Opened 5 months ago
Closed 5 months ago
#20537 closed enhancement (fixed)
cups-browsed-2.1.0
| Reported by: | Bruce Dubbs | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | normal | Milestone: | 12.3 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description ¶
New minor version.
Change History (4)
comment:1 by , 5 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 5 months ago
comment:4 by , 5 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Security bug fix release. Early release of 2.1.0 to fix CVE-2024-47176 and CVE-2024-47850. New features: Removed support for legacy CUPS browsing and for LDAP Legacy CUPS browsing is not needed any more and, our implementation accepting any UDP packet on port 631, causes vulnerabilities, and our LDAP support is does not comply with RFC 7612 and is therefore limited. Fixes CVE-2024-47176 and CVE-2024-47850 Bug fixes: Default BrowseRemoteProtocols should not include cups protocol Works around CVE-2024-47176 and CVE-2024-47850, the fix is the complete removal of legacy CUPS Browsing functionality Do not generate PPD for remote raw queues If the destination queue is raw, the local queue generated by cups-browsed should also be raw (Pull request #44). daemon/cups-browsed.service: Add system-cups.slice The system-cups.slice file is not required. The system-cups slice will be automatically created if the file is missing (cups Pull request #1035, Pull request #35). cups-browsed.c: Remove duplicate #include ... Pull request #40No need for an SA since we already have one, I'll just rework SA-12.2-022.