[Pkg-cups-devel] r460 -
cupsys/branches/cups-1.2-ubuntu/debian/patches
Martin Pitt
mpitt at alioth.debian.org
Mon Apr 30 11:03:39 UTC 2007
Author: mpitt
Date: Mon Apr 30 11:03:37 2007
New Revision: 460
Removed:
cupsys/branches/cups-1.2-ubuntu/debian/patches/08_cupsd.conf.conf.d.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/26_modprobe.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/48_stdlib.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/64_driverfolder.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/66_setegid.dpatch
Modified:
cupsys/branches/cups-1.2-ubuntu/debian/patches/00list
cupsys/branches/cups-1.2-ubuntu/debian/patches/04_freebsd.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/06_disable_backend_setuid.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/07_removecvstag.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/09_runasuser.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/53_usr_share_ppd_support.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/54_cups-config_modeldir.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/55_ppd_okidata_name.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/56_dirsvc.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/62_classes_crash.dpatch
cupsys/branches/cups-1.2-ubuntu/debian/patches/98_search_mime_files_in_usr_share.dpatch
Log:
forward some patches upstream, add STR URLs; clean up some obsolete patches
Modified: cupsys/branches/cups-1.2-ubuntu/debian/patches/00list
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/patches/00list (original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/patches/00list Mon Apr 30 11:03:37 2007
@@ -4,7 +4,6 @@
#05_avoidunknowngroup.dpatch
06_disable_backend_setuid.dpatch
07_removecvstag.dpatch
-#08_cupsd.conf.conf.d.dpatch
09_runasuser.dpatch
09_runasuser_autoconf.dpatch
11_pam.dpatch
@@ -12,22 +11,17 @@
13_default_log_warn.dpatch
14_dont_force_ssl.dpatch
19_cupsaccept.dpatch
-#26_modprobe.dpatch
44_fixconfdirperms.dpatch
47_pid.dpatch
-#48_stdlib.dpatch
53_usr_share_ppd_support.dpatch
54_cups-config_modeldir.dpatch
55_ppd_okidata_name.dpatch
56_dirsvc.dpatch
57_cupsaddsmb.dpatch
-#58_fixdestc.dpatch
60_device_uri.dpatch
58_cupsd.conf-AllowLocal.dpatch
#61_job_c_strangeloop.dpatch
62_classes_crash.dpatch
-#64_driverfolder.dpatch
-#66_setegid.dpatch
67_printcap.dpatch
68_edit-config.dpatch
70_reactivate_recommended_driver.dpatch
Modified: cupsys/branches/cups-1.2-ubuntu/debian/patches/04_freebsd.dpatch
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/patches/04_freebsd.dpatch (original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/patches/04_freebsd.dpatch Mon Apr 30 11:03:37 2007
@@ -2,7 +2,7 @@
## 04_freebsd.dpatch by Kenshi Muto <kmuto at debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
-## DP: man extension is handled by dh_installman
+## DP: Forwarded upstream: http://www.cups.org/str.php?L2367
@DPATCH@
diff -urNad cups-1.2~/backend/parallel.c cups-1.2/backend/parallel.c
Modified: cupsys/branches/cups-1.2-ubuntu/debian/patches/06_disable_backend_setuid.dpatch
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/patches/06_disable_backend_setuid.dpatch (original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/patches/06_disable_backend_setuid.dpatch Mon Apr 30 11:03:37 2007
@@ -2,7 +2,7 @@
## 06_disable_backend_setuid.dpatch by <mpitt at debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
+## DP: Forwarded upstream: http://www.cups.org/str.php?L2368
@DPATCH@
diff -urNad cupsys~/scheduler/cups-deviced.c cupsys/scheduler/cups-deviced.c
@@ -31,4 +31,4 @@
- /*
* Run the backend with no arguments and collect the output...
*/
-
+
Modified: cupsys/branches/cups-1.2-ubuntu/debian/patches/07_removecvstag.dpatch
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/patches/07_removecvstag.dpatch (original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/patches/07_removecvstag.dpatch Mon Apr 30 11:03:37 2007
@@ -2,7 +2,7 @@
## 07_removecvstag.dpatch by Kenshi Muto <kmuto at debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
+## DP: Forwarded upstream: http://www.cups.org/str.php?L2369
@DPATCH@
diff -urNad cups-1.2~/conf/Makefile cups-1.2/conf/Makefile
Modified: cupsys/branches/cups-1.2-ubuntu/debian/patches/09_runasuser.dpatch
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/patches/09_runasuser.dpatch (original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/patches/09_runasuser.dpatch Mon Apr 30 11:03:37 2007
@@ -2,12 +2,16 @@
## 09_runasuser.dpatch by <mpitt at debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
+## DP: Provide a configuration switch --enable-privilege-dropping for running
+## DP: the scheduler as a normal system user. This confines security
+## DP: vulnerabilities to the scheduler itself rather than providing a
+## DP: remote root attack vector.
