diff options
| author |   Timo Gurr <tgurr@gentoo.org> | 2008-10-10 19:38:50 +0000 |
|---|---|---|
| committer | Timo Gurr <tgurr@gentoo.org> | 2008-10-10 19:38:50 +0000 |
| commit | b43b251afde434bad8a70968ec43f83042ed5200 (patch) | |
| tree | fea1012708db9df3911f19b82040d6fc4436c34c /net-print/cups | |
| parent | Add ~amd64 keyword (diff) | |
| download | historical-b43b251afde434bad8a70968ec43f83042ed5200.tar.gz historical-b43b251afde434bad8a70968ec43f83042ed5200.tar.bz2 historical-b43b251afde434bad8a70968ec43f83042ed5200.zip | |
Bump CUPS to new version 1.3.9 and revision 1.3.8-r2 to address some security issues, bug #238976 and fix the broken desktop file, bug #236706 (Thanks to Pacho Ramos). Remove keywords on 1.2.12 to prevent users from installing a unsecure CUPS version.
Package-Manager: portage-2.2_rc12/cvs/Linux 2.6.26-gentoo-r1 x86_64
RepoMan-Options: --force
Diffstat (limited to 'net-print/cups')
| -rw-r--r-- | net-print/cups/ChangeLog | 17 | ||||
| -rw-r--r-- | net-print/cups/Manifest | 17 | ||||
| -rw-r--r-- | net-print/cups/cups-1.2.12-r4.ebuild | 4 | ||||
| -rw-r--r-- | net-print/cups/cups-1.2.12-r7.ebuild | 235 | ||||
| -rw-r--r-- | net-print/cups/cups-1.2.12-r8.ebuild | 4 | ||||
| -rw-r--r-- | net-print/cups/cups-1.3.8-r2.ebuild (renamed from net-print/cups/cups-1.3.7-r1.ebuild) | 63 | ||||
| -rw-r--r-- | net-print/cups/cups-1.3.9.ebuild (renamed from net-print/cups/cups-1.3.8.ebuild) | 7 | ||||
| -rw-r--r-- | net-print/cups/files/cups-1.3.8-CVE-2008-3639.patch | 40 | ||||
| -rw-r--r-- | net-print/cups/files/cups-1.3.8-CVE-2008-3640.patch | 85 | ||||
| -rw-r--r-- | net-print/cups/files/cups-1.3.8-CVE-2008-3641.patch | 131 | ||||
| -rw-r--r-- | net-print/cups/files/cups-1.3.8-str2924.patch | 71 |
11 files changed, 401 insertions, 273 deletions
diff --git a/net-print/cups/ChangeLog b/net-print/cups/ChangeLog index f467d0276121..f030bc0dd39f 100644 --- a/net-print/cups/ChangeLog +++ b/net-print/cups/ChangeLog @@ -1,6 +1,21 @@ # ChangeLog for net-print/cups # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.327 2008/09/24 05:49:03 jer Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.328 2008/10/10 19:38:50 tgurr Exp $ + +*cups-1.3.9 (10 Oct 2008) +*cups-1.3.8-r2 (10 Oct 2008) + + 10 Oct 2008; Timo Gurr <tgurr@gentoo.org> + +files/cups-1.3.8-CVE-2008-3639.patch, + +files/cups-1.3.8-CVE-2008-3640.patch, + +files/cups-1.3.8-CVE-2008-3641.patch, +files/cups-1.3.8-str2924.patch, + cups-1.2.12-r4.ebuild, -cups-1.2.12-r7.ebuild, cups-1.2.12-r8.ebuild, + -cups-1.3.7-r1.ebuild, -cups-1.3.8.ebuild, +cups-1.3.8-r2.ebuild, + +cups-1.3.9.ebuild: + Bump CUPS to new version 1.3.9 and revision 1.3.8-r2 to address some + security issues, bug #238976 and fix the broken desktop file, bug #236706 + (Thanks to Pacho Ramos). Remove keywords on 1.2.12 to prevent users from + installing a unsecure CUPS version. 24 Sep 2008; Jeroen Roovers <jer@gentoo.org> cups-1.3.8-r1.ebuild: Stable for HPPA (bug #235907). diff --git a/net-print/cups/Manifest b/net-print/cups/Manifest index bd78eb2a7632..76f7ad94d678 100644 --- a/net-print/cups/Manifest +++ b/net-print/cups/Manifest @@ -9,18 +9,21 @@ AUX cups-1.2.12-CVE-2008-1722.patch 1457 RMD160 5c887ad9b824c1e41f7a4894f757d03f AUX cups-1.3.0-configure.patch 651 RMD160 e4c7f45d7ddc28157433bf025c7f946c7e3b6d6a SHA1 101bf1893b56640d9fa82078e29319fbbd1449c7 SHA256 d6e5e60a982a3c093c0d0f89cf865e2b4c36290f5b1e188b7bf305d210070736 AUX cups-1.3.7-CVE-2008-1722.patch 1752 RMD160 25dd7948f4a3c8ac0f39b33387e79195b104bf1d SHA1 309d26918fc11619a97b3f560662478437d97a54 SHA256 d372a4595f52ccd88deb5545f64b70c3dbf8a6e9bec7524b6ac32c59cb131749 AUX cups-1.3.7-backend-https.patch 450 RMD160 9a1ad48d2be40c89510ccc512649f0a2eb5543b0 SHA1 d3dd55fcdee47855d6b7c1443adb6c2b3d8c9cdb SHA256 060f929ae3eae5dc411ce6352a0d50c3296b013974f034fc2ad8d6bb0c81b45a +AUX cups-1.3.8-CVE-2008-3639.patch 1098 RMD160 0c258e91ae4ac3c85facfb6d0adaa43d753a0ebd SHA1 487549912c483cc5dcd9b097da9e43f6f75306cc SHA256 92ced97fb6af55416f2968878ef90a97d76bdfdbb91b9f204a3fac6dbc77c58f +AUX cups-1.3.8-CVE-2008-3640.patch 2487 RMD160 5c0180fdbf7521c651de7f0aeaddf238485863ca SHA1 50dcec44a42f715218d5d18c5d2a1c9ffa3e6aab SHA256 6a75dd6f479513683c018f6012c1c53b25cadc5626dd256aeebddedda654590e +AUX cups-1.3.8-CVE-2008-3641.patch 4066 RMD160 42eb0aba35a2df15a32a68ba255675cc5550d4df SHA1 