cupsys (1.3.7-1ubuntu3) hardy; urgency=low * Add debian/patches/CVE-2008-1722.dpatch: Two integer overflows in png image filter allow a denial of service attack and possibly arbitrary code execution. [STR #2790, CVE-2008-1722]. Taken from Debian SVN head. -- Martin Pitt Mon, 21 Apr 2008 17:54:33 +0200 cupsys (1.3.7-1ubuntu2) hardy; urgency=low * debian/control: Add missing build dependency lsb-release. This will bring back the lost AppArmor profile. (LP: #211375) Also wrap long fields, so that they are easier to edit. -- Martin Pitt Sun, 06 Apr 2008 10:24:39 -0600 cupsys (1.3.7-1ubuntu1) hardy; urgency=low * Merge new upstream bug fix release from unstable. - Fixes CUPS GIF image filter overflow [CVE-2008-1373]. (LP: #210718) -- Martin Pitt Wed, 02 Apr 2008 11:16:39 +0200 cupsys (1.3.7-1) unstable; urgency=medium * Urgency medium due to security fix. * New upstream bugfix/security update release. For a detailled list of changes see http://www.cups.org/articles.php?L537. - CUPS GIF image filter overflow [CVE-2008-1373, STR #2765]. * Drop patches which are now upstream: - cgiCompileSearch_buffer_overflow.dpatch - testsuite-exit-code.dpatch - pbmprint.dpatch * search_mime_files_in_usr_share.dpatch: Drop log message about missing /usr/share/cups/mime/ from error to info, since it is not really an error, and causing the test suite to fail due to error log count mismatch. * pdftops-cups-1.4.dpatch: Apply r7391 from SVN head to fix missing error message newlines (STR #2743). * debian/rules: Remove cleaning of test suite HTML reports in test/, they are written to /tmp now. * Add pdftops-wait-eintr.dpatch: Handle EINTR in pdftops' wait() call. (Caught by test suite.) * debian/libcupsys2-dev.files: Drop i18n.h, it's an internal interface and not installed by upstream any more. * debian/control: Add poppler-utils | xpdf-utils build dependency, so that the test suite works during build. -- Martin Pitt Wed, 02 Apr 2008 11:03:37 +0200 cupsys (1.3.6-3ubuntu1) hardy; urgency=low * Merge recent bug fixes and security fix from Debian unstable. -- Martin Pitt Sat, 22 Mar 2008 12:48:56 +0100 cupsys (1.3.6-3) unstable; urgency=high [ Till Kamppeter ] * pdftops-cups-1.4.dpatch: Updated to Mike Sweet's patch version from CUPS STR #2716. * debian/patches/ppd-poll-with-client-conf.dpatch: If there is a client.conf pointing to a remote server, clients were not able to poll the PPD options from printers on that server (CUPS STRs #2731, #2763) [ Martin Pitt ] * Urgency high due to security fix. * debian/local/apparmor-profile: Allow cups-pdf to read files in ~/PDF/, so that it can overwrite files. (LP: #161222) * Add cgiCompileSearch_buffer_overflow.dpatch: Fix buffer overflow in cgiCompileSearch() using crafted search expressions. Exploitable if printer sharing is enabled. (CVE-2008-0047, STR #2729, Closes: #472105) -- Martin Pitt Sat, 22 Mar 2008 12:37:57 +0100 cupsys (1.3.6-2ubuntu2) hardy; urgency=low * debian/cupsys.postinst: Fix 'revert to single file' transitional code to also apply to newer versions in dapper-updates, remove a debugging statement, and fix syntax of the check. * debian/rules: Do not try to build a -dbg on Ubuntu, we removed it from the control file. -- Martin Pitt Mon, 17 Mar 2008 17:01:32 +0100 cupsys (1.3.6-2ubuntu1) hardy; urgency=low * Merge with Debian unstable, where I applied most of our remaining Delta; Remaining Ubuntu changes: - debian/cupsys.{pre,post}inst, debian/cupsys.preinst: + Revert to single cupsd.conf file for upgrade from Dapper, can be dropped after releasing Hardy. + Revert usr/share/doc symlink/directory breakage for upgrade from Gutsy, can be dropped after releasing Hardy. - debian/control, debian/rules: Drop cupsys-dbg package. This is not worth keeping as the only delta, so we can sync this package after Hardy's release. -- Martin Pitt Sun, 16 Mar 2008 22:57:04 +0100 cupsys (1.3.6-2) unstable; urgency=low * debian/rules: Configure with default log file permissions 0640. (Closes: #469853) * debian/control: Mention "lpr" in the description of -bsd, for easier apt-cache search catching. (Closes: #426519) * Remove debian/NEWS, there's nothing new since Etch's release. (Closes: #376580) * Add debian/patches/pbmprint.dpatch: Fix printing of PBM files, thanks to Eugeniy Meshcheryakov! (Closes: #313536) * debian/cupsys.preinst: Only chown /var/run/cups if it exists. (LP #156634) * Move scripting examples from cupsys to libcupsys2-dev. No need to install those 1.3 MB by default on every system, this is much more developer oriented. Mention this in the package description. * debian/rules: Explicitly build with -fno-stack-protector on arm and armel, since the compiler produces segfaulting binaries. Works around #469517. * search_mime_files_in_usr_share.dpatch: Do not fatally fail if DataDir/mime does not exist. This both makes much more sense (since /etc/cups is the canonical dir which must exist, and /usr/share/cups/mime is optional), and also unbreaks the test suite (which does not create this directory by default). * pidfile.dpatch: Specify PidFile in temporary directory in the self test's cupsd.conf. * debian/rules clean: Remove test suite HTML reports. * Add testsuite-exit-code.dpatch: Exit with nonzero if the test suite fails, so that it is easier to integrate into package building. * pdftops-cups-1.4.dpatch: Update pdftops location in test suite, too, so that it does not fail the PDF printing test. (Forwarded to STR #2759) * debian/rules: Run test suite on build. This will fail the build if any tests fail, so that problems on particular platforms will be caught easily. * debian/control: Add alternative (build-)depends to heimdal-dev. * debian/rules, debian/cupsys.postinst: Call update-rc.d to not install stop symlinks for runlevels 0 and 6, since they just needlessly slow down shutdown. Remove the obsolete kill symlinks on upgrade. Patch adopted from the Ubuntu branch, but without using the Ubuntu-only 'multiuser' mode of update-rc.d. * Add debian/local/apparmor-profile: AppArmor profile (taken from Ubuntu branch). Install it in debian/rules if package is built on Ubuntu (tested with lsb_release -is). Reload AppArmor in debian/cupsys.postinst if both the cupsys profile and AppArmor itself are present. * Add debian/patches/ubuntu-disable-browsing.dpatch: Disable Browsing by default when building on Ubuntu. * Add debian/patches/ubuntu-default-error-policy-retry-job.dpatch: Set default job error policy to "Retry", since it is less confusing and a better default on desktop machines. This is only applied when building on Ubuntu. * debian/control: Add Vcs-{Svn,Browser} fields. -- Martin Pitt Sun, 16 Mar 2008 22:34:50 +0100 cupsys (1.3.6-1ubuntu2) hardy; urgency=low * debian/cupsys.preinst: - only chown /var/run/cups if it exists (LP: #156634) -- Michael Vogt Mon, 10 Mar 2008 11:25:29 +0100 cupsys (1.3.6-1ubuntu1) hardy; urgency=low * Merge with Debian unstable to bring in the new upstream bugfix-only release and some packaging fixes. See 1.3.5-1ubuntu1 for list of remaining changes. -- Martin Pitt Tue, 26 Feb 2008 14:36:47 +0100 cupsys (1.3.6-1) unstable; urgency=low * New upstream bugfix release. - Fixes (CVE-2008-0882, bug #467653). * Remove the following patches which are upstream now: - fix_regression_reactivate_net_ifaces_changes_detection.dpatch - web-interface-breaks-default-auth-setting.dpatch * search_mime_files_in_usr_share.dpatch: Greatly simplified the patch by using mimeMerge(), so that it is more robust against upstream changes. Forwarded to STR#2719. * Dropped cupsd.conf-AllowLocal.dpatch; it does not do anything good any more for the current web and GUI administration tools (they handle this fine by themselves), so it's obsolete now. * Drop enable{sharing,browsing} and {sharing,browsing}_status scripts. They have never been used in Debian, not used any more in Ubuntu, and the current frontends (web, system-config-printer, etc.) do this in a much better way. * debian/docs: Remove redundant LICENSE.txt. * debian/rules: Add a generic rule to install lintian overrides in debian/packagename.lintian. * Add lintian overrides for unjustified/wontfix complaints about libcupsys2 and cupsys. * debian/cupsys.doc-base: Remove erroneous whitespace in the section separator. * debian/rules: Remove *.o and *.so files from PHP scripting examples directory (it's /usr/share after all). * debian/cupsys.init.d: Add Short-Description. * debian/rules: Do not ship an empty /usr/share/cups/model/ directory. -- Martin Pitt Tue, 26 Feb 2008 14:23:50 +0100 cupsys (1.3.5-2ubuntu1) hardy; urgency=low * debian/local/apparmor-profile: Added Kerberos authentication support to the AppArmor profile (LP: #189022). -- Till Kamppeter Sat, 23 Feb 2008 18:01:06 +0100 cupsys (1.3.5-2) unstable; urgency=low [ Martin Pitt ] * debian/cupsys.init.d: Add Should-Start: avahi. (Closes: #459662) [ Till Kamppeter ] * debian/patches/pdftops-cups-1.4.dpatch, debian/local/filters/pdftops: Replaced Helge Blischke's alternative pdftops wrapper by the pdftops of CUPS 1.4. The old pdftops wrapper did not work with the pdftops filter of Poppler, the new one works with the pdftops filters of both Poppler and XPDF (Closes: #457810; Ubuntu LP: #182379). * debian/patches/web-interface-breaks-default-auth-setting.dpatch: When modifying server settings with the CUPS web interface, the setting for the default authentication got overwritten with gibberish (Closes: #461331; CUPS STR #2703, Ubuntu LP: #188426). * debian/local/backends/dnssd: Updated dnssd to filter out IPv6 entries, as they clutter the lists of detected printers and make the network printer discovery process taking more time than needed. Applied also a bug fix and the possibility of querying one IP address by calling the dnssd backend with the IP as command line argument (like the snmp CUPS backend). -- Martin Pitt Mon, 25 Feb 2008 11:13:15 +0100 cupsys (1.3.5-1ubuntu3) hardy; urgency=low [ Martin Pitt ] * debian/cupsys.init.d: Add Should-Start: avahi. (LP: #181122) [ Till Kamppeter ] * debian/local/backends/dnssd: Updated dnssd to filter out IPv6 entries, as they clutter the lists of detected printers and make the network printer discovery process taking more time than needed. Applied also a bug fix and the possibility of querying one IP address by calling the dnssd backend with the IP as command line argument (like the snmp CUPS backend). -- Till Kamppeter Tue, 29 Jan 2008 19:01:06 +0000 cupsys (1.3.5-1ubuntu2) hardy; urgency=low * No-change rebuild against libldap-2.4-2. -- Steve Langasek Tue, 22 Jan 2008 16:52:31 +0000 cupsys (1.3.5-1ubuntu1) hardy; urgency=low * Merge with Debian unstable; remaining Ubuntu changes: - TearDown (fast shutdown): + debian/control: Add sysv-rc (>= 2.86.ds1-14.1ubuntu2) dependency. + debian/rules: Use 'multiuser' update-rc.d mode. - debian/control, debian/rules: Drop cupsys-dbg package. - debian/cupsys.{pre,post}inst, debian/cupsys.preinst: Various upgrade fixes that need to be kept until after the next LTS: + Revert to single cupsd.conf file. + Remove obsolete rc.d links. + Revert usr/share/doc symlink/directory breakage. - debian/patches/ubuntu-default-error-policy-retry-job.dpatch: Retry a failed job instead of stopping the print queue. - debian/patches/ubuntu-disable-browsing.dpatch: Disable browsing by default. - Add AppArmor profile: + debian/local/apparmor-profile + debian/cupsys.postinst: Reload AA profile on configuration. -- Martin Pitt Wed, 02 Jan 2008 13:29:53 +0100 cupsys (1.3.5-1) unstable; urgency=high [ Kenshi Muto] * New upstream release - cups-stops-broadcasting-on-HUP-with-explicit-BrowseAddress patch is merged. - Fix that SNMP backend did not check for negative string lengths. (CVE-2007-5849, closes: #457453). * Update pdftops.pl to 1.20. It fixes overwriting arbitary files via symlink attack. (CVE-2007-6358, closes: #456960) [ Till Kamppeter ] * debian/patches/fix_regression_reactivate_net_ifaces_changes_detection.dpatch : Fix a regression in upstream code that has removed the network interface update poll (CUPS STR #2631, LP: #177075). Thanks to Hugues Fournier (hugues dot fournier at gmail dot com) for the patch. -- Kenshi Muto Wed, 19 Dec 2007 17:07:05 +0900 cupsys (1.3.4-4) unstable; urgency=high [ Kenshi Muto] * cupsys depends on "ghostscript | gs-esp", not "ghostscript | gsp-esp"! I should punish myself. (closes: #456455) -- Kenshi Muto Tue, 18 Dec 2007 07:49:17 +0900 cupsys (1.3.4-3) unstable; urgency=high [ Martin Pitt ] * debian/control: Bump Standards-Version to 3.7.3 (no changes necessary). [ Till Kamppeter ] * debian/patches/cups-stops-broadcasting-on-hup-with-explicit-browseaddress.dpatch: cups stopped broadcasting on a hup signal when using a fixed browseaddress (cups str #2618, lp: #173470). [ Kenshi Muto] * Debconf translation - French (closes: #456272) - do update-debconfpo. Update all translations to use the msgstr 'dnssd' for msgid 'dnssd'. * cupsys depends on "ghostscript | gs-esp", to ease testing transition and upgrades from etch (closes: #456455). -- Kenshi Muto Mon, 17 Dec 2007 10:25:02 +0900 cupsys (1.3.4-2ubuntu3) hardy; urgency=low * debian/patches/cups-stops-broadcasting-on-HUP-with-explicit-BrowseAddress.dpatch: CUPS stopped broadcasting on a HUP signal when using a fixed BrowseAddress (CUPS STR #2618, LP: #173470). -- Till Kamppeter Mon, 10 Dec 2007 0:01:06 +0000 cupsys (1.3.4-2ubuntu2) hardy; urgency=low [ Martin Pitt ] * debian/local/apparmor-profile: Run drivers (PPD generators) unconfined, since they run as non-root and there are third-party ones we cannot control. [ Till Kamppeter ] * debian/local/backends/dnssd: Updated dnssd to support Mac OS X servers which broadcast their print queues only via DNS-SD and require clients to create raw IPP queues pointing to the server's queues manually. -- Martin Pitt Mon, 03 Dec 2007 11:22:57 +0100 cupsys (1.3.4-2ubuntu1) hardy; urgency=low * Merge with Debian unstable. Remaining Ubuntu changes: - TearDown (fast shutdown): + debian/control: Add sysv-rc (>= 2.86.ds1-14.1ubuntu2) dependency. + debian/rules: Use 'multiuser' update-rc.d mode. - debian/control, debian/rules: Drop cupsys-dbg package. - debian/cupsys.{pre,post}inst, debian/cupsys.preinst: Various upgrade fixes that need to be kept until after the next LTS: + Revert to single cupsd.conf file. + Remove obsolete rc.d links. + Revert usr/share/doc symlink/directory breakage. - debian/patches/ubuntu-default-error-policy-retry-job.dpatch: Retry a failed job instead of stopping the print queue. - debian/patches/ubuntu-disable-browsing.dpatch: Disable browsing by default. - Add AppArmor profile: + debian/local/apparmor-profile + debian/cupsys.postinst: Reload AA profile on configuration. * Revert most of the doc symlinking changes from 1.3.2-1ubuntu4, since Ubuntu's cdbs does it by default now. Clean up a few other pieces of Debian-Ubuntu delta noise along the way. * debian/local/apparmor-profile: Only restrict backends which are shipped by cupsys itself (or known packages like cups-pdf). All other backends remain unrestricted, since we cannot predict which privileges they need. * debian/local/apparmor-profile: Run bluetooth backend confined again and allow opening bluetooth sockets. -- Martin Pitt Mon, 03 Dec 2007 10:01:48 +0100 cupsys (1.3.4-2) unstable; urgency=low [ Kenshi Muto ] * Bumps up shlibs to 1.3.4. [ Martin Pitt ] * debian/control: Remove gs-esp alternative dependency, it's just "ghostscript" nowadays. * debian/control: Slightly bump the C/R: for -common; it's a pointless delta to Ubuntu and it doesn't hurt us. * debian/cupsys-bsd.postinst: Symlink cupsys-bsd's doc directory to cupsys-common's, not cupsys', since the latter is not a dependency. * debian/control: Demote cups-pdf from Recommends: to Suggests: to match the semantics (apt installs recommends by default now). * debian/cupsys.init.d: Add LSB header, thanks to Petter Reinholdtsen! (closes: #337640) * debian/rules: Configure with default printcap in /var/run/cups/. (closes: #452446) [ Till Kamppeter ] * Add debian/local/backends/dnssd: Printer discovery backend for several cheaper printers, like the HP Color LaserJet 2600n, are not discovered by the "snmp" backend. In addition, this backend extracts more info from the printers than the "snmp" backend, like for example available page description languages. This leads to better driver choices for unknown printer models. * debian/cupsys.install, debian/cupsys.