+## DP: Forwarded upstream: http://www.cups.org/str.php?L2370
@DPATCH@
diff -urNad cups-1.2-ubuntu~/config-scripts/cups-defaults.m4 cups-1.2-ubuntu/config-scripts/cups-defaults.m4
---- cups-1.2-ubuntu~/config-scripts/cups-defaults.m4 2006-11-16 14:34:44.000000000 +0100
-+++ cups-1.2-ubuntu/config-scripts/cups-defaults.m4 2007-02-07 17:47:54.000000000 +0100
+--- cups-1.2-ubuntu~/config-scripts/cups-defaults.m4 2007-04-30 11:47:51.000000000 +0200
++++ cups-1.2-ubuntu/config-scripts/cups-defaults.m4 2007-04-30 11:47:55.000000000 +0200
@@ -220,6 +220,17 @@
AC_DEFINE_UNQUOTED(CUPS_DEFAULT_GROUP, "$CUPS_GROUP")
AC_DEFINE_UNQUOTED(CUPS_DEFAULT_SYSTEM_GROUPS, "$CUPS_SYSTEM_GROUPS")
@@ -27,8 +31,8 @@
AC_ARG_WITH(printcap, [ --with-printcap set default printcap file],
default_printcap="$withval",
diff -urNad cups-1.2-ubuntu~/config.h.in cups-1.2-ubuntu/config.h.in
---- cups-1.2-ubuntu~/config.h.in 2006-11-02 21:01:54.000000000 +0100
-+++ cups-1.2-ubuntu/config.h.in 2007-02-07 17:47:54.000000000 +0100
+--- cups-1.2-ubuntu~/config.h.in 2007-04-30 11:47:51.000000000 +0200
++++ cups-1.2-ubuntu/config.h.in 2007-04-30 11:47:55.000000000 +0200
@@ -41,6 +41,11 @@
#define CUPS_DEFAULT_GROUP "sys"
#define CUPS_DEFAULT_SYSTEM_GROUPS "sys root system"
@@ -42,8 +46,8 @@
/*
* Default file permissions...
diff -urNad cups-1.2-ubuntu~/scheduler/cert.c cups-1.2-ubuntu/scheduler/cert.c
---- cups-1.2-ubuntu~/scheduler/cert.c 2006-04-07 16:39:46.000000000 +0200
-+++ cups-1.2-ubuntu/scheduler/cert.c 2007-02-07 17:47:54.000000000 +0100
+--- cups-1.2-ubuntu~/scheduler/cert.c 2007-04-30 11:47:51.000000000 +0200
++++ cups-1.2-ubuntu/scheduler/cert.c 2007-04-30 11:47:55.000000000 +0200
@@ -116,7 +116,7 @@
* Root certificate...
*/
@@ -54,8 +58,8 @@
cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdAddCert: NumSystemGroups=%d",
diff -urNad cups-1.2-ubuntu~/scheduler/conf.c cups-1.2-ubuntu/scheduler/conf.c
---- cups-1.2-ubuntu~/scheduler/conf.c 2007-02-07 17:47:53.000000000 +0100
-+++ cups-1.2-ubuntu/scheduler/conf.c 2007-02-07 17:47:54.000000000 +0100
+--- cups-1.2-ubuntu~/scheduler/conf.c 2007-04-30 11:47:51.000000000 +0200
++++ cups-1.2-ubuntu/scheduler/conf.c 2007-04-30 11:47:55.000000000 +0200
@@ -465,7 +465,11 @@
if (!status)
return (0);
@@ -69,8 +73,8 @@
/*
* See if the ServerName is an IP address...
diff -urNad cups-1.2-ubuntu~/scheduler/cups-polld.c cups-1.2-ubuntu/scheduler/cups-polld.c
---- cups-1.2-ubuntu~/scheduler/cups-polld.c 2006-08-23 22:55:33.000000000 +0200
-+++ cups-1.2-ubuntu/scheduler/cups-polld.c 2007-02-07 17:48:04.000000000 +0100
+--- cups-1.2-ubuntu~/scheduler/cups-polld.c 2007-04-30 11:47:51.000000000 +0200
++++ cups-1.2-ubuntu/scheduler/cups-polld.c 2007-04-30 11:47:55.000000000 +0200
@@ -34,6 +34,9 @@
* Include necessary headers...
*/
@@ -102,8 +106,8 @@
*/
diff -urNad cups-1.2-ubuntu~/scheduler/main.c cups-1.2-ubuntu/scheduler/main.c
---- cups-1.2-ubuntu~/scheduler/main.c 2006-11-14 17:35:27.000000000 +0100
-+++ cups-1.2-ubuntu/scheduler/main.c 2007-02-07 17:47:54.000000000 +0100
+--- cups-1.2-ubuntu~/scheduler/main.c 2007-04-30 11:47:51.000000000 +0200
++++ cups-1.2-ubuntu/scheduler/main.c 2007-04-30 11:47:55.000000000 +0200
@@ -58,6 +58,9 @@
#include <sys/resource.h>
#include <syslog.h>
@@ -145,21 +149,21 @@
/*
* Update the root certificate...
diff -urNad cups-1.2-ubuntu~/scheduler/process.c cups-1.2-ubuntu/scheduler/process.c
---- cups-1.2-ubuntu~/scheduler/process.c 2006-04-06 22:32:07.000000000 +0200
-+++ cups-1.2-ubuntu/scheduler/process.c 2007-02-07 17:47:54.000000000 +0100
-@@ -245,15 +245,6 @@
+--- cups-1.2-ubuntu~/scheduler/process.c 2007-04-30 11:47:51.000000000 +0200
++++ cups-1.2-ubuntu/scheduler/process.c 2007-04-30 11:48:06.000000000 +0200
+@@ -245,6 +245,7 @@
if (setuid(User))
exit(errno);
}
-- else
-- {
-- /*
-- * Reset group membership to just the main one we belong to.