4c0fd2844091d3a73cf34bb0ec022cc62dbe9b86 SHA256 fa053a07ea03cd8b5d8345acc5ab91efb40bd2fe42e03ac08921d4bdb0073719 AUX cups-1.3.8-str2892-1.3.patch 2587 RMD160 6a189f1921760833028302619515a0ae895f2978 SHA1 befc3c7849bc5a53e29c9c3b26fb708ee8dc43f8 SHA256 b75b30ed996eb41baeb6e5dc35c82883e9e4d27c2c1febe0f09b2e9018184c2f +AUX cups-1.3.8-str2924.patch 2296 RMD160 dc80896b4a12834be0c99ee82623cbee78c33754 SHA1 1f29545527a98c1371b52db5a148c31494ae9361 SHA256 a0ac058f3f276d73a1e2494cdadd30fae6941b87aa703cf8db6c6da8b0cafa44 AUX cupsd.init 288 RMD160 9bd676af5b43a97ba08ca51f70cefb445faeb8b8 SHA1 922868e1a6acb81b83e87a3c6905149789f16503 SHA256 008eeadc4979ad0e1f05e8ce5d22449eb798375e75ffc3176cbef138a53de4f9 AUX cupsd.init.d 293 RMD160 19fbef21cee7e472e7028f3101b680baa0089c54 SHA1 e6b27b2638fec258fe2f55c926c2530e909ca3d2 SHA256 b4268a6bae95e96b6af21c3716ecc905073736ce7dc33be1489d574a447f3c48 AUX pdftops-1.20.gentoo 10412 RMD160 16e229662c47e03af1d1f4cb5764a76d17a66642 SHA1 6afb8a655b6ff013a2c8c8cbfb615ba1e561503b SHA256 ac5fa01ca776d75bd7cef62eef9f6b0c3945ee87e8950b40ca9f9f3ff46a16c1 DIST cups-1.2.12-source.tar.bz2 3788301 RMD160 598270e37ff8a9b9ff1e667066d6f7e120493e32 SHA1 11a540f76a1d3164b6636bf8ba47928803ad9356 SHA256 b4ff8e934da7db32d5654360ea9068faa0ed5a00fde02161ae53c2052510d00f -DIST cups-1.3.7-source.tar.bz2 3895825 RMD160 7d3bd9dbe91e787f7032b770e576ab31cfcf6588 SHA1 4267822cdad2fdad44ff0885587132250bcf8dff SHA256 1c8bb310131498934657651fb0ea3e44b4f6d0243ba2ad252644a8f039dda0fe DIST cups-1.3.8-source.tar.bz2 3978466 RMD160 86511e538aa3f35b4cf6de8d972692f9aef9ccc1 SHA1 60a28467eb05d4d996e1b301968dea12aebc84ad SHA256 bb6e013e104d82e454a98460136360111d77160300a0eb98063d7051e71c4f05 -EBUILD cups-1.2.12-r4.ebuild 7030 RMD160 4ec61a70c3083168ed6b52cd0d1fba061527f911 SHA1 6446066e419f2970ddbd4316e57572954ea3ff4c SHA256 f7a592fd58ff1b72f5e7809175a968b00e16b1bd81af4a9412dce6abbdc1701b -EBUILD cups-1.2.12-r7.ebuild 7314 RMD160 c6571ff1a1b3afeda21abdf5d7d4607ecbc76cad SHA1 6df0db0117f502ee889d4456cc17e5af10c05c12 SHA256 f15c11ae4e20d55ced89e52618a70457fc8182c5cde94618293d71931dcb6a98 -EBUILD cups-1.2.12-r8.ebuild 7416 RMD160 7d1e6b67af75ff60d5c488408e68da23f57061f3 SHA1 08de0991b1f65616d70db2c18b7223a1c7095742 SHA256 41d4a04d0bbe3c215f87070662128b529197795076ce65943f86047d6066d28b -EBUILD cups-1.3.7-r1.ebuild 8340 RMD160 3a9c75d00b566c521c0d89a6e9646ef5b342f5d7 SHA1 e3d46179ffb83d79c6f0182930eb9447171796d8 SHA256 28d1fdf8b5469d8eea0c6af36cc41a4cd1e3a14686727a1e99d85c91163e35b8 +DIST cups-1.3.9-source.tar.bz2 3993875 RMD160 ec8bd9fc6ee45648b6eb22949f44fc4cf2defd4e SHA1 c1a596b355201320456b393446286fe3947bce16 SHA256 38856ab4b8bcf51be2bed1f554cd8089c1f2448a6979c055762b49eda82a6b6b +EBUILD cups-1.2.12-r4.ebuild 6960 RMD160 b96f268072dcb2b0ea12e558e805d24cc8e079e2 SHA1 effa314d1e1316edaed7b632859d0fd87b8d9a68 SHA256 7001a6a77195205b56ffdf0fcba29e947c0d2297215019c5f1e6c94a3f6dd90b +EBUILD cups-1.2.12-r8.ebuild 7341 RMD160 37a5471818fc87620639a4226a0d6cf5bbdf903e SHA1 da4e4c75113456380104829c1b47ef4876fa50c8 SHA256 86c859cd48bc3f1209ee1ec54b718350482975c88e1195633883028a1d5363e5 EBUILD cups-1.3.8-r1.ebuild 8653 RMD160 43b629b62a62409da23a10c87b232b7c66624e61 SHA1 46425dc45652e00938f989f9dc16290db8e5eba4 SHA256 4ae65a3c97600f8171ca918f6ec3693144f1302aedb68aeaf94e00326deaa291 -EBUILD cups-1.3.8.ebuild 8521 RMD160 4b19a564d24c27c1ac32e26c501b216fe0901848 SHA1 c65bd1664d8a2d6ca2369d824ecdb39399a47141 SHA256 a7f04dca2b69258b158f9a68178f57bdb95c8ace40a8e9d1da6ebcd524063061 -MISC ChangeLog 47856 RMD160 38a11f4ed3831aeedb74fa36726591b9e8f70b00 SHA1 a272604bd30be6bc32c295e67c4c28fb7c441101 SHA256 85cfcecea3879f1b9d6277b0d8f75510f6e6e717e4336eee4361cf6cc5402d28 +EBUILD cups-1.3.8-r2.ebuild 8907 RMD160 78359138673a7675b2eded74fd6fd42a38e25f6a SHA1 c275208f6e6723ef96b0d2c1f63202f831007024 SHA256 ad01ad3a19390f193203cbfb11218e1b8b6a17878b7f264f18f27ae773a03214 +EBUILD cups-1.3.9.ebuild 8496 RMD160 156ecba317ce05d7674cf41b22f6b40dc361994f SHA1 85d9b9c7e2f1f8e682fe702debce2ea28762aeae SHA256 7e37057eff4139e3ca7c93801255af41bc3ac413de26e8decf65ad68936f121f +MISC ChangeLog 48537 RMD160 4e85ef409eb48d03ab86691c16ebef2d6acf2252 SHA1 f89c56ed85fd05c685cfb243c66a7b7d86c2b369 SHA256 5278cc8d965c991ac6e5c0cff6700e42fa5435ec52c355a4ce53bd03b86ccc1d MISC metadata.xml 161 RMD160 1e5b1e42553c8869b93c4a5448e9a2a2ed9fe525 SHA1 209c6a46e4cdd891980115e42ba419e3799f8088 SHA256 7c85e6739a71f5bb23e8de36c88677d772946e61f7285892f7554e37bd2bca76 diff --git a/net-print/cups/cups-1.2.12-r4.ebuild b/net-print/cups/cups-1.2.12-r4.ebuild index 562a8b79a17e..24a83d8f8fea 100644 --- a/net-print/cups/cups-1.2.12-r4.ebuild +++ b/net-print/cups/cups-1.2.12-r4.