{prerm,postinst,templates,rules}: Install new backend. * debian/control: Add Recommends: to avahi-utils; if it is installed, the dnssd backend can actually work. * debian/postinst: Activate new backends (since Etch) by default on upgrades. This affects snmp, scsi, serial, and dnssd. -- Martin Pitt Fri, 30 Nov 2007 18:42:15 +0100 cupsys (1.3.4-1ubuntu4) hardy; urgency=low * correct Replaces line in cupsys-common to make dapper->hardy upgrades work -- Michael Vogt Fri, 30 Nov 2007 11:28:44 +0100 cupsys (1.3.4-1ubuntu3) hardy; urgency=low * debian/local/apparmor-profile: - Allow rw access to /dev/parport* and ro access to /proc/sys/dev/parport/**, so that parallel port printer detection works. - Allow unconfined execution of the bluetooth backend. AppArmor currently forbids creation of bluetooth sockets without providing a profile option to allow it (see bug #172534). (LP: #147800) - Permit reading /etc/pnm2ppa.conf. (LP: #155530) - Disable AA profile for Samsung's MFP driver, since it needs very high and unknown privileges and is a third-party driver which we cannot control. (LP: #152537) -- Martin Pitt Wed, 28 Nov 2007 12:05:30 +0100 cupsys (1.3.4-1ubuntu2) hardy; urgency=low * debian/local/backends/dnssd, debian/rules, debian/cupsys.install, debian/cupsys.postinst, debian/cupsys.prerm, debian/cupsys.templates, debian/control: Added printer discovery backend "dnssd". Several cheaper printers, like the HP Color LaserJet 2600n, are not discovered by the "snmp" backend. In addition, this backend extracts more info from the printers than the "snmp" backend, like for example available page description languages. This leads to better driver choises for unknown printer models. -- Till Kamppeter Fri, 23 Nov 2007 12:01:06 +0000 cupsys (1.3.4-1ubuntu1) hardy; urgency=low * Merge new upstream version from Debian. -- Martin Pitt Wed, 07 Nov 2007 14:25:15 -0500 cupsys (1.3.4-1) unstable; urgency=high * New upstream release. - Fixes CVE-2007-4351 IPP Tags Memory Corruption Vulnerability (closes: #448866) [ Martin Pitt ] * debian/cupsys.postinst: Drop ancient code to remove root from group lpadmin. [ Kenshi Muto ] * Debconf translation - Finnish (closes: #446740) -- Kenshi Muto Fri, 02 Nov 2007 21:32:29 +0900 cupsys (1.3.2-1ubuntu7) gutsy; urgency=low * debian/cupsys.postinst: Drop ancient transitional code to remove root from group lpadmin. Under very odd circumstances ("root" has the same UID than the user) this could cause the user to be removed from group 'lpadmin'. Quite unlikely that this is the prime reason for LP #134503, but it's much cleaner in any case. -- Martin Pitt Mon, 15 Oct 2007 12:32:16 +0200 cupsys (1.3.2-1ubuntu6) gutsy; urgency=low * debian/local/apparmor-profile: Allow 'm' (executable mmapping) of /etc/shadow. This does not actually extend privileges since it is already readable, and does not actually make sense, but some weird backends want to do it nevertheless. (LP: #152061) -- Martin Pitt Sun, 14 Oct 2007 22:01:31 +0200 cupsys (1.3.2-1ubuntu5) gutsy; urgency=low * Revert previous approach to symlinking of documentation directories, and do it in a way that's more in line with the existing code in debian/rules. * debian/cupsys.docs: Remove duplicate files (LP: #149106). * Make libcupsys2 replace the broken version of cupsys to help out people who used dpkg --force-overwrite wrongly. * Fix dh_compress arguments to cope with moved examples. * debian/cupsys.preinst, debian/cupsys-common.preinst: Remove old directories before unpack, since dpkg won't replace directories with symlinks. -- Colin Watson Fri, 05 Oct 2007 02:46:34 +0100 cupsys (1.3.2-1ubuntu4) gutsy; urgency=low * cupsys-common: Depend on libcupsys2. * Symlink doc directories to avoid duplicate files. -- Matthias Klose Thu, 04 Oct 2007 17:45:31 +0200 cupsys (1.3.2-1ubuntu3) gutsy; urgency=low * No-change upload of 1ubuntu1, to revert the 1ubuntu2 upload which should never have happened. -- Martin Pitt Thu, 04 Oct 2007 13:42:28 +0200 cupsys (1.3.2-1ubuntu1) gutsy; urgency=low * Merge from Debian to get new upstream bug fix microrelease. (LP: #140877) * Removed debian/patches/fix_auto_rotate_images.dpatch: Fixed upstream (although slightly differently). * debian/local/apparmor-profile: Allow 'm' access to /etc/{passwd,group}. Apparently some backends want it that way. (part of LP #139665) * debian/local/apparmor-profile: Add forgotten /usr/lib/cups/cgi-bin/* rule to unbreak the web interface (regression from 1.3.0-4ubuntu2). -- Martin Pitt Wed, 19 Sep 2007 08:39:59 +0200 cupsys (1.3.2-1) unstable; urgency=low * New upstream bug fix release. - Fixes web interface for many browsers. (STR#2472, Closes: #440589) * Remove str2488-fix-localedir.dpatch, str2505_localize.dpatch, str2508-dont_kill_edit-config.tmpl.dpatch: Fixed upstream. -- Martin Pitt Tue, 18 Sep 2007 08:15:17 +0200 cupsys (1.3.0-4ubuntu4) gutsy; urgency=low [ Martin Pitt ] * debian/local/apparmor-profile: Allow cups-pdf to read /etc/papersize. [ Till Kamppeter ] * debian/patches/fix_auto_rotate_images.dpatch: Fix auto-rotation for best fit of images on the paper (CUPS STRs #2502 and #2513). -- Martin Pitt Wed, 12 Sep 2007 19:06:02 +0200 cupsys (1.3.0-4ubuntu3) gutsy; urgency=low * debian/local/apparmor-profile: Use abstraction tunable variables for /proc and /home. -- Kees Cook Wed, 12 Sep 2007 22:07:50 -0700 cupsys (1.3.0-4ubuntu2) gutsy; urgency=low * debian/local/apparmor-profile: #139105 was not a bug after all, but rather a misunderstood concept of AppArmor. Change the profile to allow unrestricted execution of filters, which are always run as unprivileged system user anyway. This should unbreak most third-party printer drivers. -- Martin Pitt Wed, 12 Sep 2007 19:02:43 +0200 cupsys (1.3.0-4ubuntu1) gutsy; urgency=low * Merge bugfixes from Debian. * debian/local/apparmor-profile: Append slashes to directory names, since AppArmor 2.1 wants it that way. * debian/local/apparmor-profile: Open up the profile for third-party printer drivers (like Turboprint, and other stuff in /usr/local/). This requires opening up the profile much more than necessary, due to AppArmor bug #139105. (LP: #133818) -- Martin Pitt Wed, 12 Sep 2007 15:34:13 +0200 cupsys (1.3.0-4) unstable; urgency=low * Install PO files again, but this time under /usr/share/cups/locale. cups has its own crazy PO file parser. * Add debian/patches/str2488-fix-localedir.dpatch: Make the --localedir configure option actually work (taken from upstream SVN, STR#2488) * debian/rules: Add --enable-gssapi to ensure that the package is built with Kerberos support. * debian/rules: Use -Wl,--as-needed linker flag. This drops a few unnecessary dependencies and should make checklib much happier. * Add debian/patches/str2508-dont_kill_edit-config.tmpl.dpatch: Do not kill edit-config.tmpl on distclean. Forwarded upstream as STR#2508. (Closes: #441697) * Add debian/patches/str2505_localize.dpatch: Fix localization of web interface (STR#2505, Closes: #440256) -- Martin Pitt Tue, 11 Sep 2007 22:43:06 +0200 cupsys (1.3.0-3ubuntu1) gutsy; urgency=low * Merge bugfixes from Debian. * debian/local/apparmor-profile: Allow dac_override for now; this is slightly nasty, but cups chowns a lot of files (e. g. in /var/spool/cups/tmp) to 'lp' and thus cannot read/write them any more afterwards. Since we confine file access pretty tightly, this should not be much of a problem. (LP: #133015) * debian/local/apparmor-profile: cupsd should manage /etc/printcap. (LP: #132969) -- Martin Pitt Tue, 21 Aug 2007 07:48:34 +0200 cupsys (1.3.0-3) unstable; urgency=low [ Martin Pitt ] * debian/control: Allow 'ghostscript' as alternative dependency to gs-esp. * debian/cupsys.dirs: Create /usr/lib/cups/backend/ (regression from the big debian/rules cleanup). (closes: #438432) * debian/cupsys.preinst: Bump the version comparison for the file owner cleanup, since some log files were still left as owned by 'cupsys' until #437536 was fixed. * debian/cupsys-common.files: Do not install the .po files, cups does not use them at runtime. (closes: #438625) [ Till Kamppeter ] * debian/local/postscript.ppd: New generic PostScript PPD file for unknown PostScript printers added. -- Martin Pitt Mon, 20 Aug 2007 16:23:58 +0200 cupsys (1.3.0-2ubuntu2) gutsy; urgency=low * debian/local/postscript.ppd: New generic PostScript PPD file for unknown PostScript printers added. -- Till Kamppeter Thu, 16 Aug 2007 18:01:06 +0100 cupsys (1.3.0-2ubuntu1) gutsy; urgency=low * Merge from debian unstable, remaining changes: - TearDown (fast shutdown): + debian/control: Add sysv-rc (>= 2.86.ds1-14.1ubuntu2) dependency. + debian/rules: Use 'multiuser' update-rc.d mode. - debian/control, debian/rules: Drop cupsys-dbg package. - debian/cupsys.postinst: Various transitions that need to be kept until the next LTS: + Auto-enable snmp, scsi, and serial backends on upgrade. + Revert to single cupsd.conf file. + Remove obsolete rc.d links. - debian/patches/ubuntu-default-error-policy-retry-job.dpatch: Retry a failed job instead of stopping the print queue. - debian/patches/ubuntu-disable-browsing.dpatch: Disable browsing by default. - Add AppArmor profile: + debian/local/apparmor-profile + debian/cupsys.postinst: Reload AA profile on configuration. -- Martin Pitt Wed, 15 Aug 2007 09:39:08 +0200 cupsys (1.3.0-2) unstable; urgency=low * debian/control: Re-add erroneously dropped adduser dependencies to cupsys and cupsys-client. Still needed for addgroup lpadmin. (closes: #437951) * debian/control: Add missing libkrb5-dev dependency to libcupsys2-dev. -- Martin Pitt Wed, 15 Aug 2007 09:22:29 +0200 cupsys (1.3.0-1) unstable; urgency=low [ Till Kamppeter ] * New upstream release (first release of 1.3.x generation) * 90_include_krb5_h_in_job_h.dpatch: Added a missing "#include " to the scheduler/job.h file (upstream bug). * Regenerated patches: 44_fixconfdirperms.dpatch, 47_pid.dpatch, 70_reactivate_recommended_driver.dpatch. * Removed patches (fixed upstream): 53_usr_share_ppd_support.dpatch, 55_ppd_okidata_name.dpatch, 68_edit-config.dpatch * debian/control: Added "libkrb5-dev", and "libavahi-compat-libdnssd-dev" to the build dependencies, so that