Context Navigation

cups-browsed.xml@ f5e81d6f

Visit:

trunk

Last change on this file since f5e81d6f was 23dd524, checked in by Douglas R. Reno <renodr@…>, 3 days ago

Fix a chain of remote code execution vulnerabilities in CUPS (#20456).

These include the following CVE numbers:

CVE-2024-47176
CVE-2024-47076
CVE-2024-47175
CVE-2024-47177
CVE-2024-47850

Property mode set to 100644

File size: 6.7 KB

Rev	Line
[ab4fdfc]	1	<?xml version="1.0" encoding="UTF-8"?>
[8bb1591]	2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
	3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
	4	<!ENTITY % general-entities SYSTEM "../../general.ent">
	5	%general-entities;
	6
	7	<!ENTITY cups-browsed-download-http
	8	"https://github.com/OpenPrinting/cups-browsed/releases/download/&cups-browsed-version;/cups-browsed-&cups-browsed-version;.tar.xz">
	9	<!ENTITY cups-browsed-download-ftp " ">
[e55cf5f]	10	<!ENTITY cups-browsed-md5sum "b6b5bad9b3bb52afb687702e0b3f6d02">
	11	<!ENTITY cups-browsed-size "420 KB">
	12	<!ENTITY cups-browsed-buildsize "6.1 MB">
[8bb1591]	13	<!ENTITY cups-browsed-time "less than 0.1 SBU (Using parallelism=4)">
	14	]>
	15
	16	<sect1 id="cups-browsed" xreflabel="cups-browsed-&cups-browsed-version;">
	17	<?dbhtml filename="cups-browsed.html"?>
	18
	19
	20	<title>cups-browsed-&cups-browsed-version;</title>
	21
	22	<indexterm zone="cups-browsed">
	23	<primary sortas="a-cups-browsed">cups-browsed</primary>
	24	</indexterm>
	25
	26	<sect2 role="package">
	27	<title>Introduction to cups-browsed</title>
	28
	29	<para>
	30	The <application>cups-browsed</application> daemon is used to
	31	browse the network for remote CUPS queues and IPP network printers
	32	and automatically create local queues pointing to them.
	33	</para>
	34
[3c9b5e9]	35	&lfs122_checked;
[8bb1591]	36
	37	<bridgehead renderas="sect3">Package Information</bridgehead>
	38	<itemizedlist spacing="compact">
	39	<listitem>
	40	<para>
	41	Download (HTTP): <ulink url="&cups-browsed-download-http;"/>
	42	</para>
	43	</listitem>
	44	<listitem>
	45	<para>
	46	Download (FTP): <ulink url="&cups-browsed-download-ftp;"/>
	47	</para>
	48	</listitem>
	49	<listitem>
	50	<para>
	51	Download MD5 sum: &cups-browsed-md5sum;
	52	</para>
	53	</listitem>
	54	<listitem>
	55	<para>
	56	Download size: &cups-browsed-size;
	57	</para>
	58	</listitem>
	59	<listitem>
	60	<para>
	61	Estimated disk space required: &cups-browsed-buildsize;
	62	</para>
	63	</listitem>
	64	<listitem>
	65	<para>
	66	Estimated build time: &cups-browsed-time;
	67	</para>
	68	</listitem>
	69	</itemizedlist>
	70
	71	<bridgehead renderas="sect3">cups-browsed Dependencies</bridgehead>
	72
	73	<bridgehead renderas="sect4">Required</bridgehead>
	74	<para role="required">
[90b85c94]	75	<xref linkend="avahi"/>,
[8bb1591]	76	<xref linkend="libcupsfilters"/> and
	77	<xref linkend="libppd"/>
	78	</para>
	79
[90b85c94]	80	<!-- as of 2.0.0 \-\-disable-avahi is still accepted by configure,
	81	but make fails.https://github.com/OpenPrinting/cups-browsed/issues/21
[8bb1591]	82	<bridgehead renderas="sect4">Recommended</bridgehead>
	83	<para role="recommended">
	84	<xref linkend="avahi"/>
[90b85c94]	85	</para>-->
[8bb1591]	86
	87	<bridgehead renderas="sect4">Optional</bridgehead>
	88	<para role="optional">
	89	<xref linkend="openldap"/>
	90	</para>
	91
	92	</sect2>
	93
	94	<sect2 role="installation">
	95	<title>Installation of cups-browsed</title>
	96
[23dd524]	97	<para>
	98	First, fix a security vulnerability that can be allow for remote code
	99	execution:
	100	<!-- Mitigates the issue by removing the affected support like other
	101	distros are doing -->
	102	</para>
	103
	104	<screen><userinput remap="pre">sed -i '188 s/dnssd cups/dnssd/' configure.ac &&