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2008 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.2.12-r4.ebuild,v 1.7 2008/07/16 22:47:37 tgurr Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.2.12-r4.ebuild,v 1.8 2008/10/10 19:38:50 tgurr Exp $ WANT_AUTOMAKE=latest @@ -14,7 +14,7 @@ SRC_URI="mirror://sourceforge/cups/${MY_P}-source.tar.bz2" LICENSE="GPL-2" SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd" +KEYWORDS="arm m68k s390 sh" IUSE="ldap ssl slp pam php samba nls dbus tiff png ppds jpeg X" DEP="pam? ( virtual/pam ) diff --git a/net-print/cups/cups-1.2.12-r7.ebuild b/net-print/cups/cups-1.2.12-r7.ebuild deleted file mode 100644 index 9da17d58e4b0..000000000000 --- a/net-print/cups/cups-1.2.12-r7.ebuild +++ /dev/null @@ -1,235 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.2.12-r7.ebuild,v 1.5 2008/06/15 01:14:09 zmedico Exp $ - -inherit autotools eutils flag-o-matic multilib pam - -MY_P=${P/_} - -DESCRIPTION="The Common Unix Printing System" -HOMEPAGE="http://www.cups.org/" -SRC_URI="mirror://sourceforge/cups/${MY_P}-source.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 ~arm hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc ~sparc-fbsd x86 ~x86-fbsd" -IUSE="ldap ssl slp pam php samba nls dbus tiff png ppds jpeg X" - -DEP="pam? ( virtual/pam ) - ssl? ( net-libs/gnutls ) - slp? ( >=net-libs/openslp-1.0.4 ) - ldap? ( net-nds/openldap ) - dbus? ( sys-apps/dbus ) - png? ( >=media-libs/libpng-1.2.1 ) - tiff? ( >=media-libs/tiff-3.5.5 ) - jpeg? ( >=media-libs/jpeg-6b ) - php? ( dev-lang/php ) - app-text/libpaper" -DEPEND="${DEP} - !<net-print/foomatic-filters-ppds-20070501 - !<net-print/hplip-1.7.4a-r1 - nls? ( sys-devel/gettext )" -RDEPEND="${DEP} - nls? ( virtual/libintl ) - !virtual/lpr - >=app-text/poppler-0.4.3-r1 - X? ( x11-misc/xdg-utils )" - -PDEPEND=" - ppds? ( || ( - ( - net-print/foomatic-filters-ppds - net-print/foomatic-db-ppds - ) - net-print/foomatic-filters-ppds - net-print/foomatic-db-ppds - net-print/hplip - net-print/gutenprint - net-print/foo2zjs - net-print/cups-pdf - ) ) - samba? ( >=net-fs/samba-3.0.8 ) - virtual/ghostscript" -PROVIDE="virtual/lpr" - -# upstream includes an interactive test which is a nono for gentoo. -# therefore, since the printing herd has bigger fish to fry, for now, -# we just leave it out, even if FEATURES=test -RESTRICT="test" - -S=${WORKDIR}/${MY_P} - -pkg_setup() { - if use x86 && [ -d "/usr/lib64" ] - then - eerror "You are running an x86 system, but /usr/lib64 exists, cups will install all library objects into this directory!" - eerror "You should remove /usr/lib64, but before you do, you should check for existing objects, and re-compile all affected packages." - eerror "You can use qfile (emerge portage-utils to install qfile) to get a list of the affected ebuilds:" - eerror "# qfile -qC /usr/lib64" - die "lib64 on x86 detected" - fi - - enewgroup lp - enewuser lp -1 -1 -1 lp - - enewgroup lpadmin 106 -} - -src_unpack() { - unpack ${A} - cd "${S}" - - # CVE-2007-4351 security patch, bug #196736 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2007-4351.patch - # CVE-2007-5849 security patch, bug #201570 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2007-5849.patch - # CVE-2008-0047 security patch, bug #212364 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-0047.patch - # CVE-2008-0882 security patch, bug #211449 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-0882.patch - # CVE-2008-1373 security patch, bug #214068 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-1373.patch - # CVE-2008-0053 security patch, bug #214068 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-0053.patch - - # cups does not use autotools "the usual way" and ship a static config.h.in - eaclocal - eautoconf -} - -src_compile() { - export DSOFLAGS="${LDFLAGS}" - - if use ldap; then - append-flags -DLDAP_DEPRECATED - fi - - econf \ - --with-cups-user=lp \ - --with-cups-group=lp \ - --with-system-groups=lpadmin \ - --localstatedir=/var \ - --with-docdir=/usr/share/cups/html \ - $(use_enable pam) \ - $(use_enable ssl) \ - --enable-gnutls \ - $(use_enable slp) \ - $(use_enable nls) \ - $(use_enable dbus) \ - $(use_enable png) \ - $(use_enable jpeg) \ - $(use_enable tiff) \ - $(use_with php) \ - $(use_enable ldap) \ - --enable-libpaper \ - --enable-threads \ - --enable-static \ - --disable-pdftops \ - || die "econf failed" - - # Install in /usr/libexec always, instead of using /usr/lib/cups, as that - # makes more sense when facing multilib support. - sed -i -e 's:SERVERBIN.