the new Kerberos and DNS Service Discovery support of CUPS gets compiled. * debian/libcupsys2-dev.files: Removed /usr/include/cups/md5.h This file is not provided any more by CUPS * debian/cupsys.install, debian/cupsys-client.files: Added new files. * debian/rules: Added more files to "clean::" rule which upstream has forgotten in "make clean". [ Martin Pitt ] * Bump library shlibs to >= 1.3.0. * Drop 02_configure.dpatch, upstream configure does not set rpath any more for prefix=/usr. * Drop 54_cups-config_modeldir.dpatch, --modeldir was never actually used anywhere and not documented, and LSB prescribes /usr/share/ppd/ anyway. * Drop 56_dirsvc.dpatch, which was fixed upstream long ago and disabled in 00list anyway since then. * Drop 67_printcap.dpatch: /var/run/cups/printcap is now the implicit default upstream. * debian/patches: Drop number prefixes from patches. The enumeration is not useful at all any more since it both got inflated and is not sorted by any category. With dpatch we also do not need number prefixes. -- Martin Pitt Tue, 14 Aug 2007 21:10:50 +0200 cupsys (1.3.0-0ubuntu1) gutsy; urgency=low [ Till Kamppeter ] * New upstream release (first release of 1.3.x generation) * 90_include_krb5_h_in_job_h.dpatch: Added a missing "#include " to the scheduler/job.h file (upstream bug). * Regenerated patches: 44_fixconfdirperms.dpatch, 47_pid.dpatch, 70_reactivate_recommended_driver.dpatch, ubuntu-disable-browsing.dpatch, ubuntu-default-error-policy-retry-job.dpatch * Removed patches (fixed upstream): 53_usr_share_ppd_support.dpatch, 55_ppd_okidata_name.dpatch, 68_edit-config.dpatch * debian/control: Added "libkrb5-dev", and "libavahi-compat-libdnssd-dev" to the build dependencies, so that the new Kerberos and DNS Service Discovery support of CUPS gets compiled. * debian/libcupsys2-dev.files: Removed /usr/include/cups/md5.h This file is not provided any more by CUPS * debian/cupsys.install, debian/cupsys-client.files: Added new files. * debian/rules: Added more files to "clean::" rule which upstream has forgotten in "make clean". [ Martin Pitt ] * debian/local/apparmor-profile: Some more updates to work with third-party printer drivers (also under /opt). * Bump library shlibs to >= 1.3.0. -- Martin Pitt Tue, 14 Aug 2007 20:00:00 +0200 cupsys (1.2.12-4) unstable; urgency=low [ Martin Pitt ] * cupsys.logrotate: Fix last occurence of 'cupsys' user. (closes: #437536) * Moved all Debian specific filters to debian/local/filters. * Cleaned up debian/rules, moved some file installs to debian/cupsys.install. * Merge debian/cupsys.files into debian/cupsys.install and remove the former. Two different files are just too confusing. * debian/local/filters/pdftops: Do not pass /etc/cups/pdftops.conf to pdftops if it does not exist (poppler-utils does not have this file). (https://launchpad.net/bugs/125300) [ Martin-Éric Racine ] * Corrected download URL in debian/copyright. * Added debian/watch file using that URL. * Revised the Uploaders in debian/control: - Fixed the name for Masayuki Hatta. - Added Roger Leigh. * Removed cupsys-driver-gimpprint alternative in debian/control; superseded by cupsys-driver-gutenprint since Etch. -- Martin-Éric Racine Sun, 12 Aug 2007 13:36:30 +0300 cupsys (1.2.12-3ubuntu3) gutsy; urgency=low * debian/local/apparmor-profile: Allow unrestricted access to hplip. This has not been confined before and unbreaks hplip until we get an actual profile for it. (LP: #131470) -- Martin Pitt Tue, 14 Aug 2007 17:08:50 +0200 cupsys (1.2.12-3ubuntu2) gutsy; urgency=low * cupsys.logrotate: Fix last occurence of 'cupsys' user. * Moved all Debian specific filters to debian/local/filters. * Cleaned up debian/rules, moved some file installs to debian/cupsys.install. * Merge debian/cupsys.files into debian/cupsys.install and remove the former. Two different files are just too confusing. * debian/local/filters/pdftops: Do not pass /etc/cups/pdftops.conf to pdftops if it does not exist (poppler-utils does not have this file). (LP: #125300) * debian/local/apparmor-profile: Unbreak library access (for e. g. ghostscript and gutenprint) and allow execution of pdftops and pstops. * debian/local/apparmor-profile: Update profile to work with cups-pdf. -- Martin Pitt Sat, 11 Aug 2007 16:44:13 +0200 cupsys (1.2.12-3ubuntu1) gutsy; urgency=low * Merge latest fixes from Debian unstable. (LP: #29050) * debian/local/apparmor-profile: - Use abstractions/authentication and drop the passwd/shadow/pam rules. - Drop the redundant "/usr/lib/** mr" rule (already in 'base'). - Enforce by default, so that we get actual protection. -- Martin Pitt Thu, 09 Aug 2007 21:16:34 +0200 cupsys (1.2.12-3) unstable; urgency=low [ Martin-Éric Racine ] * Added presubj script to warn bug reporters to avoid filing Poppler or XPDF security issues, since we don't use that codebase; we call external programs who do and that's where the bug should be filed. [ Martin Pitt ] * cupsys.init.d: Remove stray chown'ing to 'cupsys' which does not exist any more. (closes: #436662) * cupsys.init.d: Fix detection of parallel printers when 'lp' is already loaded. (https://launchpad.net/bugs/29050) * debian/cupsys.init.d: Put back 'reload'. -- Martin Pitt Thu, 09 Aug 2007 20:47:42 +0200 cupsys (1.2.12-2ubuntu2) gutsy; urgency=low * cupsys.init.d: Remove stray chown'ing to 'cupsys' which does not exist any more.' -- Martin Pitt Wed, 08 Aug 2007 12:56:01 +0200 cupsys (1.2.12-2ubuntu1) gutsy; urgency=low * Merge from debian unstable, remaining changes: - TearDown (fast shutdown): + debian/control: Add sysv-rc (>= 2.86.ds1-14.1ubuntu2) dependency. + debian/rules: Use 'multiuser' update-rc.d mode. - debian/control, debian/rules: Drop cupsys-dbg package. - debian/cupsys.postinst: Various transitions that need to be kept until the next LTS: + Auto-enable snmp, scsi, and serial backends on upgrade. + Revert to single cupsd.conf file. + Remove obsolete rc.d links. - debian/patches/ubuntu-default-error-policy-retry-job.dpatch: Retry a failed job instead of stopping the print queue. - debian/patches/ubuntu-disable-browsing.dpatch: Disable browsing by default. - Add AppArmor profile: + debian/local/apparmor-profile + debian/cupsys.postinst: Reload AA profile on configuration. -- Martin Pitt Mon, 06 Aug 2007 16:24:49 +0200 cupsys (1.2.12-2) unstable; urgency=low [ Kenshi Muto ] * Added scripting directory to /usr/share/doc/cupsys/examples. This directory contains the binding code from Java, Perl, and PHP to CUPS. (closes: #193076) Although we Debian CUPS team cannot afford to maintain them, some of you may want them. * Added 'Recommends: cupsys' to cupsys-bsd. (closes: #426521) * Changed cupsys-client from 'Recommends: cupsys-bsd' to 'Suggests: cupsys-bsd.' because cupsys-bsd isn't so necessary for cupsys-client. * Fixed to use 'cupsys' instead of 'cups' for PAM on cups-check-pam-auth. (though Debian CUPS doesn't use this daemon) (closes: #425701) * Added debconf-2.0 to the dependency of cupsys-bsd. (closes: #415684) [ Martin Pitt ] * Drop the derooting changes. It still has some regressions, and with upstream not even acknowledging the need for improving cupsys' security we will sit on this forever. This will be replaced by an AppArmor/SELinux profiles in the future. - Drop derooting related patches: 06_disable_backend_setuid.dpatch 10_external_pam_helper.dpatch 09_runasuser.dpatch 09_runasuser_autoconf.dpatch - debian/cupsys{,-client}.postinst: Drop the 'cupsys' user setup and file permission juggling. - debian/rules: + Drop --with-cups-user configure option. + Do not modify the upstream default backend permissions. - debian/cupsys.init.d: Do not touch log file permissions any more. - debian/cupsys.files: Drop cups-check-pam-auth. - debian/NEWS: Drop description of derooting changes. - debian/control: Drop adduser dependency. * debian/patches/44_fixconfdirperms.dpatch: Do not create /var/run/cups/certs as lp:lpadmin, but as root:lpadmin, so that cupsd does not need CAP_DAC_OVERRIDE. This will make it possible to create a sensible AppArmor/SELinux profile. * debian/cupsys.preinst: Fix file permissions on upgrades (owner cupsys -> root). * debian/control, debian/rules: Remove references to libcupsys2-gnutls10, since it's a transitional package in Etch and not relevant any more in Lenny. * debian/cupsys.{pre,post}inst: Remove obsolete transition bits. * Remove obsolete debian/patches/05_avoidunknowngroup.dpatch. * Use ssl-cert's "snakeoil" SSL certificate by default: (Closes: #402370) - debian/control: Add ssl-cert dependency. - debian/cupsys.postinst: Symlink snakeoil SSL certificate if present, and there is none present yet. * debian/control: Replace obsolete ${Source-Version} with ${binary:Version}. [ Till Kamppeter ] * Add debian/local/textonly.{ppd,filter}: Text-only printer driver from Red Hat. Install it in debian/rules. * debian/rules: Install the D-Bus config file so that CUPS reports job progress to dbus clients (like sytem-config-printer). * Add debian/local/oopstops.{.pl,types,convs}: Helge Bliscke's oopstops filter to work around the bugs in the PostScript output of OpenOffice.org (from http://www.srz.de/Members/bla/cups/filter/oopstops). Install them in debian/rules. -- Martin Pitt Mon, 06 Aug 2007 15:47:33 +0200 cupsys (1.2.12-1ubuntu3) gutsy; urgency=low * debian/rules: Install the D-Bus config file so that CUPS reports job progress to the applet of sytem-config-printer * debian/rules, devian/textonly.ppd, debian/textonly.filter: Added text-only printer driver from Red Hat. -- Till Kamppeter Sun, 5 Aug 2007 20:22:06 +0100 cupsys (1.2.12-1ubuntu2) gutsy; urgency=low * Drop our derooting changes. It still has some regressions, and with upstream not even acknowledging the need for improving cupsys' security we will sit on this forever. (LP: #119289, LP: #129634) - Drop derooting related patches: 06_disable_backend_setuid.dpatch 10_external_pam_helper.dpatch 09_runasuser.dpatch 09_runasuser_autoconf.dpatch - debian/cupsys{,-client}.postinst: Drop the 'cupsys' user setup and file permission juggling. - debian/rules: + Drop --with-cups-user and --enable-privilege-dropping configure options. + Do not modify the upstream default backend permissions. - debian/cupsys.init.d: Do not touch log file permissions any more. - debian/cupsys.files: Drop cups-check-pam-auth. - debian/NEWS: Drop description of derooting changes. - debian/control: Drop adduser dependency. * debian/patches/44_fixconfdirperms.dpatch: Do not create /var/run/cups/certs as lp:lpadmin, but as root:lpadmin, so that cupsd does not need CAP_DAC_OVERRIDE. This will make it possible to create a sensible AppArmor profile. * debian/cupsys.preinst: Fix file permissions on upgrades (owner cupsys -> root). * Add debian/local/apparmor-profile: AppArmor profile for cupsys, to replace the former derooting patches. This uses complain mode for now, until we got some more testing. Install it to /etc/apparmor.d/usr.sbin.cupsd in debian/rules and reload apparmor in debian/cupsys.postinst on configure. -- Martin Pitt Thu, 02 Aug 2007 14:06:05 +0200 cupsys (1.2.12-1ubuntu1) gutsy; urgency=low * Merge to Debian's svn head to get upstream fixes. * debian/patches/10_external_pam_helper.dpatch: Close pipes in the case of errors, too. This can not really be responsible for the mess in #112803, but should be fixed anyway. -- Martin Pitt Mon, 16 Jul 2007 15:58:08 +0200 cupsys (1.2.12-1) unstable; urgency=low * New upstream release * removed unnecessary dependency against patch package (Closes: #431069) * Debconf translation - Danish (Closes: #426772) - Vietnamese (Closes: #426822) - Spanish (Closes: #430004) * Disabled external_pam_helper due to #425944 and Ubuntu#112803. (closes: #425944) -- Kenshi Muto Sat, 14 Jul 2007 14:56:24 +0900 cupsys (1.2.11-2ubuntu2) gutsy; urgency=low * debian/oopstops*, debian/rules: Added Helge Bliscke's oopstops filter to work around the bugs in the PostScript output of OpenOffice.org (from http://www.srz.de/Members/bla/cups/filter/oopstops). -- Till Kamppeter Mon, 4 Jun 2007 11:22:06 +0100 cupsys (1.2.11-2ubuntu1) gutsy; urgency=low * Merge ipp fix from Debian unstable. -- Martin Pitt Wed, 16 May 2007 09:16:33 +0200 cupsys (1.2.11-2) unstable; urgency=low * debian/rules: Latest cups installs the ipp backend with 0700 permissions, which makes it inaccessible to both the cups daemon (Closes: #423972) and unreadable for users (Closes: #415872) -- Martin Pitt Wed, 16 May 2007 09:06:44 +0200 cupsys (1.2.11-1ubuntu1) gutsy; urgency=low * Synchronize to Debian; remaining Ubuntu changes: - Snakeoil SSL cert support: + debian/control: Add ssl-cert dependency. + debian/cupsys.postinst: Symlink snakeoil SSL certificate if present. + debian/cupsys.preinst: Fix global SSL certificate owner/mode breakage (see 1.2.1-2ubuntu2); this needs to be kept until the next LTS release. - TearDown (fast shutdown): + debian/control: Add sysv-rc (>= 2.86.ds1-14.1ubuntu2) dependency. + debian/cupsys.postinst: Remove obsolete rc.d links. + debian/rules: Use 'multiuser' update-rc.d mode. - debian/control: Drop cupsys-dbg. - debian/cupsys.{config,postinst}: Transition to enable additional backends on upgrades. Needs to be kept until next LTS release. - debian/patches/ubuntu-default-error-policy-retry-job.dpatch: Retry a failed job instead of stopping the print queue. - debian/patches/ubuntu-disable-browsing.dpatch: Disable browsing by default. * Drop patches which are upstream now: - 80_brother_no_backchannel.dpatch - 92_texttops-prettyprint-crash.dpatch - 94_doc-port-in-client-conf.dpatch - 96_more-bug-fixes-between-cups-1.2.8-1.2.9.dpatch - 90_testpage-on-large-paper-sizes.dpatch -- Martin Pitt Mon, 14 May 2007 11:07:42 +0200 cupsys (1.2.11-1) unstable; urgency=low [ Kenshi Muto ] * Applied templates improvement patch contributed by debian-l10n-english team. (closes: #416350) * Debconf translation - Japanese - Galician (closes: #416357) - Swedish (closes: #416356) - Catalan (closes: #416367) - Basque (closes: #416385) - Norwegian (closes: #416401) - Italian (closes: #416407) * New upstream version 1.2.11: - 56_dirsvc patch is merged. [ Christian Perrier ] * Debconf translation - Czech (closes: #416939) - German (closes: #416994) - Brazilian Portuguese (closes: #417249) - French - Malayalam. (closes: #418030) - Russian. (closes: #417874) - Dutch. (closes: #418135) - Portuguese (closes: #418299) [ Martin Pitt ] * New upstream bugfix release (closes: #421899). Synchronize patches with Ubuntu and new upstream version 1.2.10: * Drop patches which are fixed upstream: 00_00str2111.dpatch, 00_01str2137.dpatch, 00_02str2144.dpatch, 00_03str2106.dpatch, 00_04str2117.dpatch, 00_05str2133.dpatch, 00_06str2121.dpatch, 00_07str2123.dpatch, 00_08str2135.dpatch, 00_09str2198.dpatch, 03_clean.dpatch, 65_detect_http_shutdown.dpatch * Remove a few obsolete patches: 08_cupsd.conf.conf.d.dpatch, 26_modprobe.dpatch, 48_stdlib.dpatch, 61_job_c_strangeloop.dpatch, 08_cupsd.conf.conf.d.dpatch, 64_driverfolder.dpatch. * Add debian/patches/14_dont_force_ssl.dpatch: Do not require SSL for /admin pages, since gnome-cups-manager (and most probably other GUI frontends) does not support this. * Add debian/patches/58_cupsd.conf-AllowLocal.dpatch: Allow access to local ethernet by default. This just affects the ACL, for actually enabling access cupsd needs to be switched to not only listen on localhost. With that, this setting does not need to be configured in two different places. * Add debian/patches/70_reactivate_recommended_driver.dpatch: Upstream CUPS filters the "(recommended)" marking from the NickNames of the PPD files when listing PPDs. These are an important orientation for the user and they are also made use of by some printer setup tools. We need them at least until a better solution for recommending drivers gets available. * Add debian/patches/98_search_mime_files_in_usr_share.dpatch: Let CUPS also search for *.types and *.convs files in /usr/share/cups/mime. This way packages can provide *.types and *.convs files which do not get considered as conffiles. (See https://launchpad.net/36532 for details). * debian/patches/*.dpatch: Forwarded a lot of patches to upstream bug tracker, add STR URLs to dpatch DP: headers. Synchronize packaging with Ubuntu: * debian/control: Drop transitional libcupsys2-gnutls10 package, it was only required for Sarge->Etch upgrades. * debian/control: Change netbase dependency to update-inetd, since that lives in its own package now. * debian/local/enable_sharing: Also match on 127.0.0.1 IP adresses in addition to 'localhost'. * debian/rules: Most of the clean:: rule is obsolete, only two files are left behind now. These two have been reported upstream in http://www.cups.org/str.php?L2366. * debian/cupsys.templates: Activate SCSI, serial, and SNMP backends by default. With these backends activated, many printers can be easily set up with the printer setup tools. Especially network printers get auto-detected and the correct URI gets assigned to them (doing this manually is a non-trivial task for most users). * debian/cupsys.dirs: Add /usr/share/ppd/custom/, a place where lpadmins can store additional PPDs (this functionality is e. g. provided in gnome-cups-manager's "Custom driver..." file dialog). * debian/cupsys.init.d: Give proper permissions to /usr/share/ppd/custom/: root:lpadmin 3775. Drop the obsolete chmod/chowning of /usr/share/cups/model. * Run the backend as non-root system user to confine the impact of security vulnerabilities: - Add debian/patches/10_external_pam_helper.dpatch: + Add a helper program 'cups-check-pam-auth' which performs PAM authentication and returns the status as exit code. + scheduler/auth.c, cupsdAuthorize(): Attempt to use cups-check-pam-auth before trying native PAM. + With this we do not need to put the cupsys user into the shadow group. - debian/cupsys.files: Install PAM helper. - debian/cupsys.postinst: Set permissions of PAM helper to cupsys:shadow 2754, alter permissions of some configuration files and directories to work with non-root cupsd. - debian/cupsys.postinst: Fix /var/cache/cups/ permissions for upgrades which might have written cache files as root. - debian/cupsys.logrotate: Save log files as cupsys:lpadmin. - debian/cupsys.init.d: Disable 'reload'; change force-reload to restart, since cupsd cannot reload as non-root. - debian/cupsys.init.d: Set up proper permissions of log files. - debian/rules: Enable --enable-privilege-dropping configure option. - debian/rules: Install lpd backend suid root, so that it can bind to ports < 1024 (really silly, but required for RFC compliance). - debian/cupsys-client.postinst, debian/cupsys.postinst: Set up cupsys system user. * debian/NEWS: Describe derooting. -- Martin Pitt Mon, 14 May 2007 09:23:16 +0200 cupsys (1.2.8-0ubuntu8) feisty; urgency=low * debian/cupsys.postinst: Clean up the mess which cupsys_1.2.8-0ubuntu3 and later caused by activating all the CUPS backends (closes: LP#92042). * debian/cupsys.postinst, debian/rules: Removed directories /opt/share/ppd and /usr/local/share/ppd. LSB 3.2 will only require /usr/share/ppd (PPD files and directories at other places should be symlinked to here) to not conflict with FHS (closes: LP#94353). -- Till Kamppeter Tue, 3 Apr 2007 17:22:06 +0100 cupsys (1.2.8-0ubuntu7) feisty; urgency=low * debian/cupsys.postinst: Sync /usr/lib/cups/backend always with the debconf settingsm, as otherwise sooner or later the backend directory will be empty (closes: LP#92042). * 96_more-bug-fixes-between-cups-1.2.8-1.2.9.dpatch: Generated some garbage files. Fixed. -- Till Kamppeter Tue, 14 Mar 2007 16:22:06 +0000 cupsys (1.2.8-0ubuntu6) feisty; urgency=low * 98_search_mime_files_in_usr_share.dpatch: CUPS failed reading the *.types and *.convs files in /etc/cups when /usr/share/cups/mime did not exist. Fixed (closes: LP#92205). -- Till Kamppeter Tue, 14 Mar 2007 12:22:06 +0000 cupsys (1.2.8-0ubuntu5) feisty; urgency=low * debian/cupsys.postinst: Assure that special permissions of lpd backend are always correctly set for the link in /usr/lib/cups/backend (closes: LP#91382). * 98_search_mime_files_in_usr_share.dpatch: Let CUPS also search for *.types and *.convs files in /usr/share/cups/mime. This way packages can provide *.types and *.convs files which do not get considered as conffiles (All files in /etc get considered as conffiles, closes: LP#36532). * 96_more-bug-fixes-between-cups-1.2.8-1.2.9.dpatch: Keep up with upstream bug fixes: o cupsd crash in get_jobs: In get_jobs when my-jobs is set, we compare the job username before it is loaded (upstream STR #2288). o Fixed messed-up french translation (upstream STR #2287). o The scheduler's openssl certificate generation code was broken on some platforms (upstream STR #2282). o The scheduler's log rotation check for devices was broken (upstream STR #2278). o The LPD mini-daemon did not handle the document-format option correctly (upstream STR #2266). -- Till Kamppeter Mon, 12 Mar 2007 15:22:06 +0000 cupsys (1.2.8-0ubuntu4) feisty; urgency=low * debian/cupsys.postinst: (De)activate backends also if the user initially installs cupsys (no update from older cupsys package). * 96_more-bug-fixes-between-cups-1.2.8-1.2.9.dpatch: Keep up with upstream bug fixes: o The pdftops filter ignored the "match" size option in the pdftops.conf file (upstream STR #2285) o cupstestppd now validates UTF-8 text strings in globalized PPD files (STR #2283) o The outputorder=reverse option did not work with all printers (STR #2279) -- Till Kamppeter Sun, 11 Mar 2007 17:22:06 +0000 cupsys (1.2.8-0ubuntu3) feisty; urgency=low * debian/cupsys.templates: Re-activated CUPS backeds "snmp", "serial", and "scsi" which were deactivated by Debian. With these backends activated many more printers can be easily set up with the printer setup tools. Especially network printers get auto-detected and the correct URI gets assigned to them (doing this manually is a non-trivial task for most users. * debian/cupsys.config, debian/cupsys.postinst: (De)activate only if the user has called the configuration interface (eg by calling "dpkg-reconfigure cupsys") and changed something there. * debian/cupsys.postinst: On an update from any older cupsys package to this one or newer activate the snmp, scsi, and serial backends. * 96_more-bug-fixes-between-cups-1.2.8-1.2.9.dpatch: Keep up with upstream bug fixes: o Classes containing other classes did not always work (upstream STR #2255) o Printer location and description information was lost if the corresponding string contained the "#" character (upstream STR #2254) o cupsRemoveOption() did not work properly (upstream STR #2264) -- Till Kamppeter Mon, 5 Mar 2007 19:22:06 +0000 cupsys (1.2.8-0ubuntu2) feisty; urgency=low * 70_reactivate_recommended_driver.dpatch: Upstream CUPS filters the "(recommended)" marking from the NickNames of the PPD files when listing PPDs. These are an important orientation for the user and they are also made use of by some printer setup tools. We need them at least until a better solution for recommending drivers gets available. * 80_brother_no_backchannel.dpatch: Brother printers are not accessible any more when they have printed one job through the CUPS "usb" backend. The problem is solved by letting the backend not querying the backchannel on these printers any more (closes: LP#57050, upstream STR #2243). * 90_testpage-on-large-paper-sizes.dpatch: The labels at the rulers on the borders of the CUPS test page got too big on large paper sizes (closes: LP#85339, upstream STR #2252). * 92_texttops-prettyprint-crash.dpatch: The plain text filter of CUPS crashed when using the prettyprint option (upstream STR #2158). * 94_doc-port-in-client-conf.dpatch: The documentation did not tell how to specify a port in client.conf. -- Till Kamppeter Thu, 22 Feb 2007 12:22:06 +0000 cupsys (1.2.8-0ubuntu1) feisty; urgency=low * New upstream bugfix release. * Removed patches: 00_NNstrXXXX.dpatch, 65_detect_http_shutdown.dpatch: These were backported from SVN and are now part of 1.2.8. * debian/patches/09_runasuser_autoconf.dpatch: Adapt to new upstream version. * debian/control: Set Ubuntu maintainer. -- Martin Pitt Wed, 21 Feb 2007 14:22:44 +0100 cupsys (1.2.7-4ubuntu2) feisty; urgency=low * debian/local/enable_sharing: Fix regex to find both 127.0.0.1 and 'localhost' to fix enabling sharing the second time. Closes: LP#75903 * debian/patches/09_runasuser.dpatch: Drop root privileges of cups-polld after creating the socket. This allows cupsd to kill polld on shutdown, and has the nice side effect of improving security. Closes: LP#30965 -- Martin Pitt Wed, 7 Feb 2007 17:48:28 +0100 cupsys (1.2.7-4ubuntu1) feisty; urgency=low * Merge from debian unstable, remaining changes: - Snakeoil SSL cert support: + debian/control: Add ssl-cert dependency. + debian/cupsys.postinst: Symlink snakeoil SSL certificate if present. - TearDown (fast shutdown): + debian/control: Add sysv-rc (>= 2.86.ds1-14.1ubuntu2) dependency. + debian/cupsys.postinst: Remove obsolete rc.d links. + debian/rules: Use 'multiuser' update-rc.d mode. - debian/control: Drop libcupsys2-gnutls10 and cupsys-dbg packages. - Run cupsd as system user 'cupsd' instead of root to confine impact of security vulnerabilities: + cupsys{,-client}.postinst: Set up cupsys user and put it into the appropriate groups. + debian/cupsys.init.d: Set up proper permissions of log files. + debian/cupsys.init.d: Disable 'reload', force-reload does restart, since cupsd cannot reload as non-root. + debian/cupsys.logrotate: Own the log files to cupsys:lpadmin. + Add debian/patches/ubuntu-external-pam-helper.dpatch: Helper program cups-check-pam-auth which performs PAM authentication and returns the status as exit code. + debian/cupsys.files: Install cups-check-pam-auth. + debian/cupsys.postinst: Set permissions of cups-check-pam-auth to cupsys:shadow 2754. + debian/rules: Configure with --enable-privilege-dropping. + debian/rules: Install lpd backend suid root so that it can bind to a privileged port. - Support user-installed PPDs: - debian/cupsys.dirs: Add usr/share/ppd/custom. - debian/cupsys.init.d: Set up this dir as root:lpadmin 03775. - debian/patches/14_dont_force_ssl.dpatch: Do not require SSL for the web frontend since gnome-cups-manager does not cope with that. - debian/patches/58_cupsd.conf-AllowLocal.dpatch: Allow access to local ethernet by default. This just affects the ACL, for actually enabling access cupsd needs to be switched to not only listen on localhost. (So this does not need to be configured in two different