	105	autoreconf -fiv</userinput></screen>
	106
[8bb1591]	107	<para>
	108	Install <application>cups-browsed</application> by running the
	109	following commands:
	110	</para>
	111
	112	<screen><userinput>./configure --prefix=/usr \
	113	--with-cups-rundir=/run/cups \
	114	--without-rcdir \
	115	--disable-static \
	116	--docdir=/usr/share/doc/cups-browsed-&cups-browsed-version; &&
	117	make</userinput></screen>
	118	<!-- Tests seem to hang, not sure why
	119	<para>
	120	To test the results, issue <command>make check</command>.
	121	</para>
	122	-->
	123	<para>
	124	This package does not come with a functional test suite.
	125	</para>
	126
	127	<para>
	128	Now, as the <systemitem class="username">root</systemitem> user:
	129	</para>
	130
	131	<screen role="root"><userinput>make install</userinput></screen>
	132
	133	<para revision="systemd">
	134	Install the systemd unit by running the following command as the
	135	<systemitem class="username">root</systemitem> user:
	136	</para>
	137
	138	<screen role="root" revision="systemd"><userinput>install -v -m644 daemon/cups-browsed.service /lib/systemd/system/cups-browsed.service</userinput></screen>
	139
	140	</sect2>
	141
	142	<sect2 role="commands">
	143	<title>Command Explanations</title>
	144
	145	<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
	146	href="../../xincludes/static-libraries.xml"/>
	147
	148	<para>
	149	<parameter>--with-cups-rundir=/run/cups</parameter>: Defines the
[eebff7b]	150	directory containing transient printing data. The default
[8bb1591]	151	<filename class="directory">/var/run/cups</filename> is obsolete.
	152	</para>
	153
	154	<para>
	155	<parameter>--without-rcdir</parameter>: This switch disables
	156	installation of the bundled bootscript which is not compatible with BLFS.
	157	</para>
	158
	159	</sect2>
	160
	161	<!-- TODO: Write a bootscript for cups-browsed -->
	162
	163	<sect2 role="configuration" revision="systemd">
	164	<title>Configuring cups-browsed</title>
	165
	166	<sect3 id="cups-browsed-init">
	167	<title>Systemd Unit</title>
	168
	169	<para>
	170	To start the <command>cups-browsed</command> daemon at boot, enable
	171	the previously installed systemd unit by running the following command
	172	as the <systemitem class="username">root</systemitem> user:
	173	</para>
	174
	175	<indexterm zone="cups-browsed cups-browsed-init">
	176	<primary sortas="f-cups-browsed">cups-browsed</primary>
	177	</indexterm>
	178
	179	<screen role="root"><userinput>systemctl enable cups-browsed</userinput></screen>
	180
	181	</sect3>
	182
	183	</sect2>
	184
	185	<sect2 role="content">
	186	<title>Contents</title>
	187
	188	<segmentedlist>
	189	<segtitle>Installed Programs</segtitle>
	190	<segtitle>Installed Libraries</segtitle>
	191	<segtitle>Installed Directories</segtitle>
	192
	193	<seglistitem>
	194	<seg>
	195	cups-browsed
	196	</seg>
	197	<seg>
	198	None
	199	</seg>
	200	<seg>
	201	None
	202	</seg>
	203	</seglistitem>
	204	</segmentedlist>
	205
	206	<variablelist>
	207	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
	208	<?dbfo list-presentation="list"?>
	209	<?dbhtml list-presentation="table"?>
	210
	211	<varlistentry id="cups-browsed-prog">
	212	<term><command>cups-browsed</command></term>
	213	<listitem>
	214	<para>
	215	is a daemon for browsing the Bonjour and CUPS broadcasts of
	216	shared, remote CUPS printers
	217	</para>
	218	<indexterm zone="cups-browsed cups-browsed-prog">
	219	<primary sortas="b-cups-browsed">cups-browsed</primary>
	220	</indexterm>
	221	</listitem>
	222	</varlistentry>
	223
	224	</variablelist>
	225
	226	</sect2>
	227
	228	</sect1>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: pst/printing/cups-browsed.xml@ f5e81d6f

Download in other formats: