Opened 2 years ago

Closed 2 years ago

Last modified 2 years ago

#12407 closed enhancement (fixed)

cups-2.2.12

Reported by: Douglas R. Reno Owned by: Bruce Dubbs
Priority: high Milestone: 9.0
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version

Change History (5)

comment:1 by Bruce Dubbs, 2 years ago

Milestone: 9.19.0

Since they haven't been tagged yet, these can move to milestone 9.0.

comment:2 by Bruce Dubbs, 2 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:3 by Bruce Dubbs, 2 years ago

Changes in CUPS v2.2.12

  • CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows
  • The cupsctl command now prevents setting "cups-files.conf" directives
  • Updated the systemd service file for cupsd
  • The cupsCheckDestSupported function did not check octetString values correctly
  • The scheduler did not encode octetString values like "job-password" correctly for the print filters
  • Restored minimal support for the Emulators keyword in PPD files to allow old Samsung printer drivers to continue to work
  • Timed out job submission now yields an error
  • The footer in the web interface covered some content on small displays
  • The libusb-based USB backend now enforces read limits, improving print speed in many cases
  • Fixed some compatibility issues with old releases of CUPS
  • Fixed a bug in the scheduler job cleanup code
  • "make" failed with GZIP options
  • Added FIPS-140 workarounds for GNU TLS
  • The scheduler no longer provides a default value for the description
  • The lpadmin command did not always update the PPD file for changes to the cupsIPPSupplies and cupsSNMPSupplies keywords
  • The scheduler now uses both the group's membership list as well as the various OS-specific membership functions to determine whether a user belongs to a named group
  • Added USB quirks rule for HP LaserJet 1015
  • Fixed some PPD parser issues
  • The IPP parser no longer allows invalid member attributes in collections
  • Fixed IPP buffer overflow
  • Fixed memory disclosure issue in the scheduler
  • Fixed DoS issues in the scheduler
  • The scheduler would restart continuously when idle and printers were not shared
  • Fixed a command ordering issue in the Zebra ZPL driver.
  • Fixed a memory leak in ppdOpen.

comment:4 by Bruce Dubbs, 2 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 21996.

comment:5 by Douglas R. Reno, 2 years ago

Priority: normalhigh

Retroactively promote to high due to security fixes

Note: See TracTickets for help on using tickets.