[Pkg-cups-devel] Bug#297695: marked as done (cupsys: please consider "Browsing off" as the default)

Debian Bug Tracking System owner at bugs.debian.org
Tue Dec 13 01:03:11 UTC 2005


Your message dated Mon, 12 Dec 2005 16:47:09 -0800
with message-id <E1ElyJx-0005v6-W3 at spohr.debian.org>
and subject line Bug#297695: fixed in cupsys 1.1.23-13
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 2 Mar 2005 10:57:02 +0000
>From mh+debian-bugs at zugschlus.de Wed Mar 02 02:57:02 2005
Return-path: <mh+debian-bugs at zugschlus.de>
Received: from 5301d.unt0.torres.l21.ma.zugschlus.de (torres.int.l21.ma.zugschlus.de) [217.151.83.1] (Debian-exim)
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1D6RXK-0006UM-00; Wed, 02 Mar 2005 02:57:02 -0800
Received: from lefler.int.l21.ma.zugschlus.de ([192.168.130.38]:42806)
	by torres.int.l21.ma.zugschlus.de with esmtp (Exim 4.50)
	id 1D6RXI-0005Pw-Mf; Wed, 02 Mar 2005 11:57:00 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Marc Haber <mh+debian-bugs at zugschlus.de>
To: Debian Bug Tracking System <submit at bugs.debian.org>
Subject: cupsys: please consider "Browsing off" as the default
X-Mailer: reportbug 3.8
Date: Wed, 02 Mar 2005 11:57:00 +0100
Message-Id: <E1D6RXI-0005Pw-Mf at torres.int.l21.ma.zugschlus.de>
Delivered-To: submit at bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: cupsys
Version: 1.1.23-6
Severity: wishlist

Please consider Browsing Off as the default setting. Browsing on will
have cupsd listen on UDP port 631 on all interfaces, which might open
an attack vector in case of a bug in the cupsd.

If you decide to stick with the default, please add documentation to
cupsd.conf stating that udp port 631 will be listened on on all
interfaces by default to allow people to turn that feature off if
unwanted.

Greetings
Marc

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.9-zgserver
Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1)

Versions of packages cupsys depends on:
ii  adduser                     3.62         Add and remove users and groups
pn  cupsys-pstoraster                        Not found.
ii  debconf                     1.4.46       Debian configuration management sy
ii  libc6                       2.3.2.ds1-20 GNU C Library: Shared libraries an
pn  libcupsys2                               Not found.
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
pn  libslp1                                  Not found.
pn  libstdc++2.10-glibc2.2                   Not found.
ii  zlib1g                      1:1.2.2-4    compression library - runtime

---------------------------------------
Received: (at 297695-close) by bugs.debian.org; 13 Dec 2005 00:51:13 +0000
>From katie at ftp-master.debian.org Mon Dec 12 16:51:13 2005
Return-path: <katie at ftp-master.debian.org>
Received: from katie by spohr.debian.org with local (Exim 4.50)
	id 1ElyJx-0005v6-W3; Mon, 12 Dec 2005 16:47:09 -0800
From: Kenshi Muto <kmuto at debian.org>
To: 297695-close at bugs.debian.org
X-Katie: $Revision: 1.60 $
Subject: Bug#297695: fixed in cupsys 1.1.23-13
Message-Id: <E1ElyJx-0005v6-W3 at spohr.debian.org>
Sender: Archive Administrator <katie at ftp-master.debian.org>
Date: Mon, 12 Dec 2005 16:47:09 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 6

Source: cupsys
Source-Version: 1.1.23-13

We believe that the bug you reported is fixed in the latest version of
cupsys, which is due to be installed in the Debian FTP archive:

