No subject
Fri Oct 14 12:31:44 PDT 2016
The first release candidate for version 1.1.23 of the Common
UNIX Printing System ("CUPS") is now available for download from
the CUPS web site at:
http://www.cups.org/software.php
In accordance with the CUPS Configuration Management Plan, you
now have until Friday, December 31st to test this release
candidate to determine if there are any high-priority problems
and report them using the Software Trouble Report form at:
http://www.cups.org/str.php
Reports sent to the CUPS newsgroups or mailing lists are not
automatically entered into the trouble report database and will
not influence the final production release of 1.1.23, so it is
very important that you report any problems you identify using
the form.
CUPS 1.1.23 is a bug fix release which fixes two security
vulnerabilities reported by Daniel J. Bernstein (djb at cr.yp.to).
The new release also contains other minor bug and documentation
fixes that are not security related.
CHANGES IN CUPS V1.1.23rc1
- The lpr man page did not document the "-U" option (STR
#998)
- The scheduler no longer sends the page-set option when
printing banner pages (STR #995)
- Fixed a debug message in the imagetops filter (STR
#1012)
- The lprm man page listed the "-" option in the wrong
order (STR #911)
- The hpgltops filter contained two buffer overflows
that could potentially allow remote access to the "lp"
account (STR #1024)
- The lppasswd command did not protect against file
descriptor or ulimit attacks (STR #1023)
- The "lpc status" command used the wrong resource path
when querying the list of printers and jobs, causing
unnecessary authentication requests (STR #1018)
- The httpWait() function did not handle signal
interruptions (STR #1020)
- The USB backend used the wrong size status variable
when checking the printer status (STR #1017)
- The scheduler did not delete classes from other
classes or implicit classes, which could cause a crash
(STR #1015)
- The IPP backend now logs the remote print job ID at
log level NOTICE instead of INFO (so it shows up in
the error_log file...)
More information about the cups
mailing list