*:SERVERBIN = $(BUILDROOT)/usr/libexec/cups:' Makedefs - sed -i -e 's:#define CUPS_SERVERBIN.*:#define CUPS_SERVERBIN "/usr/libexec/cups":' config.h - sed -i -e 's:cups_serverbin=.*:cups_serverbin=/usr/libexec/cups:' cups-config - - emake || die "emake failed" -} - -src_install() { - emake BUILDROOT="${D}" install || die "emake install failed" - dodoc {CHANGES{,-1.{0,1}},CREDITS,LICENSE,README}.txt - - # clean out cups init scripts - rm -rf "${D}"/etc/{init.d/cups,rc*,pam.d/cups} - # install our init scripts - newinitd "${FILESDIR}"/cupsd.init cupsd - # install our pam script - pamd_mimic_system cups auth account - - # correct path - sed -i -e "s:server = .*:server = /usr/libexec/cups/daemon/cups-lpd:" "${D}"/etc/xinetd.d/cups-lpd - # it is safer to disable this by default, bug 137130 - grep -w 'disable' "${D}"/etc/xinetd.d/cups-lpd || \ - sed -i -e "s:}:\tdisable = yes\n}:" "${D}"/etc/xinetd.d/cups-lpd - - # install pdftops filter - exeinto /usr/libexec/cups/filter/ - newexe "${FILESDIR}"/pdftops-1.20.gentoo pdftops - - # only for gs-esp this is correct, see bug 163897 - if has_version app-text/ghostscript-gpl || has_version app-text/ghostscript-gnu; then - sed -i -e "s:#application/vnd.cups-postscript:application/vnd.cups-postscript:" "${D}"/etc/cups/mime.convs - fi - - keepdir /usr/share/cups/profiles /usr/libexec/cups/driver /var/log/cups \ - /var/run/cups/certs /var/cache/cups /var/spool/cups/tmp /etc/cups/ssl - - # .desktop handling. X useflag. xdg-open from freedesktop is preferred - if use X; then - sed -i -e "s:htmlview:xdg-open:" "${D}"/usr/share/applications/cups.desktop - else - rm -r "${D}"/usr/share/applications - fi - - # Fix a symlink collision, see bug #172341 - dodir /usr/share/ppd - dosym /usr/share/ppd /usr/share/cups/model/foomatic-ppds -} - -pkg_preinst() { - # cleanups - [ -n "${PN}" ] && rm -fR "${ROOT}"/usr/share/doc/${PN}-* - has_version "=${CATEGORY}/${PN}-1.1*" - upgrade_from_1_1=$? -} - -pkg_postinst() { - echo - elog "Remote printing: change " - elog "Listen localhost:631" - elog "to" - elog "Listen *:631" - elog "in /etc/cups/cupsd.conf" - echo - elog "For more information about installing a printer take a look at:" - elog "http://www.gentoo.org/doc/en/printing-howto.xml." - echo - - local good_gs=false - for x in app-text/ghostscript-gpl app-text/ghostscript-gnu app-text/ghostscript-esp; do - if has_version ${x} && built_with_use ${x} cups; then - good_gs=true - break - fi - done; - if ! ${good_gs}; then - ewarn - ewarn "You need to emerge ghostscript with the \"cups\" USE flag turned on" - fi - if [[ $upgrade_from_1_1 = 0 ]] ; then - ewarn - ewarn "The configuration changed with cups-1.2, you may want to save the old" - ewarn "one and start from scratch:" - ewarn "# mv /etc/cups /etc/cups.orig; emerge -va1 cups" - ewarn - ewarn "You need to rebuild kdelibs for kdeprinter to work with cups-1.2" - fi - if [ -e "${ROOT}"/usr/lib/cups ]; then - ewarn - ewarn "/usr/lib/cups exists - You need to remerge every ebuild that" - ewarn "installed into /usr/lib/cups and /etc/cups, qfile is in portage-utils:" - ewarn "# FEATURES=-collision-protect emerge -va1 \$(qfile -qC /usr/lib/cups /etc/cups | sed \"s:net-print/cups$::\")" - ewarn - ewarn "FEATURES=-collision-protect is needed to overwrite the compatibility" - ewarn "symlinks installed by this package, it wont be needed on later merges." - ewarn "You should also run revdep-rebuild" - - # place symlinks to make the update smoothless - for i in "${ROOT}"/usr/lib/cups/{backend,filter}/*; do - if [ "${i/\*}" == "${i}" ] && ! [ -e ${i/lib/libexec} ]; then - ln -s ${i} ${i/lib/libexec} - fi - done - fi -} diff --git a/net-print/cups/cups-1.2.12-r8.ebuild b/net-print/cups/cups-1.2.12-r8.ebuild index 20ce86fc8596..7395d8f688d7 100644 --- a/net-print/cups/cups-1.2.12-r8.ebuild +++ b/net-print/cups/cups-1.2.12-r8.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2008 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.2.12-r8.ebuild,v 1.9 2008/06/15 01:14:09 zmedico Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.2.12-r8.ebuild,v 1.10 2008/10/10 19:38:50 tgurr Exp $ inherit autotools eutils flag-o-matic multilib pam @@ -12,7 +12,7 @@ SRC_URI="mirror://sourceforge/cups/${MY_P}-source.tar.bz2" LICENSE="GPL-2" SLOT="0" -KEYWORDS="alpha amd64 ~arm hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc ~sparc-fbsd x86 ~x86-fbsd" +KEYWORDS="arm m68k s390 sh" IUSE="ldap ssl slp pam php samba nls dbus tiff png ppds jpeg X" DEP="pam? ( virtual/pam ) diff --git a/net-print/cups/cups-1.3.7-r1.ebuild b/net-print/cups/cups-1.3.8-r2.ebuild index c6f1f910f81e..e1011fcb1ebf 100644 --- a/net-print/cups/cups-1.3.7-r1.ebuild +++ b/net-print/cups/cups-1.3.8-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2008 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.3.7-r1.ebuild,v 1.7 2008/06/15 01:14:09 zmedico Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.3.8-r2.ebuild,v 1.1 2008/10/10 19:38:50 tgurr Exp $ inherit autotools eutils flag-o-matic multilib pam @@ -8,16 +8,17 @@ MY_P=${P/_} DESCRIPTION="The Common Unix Printing System" HOMEPAGE="http://www.cups.org/" -SRC_URI="mirror://sourceforge/cups/${MY_P}-source.tar.bz2" +SRC_URI="http://ftp.easysw.com/pub/cups/${PV}/${MY_P}-source.tar.bz2" LICENSE="GPL-2" SLOT="0" -KEYWORDS="alpha amd64 ~arm hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc ~sparc-fbsd x86 ~x86-fbsd" -IUSE="acl avahi dbus java jpeg kerberos ldap nls pam perl php png ppds python samba slp ssl static tiff X zeroconf" +KEYWORDS="~alpha amd64 ~arm hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc ~sparc-fbsd x86 ~x86-fbsd" +IUSE="acl avahi dbus gnutls java jpeg kerberos ldap pam perl php png ppds python samba slp ssl static tiff X xinetd zeroconf" COMMON_DEPEND="acl? ( kernel_linux? ( sys-apps/acl sys-apps/attr ) ) avahi? ( net-dns/avahi ) dbus? ( sys-apps/dbus ) + gnutls? ( net-libs/gnutls ) java? ( >=virtual/jre-1.4 ) jpeg? ( >=media-libs/jpeg-6b ) kerberos? ( virtual/krb5 ) @@ -28,20 +29,19 @@ COMMON_DEPEND="acl? ( kernel_linux? ( sys-apps/acl sys-apps/attr ) ) png? ( >=media-libs/libpng-1.2.1 ) python? ( dev-lang/python ) slp? ( >=net-libs/openslp-1.0.4 ) - ssl? ( net-libs/gnutls ) + ssl? ( !gnutls? ( >=dev-libs/openssl-0.9.8g ) ) tiff? ( >=media-libs/tiff-3.5.5 ) + xinetd? ( sys-apps/xinetd ) zeroconf? ( !avahi? ( net-misc/mDNSResponder ) ) app-text/libpaper dev-libs/libgcrypt" DEPEND="${COMMON_DEPEND} !<net-print/foomatic-filters-ppds-20070501 - !<net-print/hplip-1.7.4a-r1 - nls? ( sys-devel/gettext )" + !<net-print/hplip-1.7.4a-r1" RDEPEND="${COMMON_DEPEND} !virtual/lpr - nls? ( virtual/libintl ) X? ( x11-misc/xdg-utils ) >=app-text/poppler-0.4.3-r1" @@ -70,7 +70,7 @@ RESTRICT="test" S="${WORKDIR}/${MY_P}" -LANGS="de en es et fr he it ja pl sv zh_TW" +LANGS="de en es et fr he id it ja pl sv zh_TW" for X in ${LANGS} ; do IUSE="${IUSE} linguas_${X}" done @@ -100,8 +100,16 @@ src_unpack() { # create a missing symlink to allow https printing via IPP, bug #217293 epatch "${FILESDIR}/${PN}-1.3.7-backend-https.patch" - # CVE-2008-1722 security patch, bug #217232 - epatch "${FILESDIR}/${PN}-1.3.7-CVE-2008-1722.patch" + # Upstream fix for using the webinterface via SSL with FF3, upstream bug STR #2892 + epatch "${FILESDIR}/${PN}-1.3.8-str2892-1.3.patch" + + # Upstream fix for broken .desktop file + epatch "${FILESDIR}/${PN}-1.3.8-str2924.patch" + + # security bug #238976 + epatch "${FILESDIR}/${PN}-1.3.8-CVE-2008-3639.patch" + epatch "${FILESDIR}/${PN}-1.3.8-CVE-2008-3640.patch" + epatch "${FILESDIR}/${PN}-1.3.8-CVE-2008-3641.patch" # cups does not use autotools "the usual way" and ship a static config.h.in eaclocal @@ -133,6 +141,16 @@ src_compile() { myconf="${myconf} --disable-dnssd" fi + if use ssl || use gnutls ; then + myconf="${myconf} \ + $(use_enable gnutls) \ + $(use_enable !gnutls openssl)" + else + myconf="${myconf} \ + --disable-gnutls \ + --disable-openssl" + fi + econf \ --libdir=/usr/$(get_libdir) \ --localstatedir=/var \ @@ -141,28 +159,25 @@ src_compile() { --with-docdir=/usr/share/cups/html \ --with-languages=${LINGUAS} \ --with-system-groups=lpadmin \ + --with-xinetd=/etc/xinetd.d \ $(use_enable acl) \ $(use_enable dbus) \ $(use_enable jpeg) \ $(use_enable kerberos gssapi) \ $(use_enable ldap) \ - $(use_enable nls) \ $(use_enable pam) \ $(use_enable png) \ $(use_enable slp) \ - $(use_enable ssl) \ $(use_enable static) \ $(use_enable tiff) \ $(use_with java) \ $(use_with perl) \ $(use_with php) \ $(use_with python) \ - --enable-gnutls \ --enable-libpaper \ --enable-threads \ --disable-pdftops \ - ${myconf} \ - || die "econf failed" + ${myconf} # install in /usr/libexec always, instead of using /usr/lib/cups, as that # makes more sense when facing multilib support. @@ -192,17 +207,21 @@ src_install() { # install our pam script pamd_mimic_system cups auth account - # correct path - sed -i -e "s:server = .