-- */
--
-- setgid(Group);
-- setgroups(1, &Group);
-- }
++#if CUPS_DROP_PRIVILEGES == 0
+ else
+ {
+ /*
+@@ -254,6 +255,7 @@
+ setgid(Group);
+ setgroups(1, &Group);
+ }
++#endif
/*
* Change umask to restrict permissions on created files...
Modified: cupsys/branches/cups-1.2-ubuntu/debian/patches/53_usr_share_ppd_support.dpatch
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/patches/53_usr_share_ppd_support.dpatch (original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/patches/53_usr_share_ppd_support.dpatch Mon Apr 30 11:03:37 2007
@@ -2,7 +2,7 @@
## 53_usr_share_ppd_support.dpatch by <martin.pitt at ubuntu.com>
##
## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
+## DP: Forwarded upstream: http://www.cups.org/str.php?L2371
@DPATCH@
diff -urNad cupsys-1.2.1~/scheduler/cups-driverd.c cupsys-1.2.1/scheduler/cups-driverd.c
Modified: cupsys/branches/cups-1.2-ubuntu/debian/patches/54_cups-config_modeldir.dpatch
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/patches/54_cups-config_modeldir.dpatch (original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/patches/54_cups-config_modeldir.dpatch Mon Apr 30 11:03:37 2007
@@ -2,7 +2,7 @@
## 54_cups-config_modeldir.dpatch by <martin.pitt at ubuntu.com>
##
## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
+## DP: Forwarded upstream: http://www.cups.org/str.php?L2371
@DPATCH@
diff -urNad cups-1.2-ubuntu~/cups-config.in cups-1.2-ubuntu/cups-config.in
Modified: cupsys/branches/cups-1.2-ubuntu/debian/patches/55_ppd_okidata_name.dpatch
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/patches/55_ppd_okidata_name.dpatch (original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/patches/55_ppd_okidata_name.dpatch Mon Apr 30 11:03:37 2007
@@ -2,7 +2,7 @@
## 55_ppd_okidata_name.dpatch by <doko at ubuntu.com>
##
## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
+## DP: Forwarded upstream: http://www.cups.org/str.php?L2372
@DPATCH@
--- ./ppd/okidata9.ppd~ 2005-12-15 17:19:46.000000000 +0100
Modified: cupsys/branches/cups-1.2-ubuntu/debian/patches/56_dirsvc.dpatch
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/patches/56_dirsvc.dpatch (original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/patches/56_dirsvc.dpatch Mon Apr 30 11:03:37 2007
@@ -2,7 +2,7 @@
## 56_dirsvc.dpatch by Kenshi Muto <kmuto at debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
+## DP: Forwarded upstream: http://www.cups.org/str.php?L2373
@DPATCH@
diff -urNad cups-1.2-ubuntu~/scheduler/dirsvc.c cups-1.2-ubuntu/scheduler/dirsvc.c
Modified: cupsys/branches/cups-1.2-ubuntu/debian/patches/62_classes_crash.dpatch
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/patches/62_classes_crash.dpatch (original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/patches/62_classes_crash.dpatch Mon Apr 30 11:03:37 2007
@@ -2,7 +2,7 @@
## 62_classes_crash.dpatch by Kenshi Muto <kmuto at debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
+## DP: TODO: forward upstream, find details
@DPATCH@
diff -urNad cupsys-1.2.3~/scheduler/classes.c cupsys-1.2.3/scheduler/classes.c
Modified: cupsys/branches/cups-1.2-ubuntu/debian/patches/98_search_mime_files_in_usr_share.dpatch
==============================================================================
--- cupsys/branches/cups-1.2-ubuntu/debian/patches/98_search_mime_files_in_usr_share.dpatch (original)
+++ cupsys/branches/cups-1.2-ubuntu/debian/patches/98_search_mime_files_in_usr_share.dpatch Mon Apr 30 11:03:37 2007
@@ -2,7 +2,7 @@
## 98_search_mime_files_in_usr_share.dpatch by <till.kamppeter at gmail.com>
##
## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
+## DP: Forwarded upstream: http://www.cups.org/str.php?L2373
@DPATCH@
diff -urNad cupsys-1.2.8~/scheduler/conf.c cupsys-1.2.8/scheduler/conf.c
More information about the Pkg-cups-devel
mailing list