cupsys-bsd_1.1.23-13_i386.deb
  to pool/main/c/cupsys/cupsys-bsd_1.1.23-13_i386.deb
cupsys-client_1.1.23-13_i386.deb
  to pool/main/c/cupsys/cupsys-client_1.1.23-13_i386.deb
cupsys_1.1.23-13.diff.gz
  to pool/main/c/cupsys/cupsys_1.1.23-13.diff.gz
cupsys_1.1.23-13.dsc
  to pool/main/c/cupsys/cupsys_1.1.23-13.dsc
cupsys_1.1.23-13_i386.deb
  to pool/main/c/cupsys/cupsys_1.1.23-13_i386.deb
libcupsimage2-dev_1.1.23-13_i386.deb
  to pool/main/c/cupsys/libcupsimage2-dev_1.1.23-13_i386.deb
libcupsimage2_1.1.23-13_i386.deb
  to pool/main/c/cupsys/libcupsimage2_1.1.23-13_i386.deb
libcupsys2-dev_1.1.23-13_i386.deb
  to pool/main/c/cupsys/libcupsys2-dev_1.1.23-13_i386.deb
libcupsys2-gnutls10_1.1.23-13_all.deb
  to pool/main/c/cupsys/libcupsys2-gnutls10_1.1.23-13_all.deb
libcupsys2_1.1.23-13_i386.deb
  to pool/main/c/cupsys/libcupsys2_1.1.23-13_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 297695 at bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kenshi Muto <kmuto at debian.org> (supplier of updated cupsys package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster at debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 22 Aug 2005 18:50:26 +0900
Source: cupsys
Binary: cupsys-bsd libcupsys2-dev libcupsys2 cupsys libcupsys2-gnutls10 libcupsimage2-dev libcupsimage2 cupsys-client
Architecture: source i386 all
Version: 1.1.23-13
Distribution: unstable
Urgency: high
Maintainer: Debian CUPS Maintainers <pkg-cups-devel at lists.alioth.debian.org>
Changed-By: Kenshi Muto <kmuto at debian.org>
Description: 
 cupsys     - Common UNIX Printing System(tm) - server
 cupsys-bsd - Common UNIX Printing System(tm) - BSD commands
 cupsys-client - Common UNIX Printing System(tm) - client programs (SysV)
 libcupsimage2 - Common UNIX Printing System(tm) - image libs
 libcupsimage2-dev - Common UNIX Printing System(tm) - image development files
 libcupsys2 - Common UNIX Printing System(tm) - libs
 libcupsys2-dev - Common UNIX Printing System(tm) - development files
 libcupsys2-gnutls10 - Common UNIX Printing System(tm) - dummy libs for transition
Closes: 178838 235906 288838 297695 324459 324460 324464 338545 340626
Changes: 
 cupsys (1.1.23-13) unstable; urgency=high
 .
   * 38_pdftopscan.dpatch: Apply CAN-2005-0064, CAN-2004-0888,
     and CAN-2005-2097 patches. (closes: #324459, #324460, #324464)
     Because Debian cupsys uses xpdf wrapper instead of forked pdftops,
     so users aren't affected these security problems.
     This patch is just for users who want to create own pdftops from
     source.
   * Move Port/Listen and Browsing configurations from /etc/cups/
     cupsd.conf to /etc/cups/cups.d/.
 .
     /etc/cups/cups.d/ports.conf: Port/Listen configuration.
     /etc/cups/cups.d/browse.conf: Browsing configuration
 .
     You can configure these values by using "dpkg-reconfigure cupsys".
     (closes: #235906, #297695, #178838, #288838)
 .
   * Added Swedish debconf translation (closes: #338545). Thanks Daniel.
   * Updated Russian debconf translation (closes: #340626). Thanks Yuri.
 .
   * Applied xpdf patch to fix buffer overflows [pdftops/Stream.cxx,
     pdftops/Stream.h, CAN-2005-3191, CAN-2005-3192,
     48_security_CAN-2005-3191.dpatch]
     Because Debian cupsys uses xpdf wrapper instead of forked pdftops,
     so users aren't affected these security problems.
     This patch is just for users who want to create own pdftops from
     source.
Files: 
 c80d765816798b9b43ae3efedab005ea 1021 net optional cupsys_1.1.23-13.dsc
 751a0785a7d5704fb48d83f8f05ef910 1282545 net optional cupsys_1.1.23-13.diff.gz
 013840b7fb31896a9c1aaf3c64c55c40 984 libs optional libcupsys2-gnutls10_1.1.23-13_all.deb
 7c8e56ea3d20fe872e0a0b3f52d2285e 8963860 net optional cupsys_1.1.23-13_i386.deb
 81dd7f9b227d6e0b101d8b4b2d13895a 108582 net optional cupsys-client_1.1.23-13_i386.deb
 1049c749c8079e552653b4ac3aa52f5a 75214 libs optional libcupsys2_1.1.23-13_i386.deb
 4667934c8cb0c7ff6c3ecc0251bc9b53 85210 libdevel optional libcupsys2-dev_1.1.23-13_i386.deb
 0e29eb5c25315a40d5b23da1a5ce1fa8 56756 libs optional libcupsimage2_1.1.23-13_i386.deb
 4bf48d492a3b1a54a2f88f040069d808 46460 libdevel optional libcupsimage2-dev_1.1.23-13_i386.deb
 dcab3926e3097d2c6c880f8cf5795dcb 48082 net extra cupsys-bsd_1.1.23-13_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iEYEARECAAYFAkOeFzsACgkQQKW+7XLQPLFPJgCeOXZfBlGRQyNTddJoqNDJQO56
/IEAoKnUhmUfngveHnu2406MEkNCiR0f
=czHy
-----END PGP SIGNATURE-----




More information about the Pkg-cups-devel mailing list