*:server = /usr/libexec/cups/daemon/cups-lpd:" "${D}"/etc/xinetd.d/cups-lpd - # it is safer to disable this by default, bug 137130 - grep -w 'disable' "${D}"/etc/xinetd.d/cups-lpd || \ - sed -i -e "s:}:\tdisable = yes\n}:" "${D}"/etc/xinetd.d/cups-lpd + if use xinetd ; then + # correct path + sed -i -e "s:server = .*:server = /usr/libexec/cups/daemon/cups-lpd:" "${D}"/etc/xinetd.d/cups-lpd + # it is safer to disable this by default, bug #137130 + grep -w 'disable' "${D}"/etc/xinetd.d/cups-lpd || \ + sed -i -e "s:}:\tdisable = yes\n}:" "${D}"/etc/xinetd.d/cups-lpd + else + rm -rf "${D}"/etc/xinetd.d + fi # install pdftops filter exeinto /usr/libexec/cups/filter/ newexe "${FILESDIR}"/pdftops-1.20.gentoo pdftops - # only for gs-esp this is correct, see bug 163897 + # only for gs-esp this is correct, see bug #163897 if has_version app-text/ghostscript-gpl || has_version app-text/ghostscript-gnu ; then sed -i -e "s:#application/vnd.cups-postscript:application/vnd.cups-postscript:" "${D}"/etc/cups/mime.convs fi diff --git a/net-print/cups/cups-1.3.8.ebuild b/net-print/cups/cups-1.3.9.ebuild index 3e8d1db508fc..4fee14e78d07 100644 --- a/net-print/cups/cups-1.3.8.ebuild +++ b/net-print/cups/cups-1.3.9.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2008 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.3.8.ebuild,v 1.2 2008/08/01 19:19:33 tgurr Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.3.9.ebuild,v 1.1 2008/10/10 19:38:50 tgurr Exp $ inherit autotools eutils flag-o-matic multilib pam @@ -8,7 +8,7 @@ MY_P=${P/_} DESCRIPTION="The Common Unix Printing System" HOMEPAGE="http://www.cups.org/" -SRC_URI="http://ftp.easysw.com/pub/cups/{PV}/${MY_P}-source.tar.bz2" +SRC_URI="http://ftp.easysw.com/pub/cups/${PV}/${MY_P}-source.tar.bz2" LICENSE="GPL-2" SLOT="0" @@ -166,8 +166,7 @@ src_compile() { --enable-libpaper \ --enable-threads \ --disable-pdftops \ - ${myconf} \ - || die "econf failed" + ${myconf} # install in /usr/libexec always, instead of using /usr/lib/cups, as that # makes more sense when facing multilib support. diff --git a/net-print/cups/files/cups-1.3.8-CVE-2008-3639.patch b/net-print/cups/files/cups-1.3.8-CVE-2008-3639.patch new file mode 100644 index 000000000000..752274309a46 --- /dev/null +++ b/net-print/cups/files/cups-1.3.8-CVE-2008-3639.patch @@ -0,0 +1,40 @@ +Index: cups-1.3.8/filter/image-sgilib.c +=================================================================== +--- cups-1.3.8.orig/filter/image-sgilib.c ++++ cups-1.3.8/filter/image-sgilib.c +@@ -640,13 +640,14 @@ read_rle8(FILE *fp, /* I - Fi + if (ch & 128) + { + for (i = 0; i < count; i ++, row ++, xsize --, length ++) +- *row = getc(fp); ++ if (xsize > 0) ++ *row = getc(fp); + } + else + { + ch = getc(fp); + length ++; +- for (i = 0; i < count; i ++, row ++, xsize --) ++ for (i = 0; i < count && xsize > 0; i ++, row ++, xsize --) + *row = ch; + } + } +@@ -685,14 +686,15 @@ read_rle16(FILE *fp, /* I - F + if (ch & 128) + { + for (i = 0; i < count; i ++, row ++, xsize --, length ++) +- *row = getshort(fp); ++ if (xsize > 0) ++ *row = getshort(fp); + } + else + { + ch = getshort(fp); + length ++; +- for (i = 0; i < count; i ++, row ++, xsize --) +- *row = ch; ++ for (i = 0; i < count && xsize > 0; i ++, row ++, xsize --) ++ *row = ch; + } + } + diff --git a/net-print/cups/files/cups-1.3.8-CVE-2008-3640.patch b/net-print/cups/files/cups-1.3.8-CVE-2008-3640.patch new file mode 100644 index 000000000000..a3158cd20130 --- /dev/null +++ b/net-print/cups/files/cups-1.3.8-CVE-2008-3640.patch @@ -0,0 +1,85 @@ +Index: cups-1.3.8/filter/texttops.c +=================================================================== +--- cups-1.3.8.orig/filter/texttops.c ++++ cups-1.3.8/filter/texttops.c +@@ -173,6 +173,14 @@ WriteProlog(const char *title, /* I - T + SizeColumns = (PageRight - PageLeft) / 72.0 * CharsPerInch; + SizeLines = (PageTop - PageBottom) / 72.0 * LinesPerInch; + ++ if (SizeColumns <= 0 || SizeColumns > 32767 || ++ SizeLines <= 0 || SizeLines > 32767) ++ { ++ _cupsLangPrintf(stderr, _("ERROR: Unable to print %dx%d text page!