwg-raster-attributes.patch
* Amend 2.3.1-1 changelog entry to add missing Ubuntu package drop and CVE
bug closure
-- Didier Raboud <odyx@debian.org> Sun, 26 Jan 2020 15:23:24 +0100
cups (2.3.1-1) unstable; urgency=medium
[ Didier Raboud ]
* New 2.3.1 upstream release:
- CVE-2019-2228: The `ippSetValuetag` function did not validate the
default language value (Closes: #946782)
[ Steve Langasek ]
* On Ubuntu i386, drop cups and cups-core-drivers (Closes: #947185)
[ Helge Kreutzmann ]
* Update German man page (2207t)
-- Didier Raboud <odyx@debian.org> Tue, 24 Dec 2019 13:02:06 +0100
cups (2.3.0-7) unstable; urgency=medium
* Packaging cleanup:
- Set upstream metadata fields: Repository
- Rely on pre-initialized dpkg-architecture variables
- Fix day-of-week for changelog entries 1.0.1-1
- Bump Standards-Version to 4.4.1 without changes needed
- Replace dh-exec usage with manual renaming in debian/rules
-- Didier Raboud <odyx@debian.org> Wed, 06 Nov 2019 08:57:40 +0100
cups (2.3.0-6) unstable; urgency=medium
[ Didier Raboud ]
* Tests-drivers: Cleanup output
[ intrigeri ]
* AppArmor: support cups-pdf "Out" directory pointing to almost anywhere
below $HOME (Closes: #940578)
-- Didier Raboud <odyx@debian.org> Thu, 31 Oct 2019 08:44:29 +0100
cups (2.3.0-5) unstable; urgency=medium
* Let the test-drivers script stop waiting when a filter is allegedly
failed, and give context
-- Didier Raboud <odyx@debian.org> Sat, 21 Sep 2019 09:41:44 +0200
cups (2.3.0-4) unstable; urgency=medium
[ Helge Kreutzmann ]
* Update German man page (2197t)
-- Didier Raboud <odyx@debian.org> Fri, 20 Sep 2019 15:03:47 +0200
cups (2.3.0-3) unstable; urgency=low
* Fix autopkgtests for real; refactor lpadmin stderr filtering
-- Didier Raboud <odyx@debian.org> Fri, 06 Sep 2019 09:32:07 +0200
cups (2.3.0-2) unstable; urgency=low
[ Helge Kreutzmann ]
* Update German man page (2100t58f39u)
[ Didier Raboud ]
* Fix autopkgtest by filtering away known stderr messages
-- Didier Raboud <odyx@debian.org> Thu, 05 Sep 2019 09:33:20 +0200
cups (2.3.0-1) unstable; urgency=low
* New 2.3.0 upstream release, to unstable
- CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows
- Fixed IPP buffer overflow
- Fixed memory disclosure and DoS issues in the scheduler
- CUPS is now provided under the Apache License, Version 2.0, with a
GPL2/LGPL2 exception
* Rewrite debian/copyright with the above license change, install the
NOTICE file
* Refresh manpage translations
* Refresh upstream metadata
* Bump S-V to 4.4 without changes needed
-- Didier Raboud <odyx@debian.org> Mon, 02 Sep 2019 13:19:18 +0200
cups (2.3~rc1-2) experimental; urgency=medium
* Merge 2.2.12-1 from unstable
* Add missing colon in closes line.
* Set upstream metadata fields: Contact, Name.
* Bump debhelper from old 11 to 12.
-- Didier Raboud <odyx@debian.org> Sun, 18 Aug 2019 16:58:09 +0200
# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog libcups2t64`.
Generated by dwww version 1.16 on Sat Jul 11 11:01:14 CEST 2026.