\n"), ++ SizeColumns, SizeLines); ++ exit(1); ++ } ++ + Page = calloc(sizeof(lchar_t *), SizeLines); + Page[0] = calloc(sizeof(lchar_t), SizeColumns * SizeLines); + for (i = 1; i < SizeLines; i ++) +@@ -187,6 +195,13 @@ WriteProlog(const char *title, /* I - T + else + ColumnWidth = SizeColumns; + ++ if (ColumnWidth <= 0) ++ { ++ _cupsLangPrintf(stderr, _("ERROR: Unable to print %d text columns!\n"), ++ PageColumns); ++ exit(1); ++ } ++ + /* + * Output the DSC header... + */ +Index: cups-1.3.8/filter/textcommon.c +=================================================================== +--- cups-1.3.8.orig/filter/textcommon.c ++++ cups-1.3.8/filter/textcommon.c +@@ -3,7 +3,7 @@ + * + * Common text filter routines for the Common UNIX Printing System (CUPS). + * +- * Copyright 2007 by Apple Inc. ++ * Copyright 2007-2008 by Apple Inc. + * Copyright 1997-2007 by Easy Software Products. + * + * These coded instructions, statements, and computer programs are the +@@ -605,14 +605,38 @@ TextMain(const char *name, /* I - Name o + !strcasecmp(val, "yes"); + + if ((val = cupsGetOption("columns", num_options, options)) != NULL) ++ { + PageColumns = atoi(val); + ++ if (PageColumns < 1) ++ { ++ _cupsLangPrintf(stderr, _("ERROR: Bad columns value %d!\n"), PageColumns); ++ return (1); ++ } ++ } ++ + if ((val = cupsGetOption("cpi", num_options, options)) != NULL) ++ { + CharsPerInch = atof(val); + ++ if (CharsPerInch <= 0.0) ++ { ++ _cupsLangPrintf(stderr, _("ERROR: Bad cpi value %f!\n"), CharsPerInch); ++ return (1); ++ } ++ } ++ + if ((val = cupsGetOption("lpi", num_options, options)) != NULL) ++ { + LinesPerInch = atof(val); + ++ if (LinesPerInch <= 0.0) ++ { ++ _cupsLangPrintf(stderr, _("ERROR: Bad lpi value %f!\n"), LinesPerInch); ++ return (1); ++ } ++ } ++ + if (PrettyPrint) + PageTop -= 216.0f / LinesPerInch; + diff --git a/net-print/cups/files/cups-1.3.8-CVE-2008-3641.patch b/net-print/cups/files/cups-1.3.8-CVE-2008-3641.patch new file mode 100644 index 000000000000..4bb8330326af --- /dev/null +++ b/net-print/cups/files/cups-1.3.8-CVE-2008-3641.patch @@ -0,0 +1,131 @@ +Index: cups-1.3.8/filter/hpgl-attr.c +=================================================================== +--- cups-1.3.8.orig/filter/hpgl-attr.c ++++ cups-1.3.8/filter/hpgl-attr.c +@@ -197,8 +197,18 @@ NP_number_pens(int num_params, /* I + + if (num_params == 0) + PenCount = 8; +- else if (num_params == 1 && params[0].value.number <= 1024) +- PenCount = (int)params[0].value.number; ++ else if (num_params == 1) ++ { ++ if (params[0].value.number < 1 || params[0].value.number > MAX_PENS) ++ { ++ fprintf(stderr, ++ "DEBUG: HP-GL/2 \'NP\' command with invalid number of " ++ "pens (%d)!\n", (int)params[0].value.number); ++ PenCount = 8; ++ } ++ else ++ PenCount = (int)params[0].value.number; ++ } + else + fprintf(stderr, + "DEBUG: HP-GL/2 \'NP\' command with invalid number of " +@@ -235,7 +245,7 @@ PC_pen_color(int num_params, /* I - + + if (num_params == 0) + { +- for (i = 0; i <= PenCount; i ++) ++ for (i = 0; i < PenCount; i ++) + if (i < 8) + { + Pens[i].rgb[0] = standard_colors[i][0]; +@@ -256,7 +266,14 @@ PC_pen_color(int num_params, /* I - + } + else if (num_params == 1 || num_params == 4) + { +- i = (int)params[0].value.number; ++ i = (int)params[0].value.number - 1; ++ ++ if (i < 0 || i >= PenCount) ++ { ++ fprintf(stderr, ++ "DEBUG: HP-GL/2 \'PC\' command with invalid pen (%d)!\n", i + 1); ++ return; ++ } + + if (num_params == 1) + { +@@ -330,7 +347,15 @@ PW_pen_width(int num_params, /* I - + + if (num_params == 2) + { +- pen = (int)params[1].value.number; ++ pen = (int)params[1].value.number - 1; ++ ++ if (pen < 0 || pen >= PenCount) ++ { ++ fprintf(stderr, ++ "DEBUG: HP-GL/2 \'PW\' command with invalid pen (%d)!\n", ++ pen + 1); ++ return; ++ } + + Pens[pen].width = w; + +@@ -345,7 +370,7 @@ PW_pen_width(int num_params, /* I - + * Set width for all pens... + */ + +- for (pen = 0; pen <= PenCount; pen ++) ++ for (pen = 0; pen < PenCount; pen ++) + Pens[pen].width = w; + + if (PageDirty) +@@ -399,14 +424,16 @@ SP_select_pen(int num_params, /* I - + param_t *params) /* I - Parameters */ + { + if (num_params == 0) +- PenNumber = 1; +- else if (params[0].value.number <= PenCount) +- PenNumber = (int)params[0].value.number; +- else ++ PenNumber = 0; ++ else if (num_params > 1) + fprintf(stderr, +- "DEBUG: HP-GL/2 \'SP\' command with invalid number or value " +- "of parameters (%d, %d)!\n", num_params, ++ "DEBUG: HP-GL/2 \'SP\' command with invalid number of parameters " ++ "(%d)!\n", num_params); ++ else if (params[0].value.number <= 0 || params[0].value.number >= PenCount) ++ fprintf(stderr, "DEBUG: HP-GL/2 \'SP\' command with invalid pen (%d)!\n", + (int)params[0].value.number); ++ else ++ PenNumber = (int)params[0].value.number - 1; + + if (PageDirty) + printf("%.3f %.3f %.3f %.2f SP\n", Pens[PenNumber].rgb[0], +Index: cups-1.3.8/filter/hpgltops.h +=================================================================== +--- cups-1.3.8.orig/filter/hpgltops.h ++++ cups-1.3.8/filter/hpgltops.h +@@ -26,6 +26,14 @@ + # define M_PI 3.14159265358979323846 + #endif /* M_PI */ + ++ ++/* ++ * Maximum number of pens we emulate... ++ */ ++ ++#define MAX_PENS 1024 ++ ++ + /* + * Parameter value structure... + */ +@@ -108,10 +116,10 @@ VAR float PenPosition[2] VALUE2(0.0f, 0. + /* Current pen position */ + PenScaling VALUE(1.0f), /* Pen width scaling factor */ + PenWidth VALUE(1.0f); /* Default pen width */ +-VAR pen_t Pens[1024]; /* State of each pen */ ++VAR pen_t Pens[MAX_PENS]; /* State of each pen */ + VAR int PenMotion VALUE(0), /* 0 = absolute, 1 = relative */ + PenValid VALUE(0), /* 1 = valid position, 0 = undefined */ +- PenNumber VALUE(1), /* Current pen number */ ++ PenNumber VALUE(0), /* Current pen number */ + PenCount VALUE(8), /* Number of pens */ + PenDown VALUE(0), /* 0 = pen up, 1 = pen down */ + PolygonMode VALUE(0), /* Drawing polygons? */ diff --git a/net-print/cups/files/cups-1.3.8-str2924.patch b/net-print/cups/files/cups-1.3.8-str2924.patch new file mode 100644 index 000000000000..e40630f51dcb --- /dev/null +++ b/net-print/cups/files/cups-1.3.8-str2924.patch @@ -0,0 +1,71 @@ +Index: desktop/cups.desktop +=================================================================== +--- desktop/cups.desktop (revision 7908) ++++ desktop/cups.desktop (working copy) +@@ -1,41 +1,33 @@ + [Desktop Entry] +-Categories=Application;System;X-Red-Hat-Base; +-Encoding=UTF-8 ++Categories=System;Printing;HardwareSettings;X-Red-Hat-Base; + Exec=htmlview http://localhost:631/ +-GenericName= + Icon=cups +-MimeType= +-Path= + StartupNotify=false + Terminal=false +-TerminalOptions= + Type=Application +-X-DCOP-ServiceType= +-X-KDE-SubstituteUID=false +-X-KDE-Username= + Name=Manage Printing + Comment=CUPS Web Interface +-Name[de]=Druckerverwaltung +-Comment[de]=CUPS Webinterface +-Name[en_US]=Manage Printing +-Comment[en_US]=CUPS Web Interface +-Name[es]=Administrar impresión +-Comment[es]=Interfaz Web de CUPS +-Name[et]=Trükkimise haldur +-Comment[et]=CUPS-i veebiliides +-Name[fr]=Gestionnaire d'impression +-Comment[fr]=Interface Web de CUPS +-Name[he]=נהל הדפסות +-Comment[he]=ממשק דפדפן של CUPS +-Name[id]=Manajemen Pencetakan +-Comment[id]=Antarmuka Web CUPS +-Name[it]=Gestione stampa +-Comment[it]=Interfaccia web di CUPS +-Name[ja]=印刷の管理 +-Comment[ja]=CUPS Web インタフェース +-Name[pl]=Zarządzanie drukowaniem +-Comment[pl]=Interfejs WWW CUPS +-Name[zh]=打印机管理 +-Comment[zh]=CUPS网页界面 +-Name[zh_TW]=印表管理 +-Comment[zh_TW]=CUPS 網頁介面 ++Name[de.UTF-8]=Druckerverwaltung ++Comment[de.UTF-8]=CUPS Webinterface ++Name[en_US.UTF-8]=Manage Printing ++Comment[en_US.UTF-8]=CUPS Web Interface ++Name[es.UTF-8]=Administrar impresión ++Comment[es.UTF-8]=Interfaz Web de CUPS ++Name[et.UTF-8]=Trükkimise haldur ++Comment[et.UTF-8]=CUPS-i veebiliides ++Name[fr.UTF-8]=Gestionnaire d'impression ++Comment[fr.UTF-8]=Interface Web de CUPS ++Name[he.UTF-8]=נהל הדפסות ++Comment[he.UTF-8]=ממשק דפדפן של CUPS ++Name[id.UTF-8]=Manajemen Pencetakan ++Comment[id.UTF-8]=Antarmuka Web CUPS ++Name[it.UTF-8]=Gestione stampa ++Comment[it.UTF-8]=Interfaccia web di CUPS ++Name[ja.UTF-8]=印刷の管理 ++Comment[ja.UTF-8]=CUPS Web インタフェース ++Name[pl.UTF-8]=Zarządzanie drukowaniem ++Comment[pl.UTF-8]=Interfejs WWW CUPS ++Name[zh.UTF-8]=打印机管理 ++Comment[zh.UTF-8]=CUPS网页界面 ++Name[zh_TW.UTF-8]=印表管理 ++Comment[zh_TW.UTF-8]=CUPS 網頁介面 |