places). - debian/patches/ubuntu-default-error-policy-retry-job.dpatch: Retry a failed job instead of stopping the print queue. - debian/patches/ubuntu-disable-browsing.dpatch: Disable browsing by default. - Changed dependency in cupsys-bsd for netbase into update-inetd. - Removed obsolete emacs config settings at the end of changelog. * debian/cupsys.init.d: Fixed parallel port module loading in the init script, the "ppdev" module got only loaded when the "lp" module was not loaded yet (closes LP#29050). * debian/cupsys.init.d: Set permissions of log files again after starting the CUPS daemon, as the daemon sets them to a bad state so that it cannot log after dropping privileges (closes LP#54277). -- Till Kamppeter Tue, 6 Feb 2007 13:22:06 +0000 cupsys (1.2.7-4) unstable; urgency=high [ Kenshi Muto ] * Use dh_usrlocal to install files in /usr/local in the maintainer scripts, instead of shipping them in the deb. This was policy violation (closes: #409335) -- Kenshi Muto Fri, 2 Feb 2007 18:16:24 +0900 cupsys (1.2.7-3) unstable; urgency=high [ Kenshi Muto ] * removed STR2137 patch. This patch corruted some Postscript files. (closes: #403703) This was a release critical bug. * Provides /usr/local/share/ppd and /opt/share/ppd to satisfy LSB 3.2. (closes: #408154) * Applied upstream patch: - STR2198: The scheduler still loaded the remote printer cache, even when browsing was disabled * Debconf translation - Portuguese (closes: #408332) - Norwegian (closes: #406253) -- Kenshi Muto Thu, 1 Feb 2007 10:17:30 +0000 cupsys (1.2.7-2ubuntu1) feisty; urgency=low * Merge from debian unstable, remaining changes: - Snakeoil SSL cert support: + debian/control: Add ssl-cert dependency. + debian/cupsys.postinst: Symlink snakeoil SSL certificate if present. - TearDown (fast shutdown): + debian/control: Add sysv-rc (>= 2.86.ds1-14.1ubuntu2) dependency. + debian/cupsys.postinst: Remove obsolete rc.d links. + debian/rules: Use 'multiuser' update-rc.d mode. - debian/control: Drop libcupsys2-gnutls10 and cupsys-dbg packages. - Run cupsd as system user 'cupsd' instead of root to confine impact of security vulnerabilities: + cupsys{,-client}.postinst: Set up cupsys user and put it into the appropriate groups. + debian/cupsys.init.d: Set up proper permissions of log files. + debian/cupsys.init.d: Disable 'reload', force-reload does restart, since cupsd cannot reload as non-root. + debian/cupsys.logrotate: Own the log files to cupsys:lpadmin. + Add debian/patches/ubuntu-external-pam-helper.dpatch: Helper program cups-check-pam-auth which performs PAM authentication and returns the status as exit code. + debian/cupsys.files: Install cups-check-pam-auth. + debian/cupsys.postinst: Set permissions of cups-check-pam-auth to cupsys:shadow 2754. + debian/rules: Configure with --enable-privilege-dropping. + debian/rules: Install lpd backend suid root so that it can bind to a privileged port. - Support user-installed PPDs: - debian/cupsys.dirs: Add usr/share/ppd/custom. - debian/cupsys.init.d: Set up this dir as root:lpadmin 03775. - debian/patches/14_dont_force_ssl.dpatch: Do not require SSL for the web frontend since gnome-cups-manager does not cope with that. - debian/patches/58_cupsd.conf-AllowLocal.dpatch: Allow access to local ethernet by default. This just affects the ACL, for actually enabling access cupsd needs to be switched to not only listen on localhost. (So this does not need to be configured in two different places). - debian/patches/ubuntu-default-error-policy-retry-job.dpatch: Retry a failed job instead of stopping the print queue. - debian/patches/ubuntu-disable-browsing.dpatch: Disable browsing by default. - Changed dependency in cupsys-bsd for netbase into update-inetd. - Removed obsolete emacs config settings at the end of changelog. * Added directories and links for PPD files according to the FHS extension for a distribution-independent printer driver location: http://lists.freestandards.org/pipermail/printing-architecture/2006/001512.html (Debian bug #408154). -- Till Kamppeter Fri, 26 Jan 2007 13:22:06 +0000 cupsys (1.2.7-2) unstable; urgency=high [ Kenshi Muto ] * Applied upstream patches to fix some (include RC) bugs as dpatch style: - STR2106: Raw PBM files did not print correctly - STR2111: The PostScript filter did not properly output document setup commands for reversed output (closes: Bug#403703) - STR2117: The scheduler did not parse IPv6 netmask properly - STR2121: cupsDoAuthentication() did not translate the password prompt - STR2123: The backends incorrectly used STATUS: media-tray-empty-error messages for out-of-paper conditions - STR2133: httpGetLength2() did not handle error messages without content correctly - STR2135: cupsMarkOptions() did not handle the multiple-document-handling option - STR2137: Collated output produced by the PostScript filter could lose some options - STR2144: job-hold-until with time values for the next day would be held for 60 days * 67_printcap: Add Printcap/PrintcapFormat/PrintcapGUI variables to cupsd.conf file. (closes: #401981) * cupsys makes /var/run/cups/certs. Although CUPS daemon can make it automatically, the daemon logs an warning. * 68_edit-config: Provide same cupsd.conf as initial package installation. -- Kenshi Muto Wed, 6 Dec 2006 22:42:34 +0000 cupsys (1.2.7-1ubuntu2) feisty; urgency=low * Change dependency in cupsys-bsd for netbase into update-inetd. * Remove obsolete emacs config settings at the end of changelog. -- Tollef Fog Heen Thu, 14 Dec 2006 11:37:58 +0100 cupsys (1.2.7-1ubuntu1) feisty; urgency=low * Merge to Debian unstable to get new upstream bugfix release. -- Martin Pitt Fri, 24 Nov 2006 17:53:12 +0100 cupsys (1.2.7-1) unstable; urgency=low * New upstream release - Added Italian translation [ Kenshi Muto ] * Add printer.schema to /usr/share/doc/cupsys/examples for LDAP. (closes: #399122) -- Kenshi Muto Sat, 18 Nov 2006 10:03:30 +0900 cupsys (1.2.6-2) unstable; urgency=low [ Kenshi Muto ] * Debconf translation - Brazillian Portuguese (closes: #397842) - Basque (closes: #398574) * 00_r6100: Apply SVN r6100. - Fixed an inefficiency in the SNMP IPP detection code (closes: #397833) -- Kenshi Muto Tue, 14 Nov 2006 22:29:08 +0900 cupsys (1.2.6-1) unstable; urgency=low * New upstream release Fixes bugs include - "lpc status" did not show the number of queued jobs for disabled queues - The lpstat program could hang -- Kenshi Muto Tue, 7 Nov 2006 21:09:33 +0900 cupsys (1.2.5-1ubuntu1) feisty; urgency=low * Merge to Debian svn head. Remaining Ubuntu changes: - Snakeoil SSL cert support: + debian/control: Add ssl-cert dependency. + debian/cupsys.postinst: Symlink snakeoil SSL certificate if present. - TearDown (fast shutdown): + debian/control: Add sysv-rc (>= 2.86.ds1-14.1ubuntu2) dependency. + debian/cupsys.postinst: Remove obsolete rc.d links. + debian/rules: Use 'multiuser' update-rc.d mode. - debian/control: Drop libcupsys2-gnutls10 and cupsys-dbg packages. - Run cupsd as system user 'cupsd' instead of root to confine impact of security vulnerabilities: + cupsys{,-client}.postinst: Set up cupsys user and put it into the appropriate groups. + debian/cupsys.init.d: Set up proper permissions of log files. + debian/cupsys.init.d: Disable 'reload', force-reload does restart, since cupsd cannot reload as non-root. + debian/cupsys.logrotate: Own the log files to cupsys:lpadmin. + Add debian/patches/ubuntu-external-pam-helper.dpatch: Helper program cups-check-pam-auth which performs PAM authentication and returns the status as exit code. + debian/cupsys.files: Install cups-check-pam-auth. + debian/cupsys.postinst: Set permissions of cups-check-pam-auth to cupsys:shadow 2754. + debian/rules: Configure with --enable-privilege-dropping. + debian/rules: Install lpd backend suid root so that it can bind to a privileged port. - Support user-installed PPDs: - debian/cupsys.dirs: Add usr/share/ppd/custom. - debian/cupsys.init.d: Set up this dir as root:lpadmin 03775. - debian/patches/14_dont_force_ssl.dpatch: Do not require SSL for the web frontend since gnome-cups-manager does not cope with that. - debian/patches/58_cupsd.conf-AllowLocal.dpatch: Allow access to local ethernet by default. This just affects the ACL, for actually enabling access cupsd needs to be switched to not only listen on localhost. (So this does not need to be configured in two different places). - debian/patches/ubuntu-default-error-policy-retry-job.dpatch: Retry a failed job instead of stopping the print queue. - debian/patches/ubuntu-disable-browsing.dpatch: Disable browsing by default. -- Martin Pitt Fri, 3 Nov 2006 11:15:14 +0100 cupsys (1.2.5-1) unstable; urgency=medium * New upstream release. [ Kenshi Muto ] * 00_r6052: Apply SVN r6052 to pass the compile with libpaper. * provides /etc/pam.d/cupsys correctly. (closes: #392142) (renamed debian/pam to debian/cupsys.pam) * fixed "ppd API fails to discover printer nickname and options" problem" by upstream (closes: #394255) -- Kenshi Muto Sat, 21 Oct 2006 01:18:34 +0000 cupsys (1.2.4-2ubuntu3) edgy; urgency=low * Add debian/patches/15_usb-devname.dpatch: - Removing the first USB printer caused other USB printers to be inaccessible. - Upstream: STR#2017 - Closes: LP#64725 -- Matthias Urlichs Sun, 8 Oct 2006 18:06:23 +0200 cupsys (1.2.4-2ubuntu2) edgy; urgency=low * debian/rules: Do not install http/ipp backend with 0700 permissions (regression from 1.2.4-2). Closes: LP#63707 * Add debian/patches/00_dsc-comment-encoding.dpatch: - Fix printing of jobs with invalid/misinterpreted characters in the name. - Patch taken from upstream SVN, thanks to Till Kamppeter for porting it to 1.2.4. (STR#1988) - Closes: LP#57445 -- Martin Pitt Thu, 5 Oct 2006 10:30:24 +0200 cupsys (1.2.4-2ubuntu1) edgy; urgency=low * Merge recent Debian changes to get some bug fixes and new upstream version 1.2.4 (UVF exception approved by Matt Zimmerman): - The --with-printcap configure option did not work (STR #1984) - The character set reported by cupsLangGet() did not always reflect the default character set of a given locale (STR #1983) - Older Lexmark and Tektronix printers did not work with IPP (STR #1980) - Failsafe printing did not work (PR #6328) - Some web interface redirects did not work (STR #1978) - The web interface change settings button could introduce a "Port 0" line in cupsd.conf if there was no loopback connection available (STR #1979) - The web interface change settings and edit configuration file buttons would truncate the cupsd.conf file (STR #1976) - The German web interface used the wrong printer icon images (STR #1973) - (The other changes of 1.2.4 were already present as patch in the previous version.) - Remove transitional PPD symlink which is not necessary any more and just causes loops. Closes: LP#62198 - Fix CPU hogging of gnome-cups-manager. Closes: LP#44196 * Add debian/patches/ubuntu-default-error-policy-retry-job.dpatch: - Do not stop the printer if a job failed, just reattempt it. The default policy might be suitable for large offices with an admin, but it puts home users at loss. Thanks to Till Kamppeter for the patch! Closes: LP#41313 -- Martin Pitt Mon, 2 Oct 2006 16:08:27 +0200 cupsys (1.2.4-2) unstable; urgency=low [ Kenshi Muto ] * PPD transition to /usr/share/ppd is mostly finished. Now I remove old symlink /usr/share/ppd/cups-transitional-dir and /usr/share/cups/cups-included. (closes: #381266, #383291) * Update debconf translations: - Brazilian Portuguese (closes: #389222) * Tried to solve the backend permission problem. CUPS scheduler uses a permission and owner information of backend program. - Install ipp and lpd as mode 0700. - Create backend links as hardlink instead of symlink. -- Kenshi Muto Sat, 30 Sep 2006 14:56:29 +0900 cupsys (1.2.4-1) unstable; urgency=medium * New upstream release - The web interface change settings and edit configuration file buttons would truncate the cupsd.conf file (STR #1976, closes: #389093) Because this bug seems critical, we upload this fixed version as urgency=medium. [ Martin Pitt ] * debian/patches/56_dirsvc.dpatch: Update patch so that a patch/unpatch cycle restores the source properly instead of breaking dirsvc.c in two different places. [ Kenshi Muto ] * debian/patches/65_detect_http_shutdown.dpatch: avoid that gnome-cups-manager eats CPU 100%. (closes: #377640) -- Kenshi Muto Sun, 24 Sep 2006 09:54:44 +0000 cupsys (1.2.3-1ubuntu3) edgy; urgency=low * debian/control: Bump Conflicts/Replaces of cupsys-common to also apply to dapper-updates, to fix dapper-updates->edgy upgrade. -- Martin Pitt Fri, 22 Sep 2006 13:37:04 +0200 cupsys (1.2.3-1ubuntu2) edgy; urgency=low * debian/patches/56_dirsvc.dpatch: Update patch so that a patch/unpatch cycle restores the source properly instead of breaking dirsvc.c in two different places. * debian/rules: Install 'lpd' backend suid root (root:lp 4754), so that cupsd can print to RFC compliant lpd servers (which require the source port to be < 1024). Closes: LP#47773 -- Martin Pitt Fri, 15 Sep 2006 19:50:29 +0200 cupsys (1.2.3-1ubuntu1) edgy; urgency=low * Merge recent bug fixes from Debian (see Kenshi's changes in 1.2.3-1 for Ubuntu-relevant details). 00_r5958.dpatch has the following fixes from upstream: - The "All Documents" link in the on-line help was missing a trailing slash (STR #1971) - The Polish web interface translation used the wrong URLs for the job history (STR #1963) - The "reprint job" button did not work (STR #1956) - The scheduler did not always report printer or job events properly (STR #1955) - The scheduler always stopped the queue on error, regardless of the exit code, if the error policy was set to "stop-printer" (STR #1959) - ppdEmitJCL() included UTF-8 characters in the JCL job name, which caused problems on some printers (STR #1959) - Fixed a buffering problem that cause high CPU usage (STR #1968) (Closes: LP#59542) - The command-line applications did not convert command-line strings to UTF-8 as needed (STR #1958) - cupsDirRead() incorrectly aborted when reading a symbolic link that pointed to a file/directory that did not exist (STR #1953) - The cupsInterpretRasterPPD() function did not handle custom page sizes properly. * debian/cupsys.init.d: Always make sure that log files have proper permissions. Closes: LP#54277 -- Martin Pitt Tue, 12 Sep 2006 12:02:43 +0200 cupsys (1.2.3-1) unstable; urgency=medium * New upstream release - The parallel and USB backends no longer wait for the printer to go on-line - this caused problems with certain printers that don't follow with the IEEE-1284 standard (STR #1738, closes: #383091) - fixed Printer options were not always honored when printing from Windows clients (STR#1839, closes: #385605) [ Martin Pitt ] * Add appropriate Replaces: to cupsys-common to unbreak upgrades. * debian/patches/44_fixconfdirperms.dpatch: Fix file mode specification: 3755 -> 03755 (regression of svn commit 353). [ Kenshi Muto ] * Apply upstream svn r5958. * check modprobe command and /proc/modules dir exist before running modprobe (closes: #387176). * 62_classes_crash: fix incorrect code. old code returned an error even if user use the correct class configuration. (closes: #380663, #384654) * bump up libcupsys2.shlibs version to 1.2.3. (closes: #385724) * Merge old separated style configuration to the single format only if user upgraded from an affected version. (closes: #386551) * Provide /usr/share/cups/drivers to contain Windows drivers. * 57_cupsaddsmb: original cupsaddsmb easily goes infinite and DoS-like loop. Debian cupsaddsmb ends soon when it catches an error. -- Kenshi Muto Fri, 8 Sep 2006 11:28:12 +0200 cupsys (1.2.3-0ubuntu1) edgy; urgency=medium * New upstream bugfix release (UVF exception approved by Colin Watson). * Merged with Debian sid. * debian/control: Revert Debian's addition of -dbg package, since we will have ddebs soon. * debian/patches/44_fixconfdirperms.dpatch: Fix file mode specification: 3755 -> 03755 (regression of svn commit 353). -- Martin Pitt Fri, 8 Sep 2006 11:09:05 +0200 cupsys (1.2.2-2) unstable; urgency=high [ Kenshi Muto ] * Apply upstream svn change r5845. - BrowseRelay didn't work on Debian (closes: #372855) 61_job_c_strangeloop.dpatch: I don't make sure but job.c of r5818 causes strange CPU busy when it gets printing jobs. This patch avoids it. * 12_quiesce_ipp_logging: some part are merged into the upstream source. updated. * libcupsys2 conflicts cupsys version 1.1. libcupsys2 version 1.2 changed its private API. This breaks old cupsys 1.1, but we believe cupsys is only one application is affected by this change. (closes: #380619) * Provide an new package, "cupsys-dbg" to help chasing the problems at user's environment. * Increment compat to 5. * 44_fixconfdirperms: set owner lp for /etc/cups directory. And modify lppasswd.man to mention about Debian specific changes. lppasswd command now work. (closes: #378062) * 62_classes_crash: when class hasn't any printers, cupsd will crash immedieately after receiving a job. This patch avoids a crash. * Update debconf translations: - Spanish (closes: #383087) -- Kenshi Muto Thu, 27 Jul 2006 23:40:54 +0900 cupsys (1.2.2-1) unstable; urgency=medium * New upstream release [ Martin Pitt ] * Adapt patches to new upstream version. * debian/cupsys.init.d: If lp module loading is requested, also load the 'ppdev' module to fix the name and model detection of parallel printers on newer kernels. * Revive debian/patches/56_dirsvc.dpatch; it's still not fixed upstream. * debian/patches/09_runasuser.dpatch: Do not drop additional group privileges in scheduler/process.c. This should fix a range of bugs concerning detection of parallel port printers and other 'permission denied' bugs if privilege dropping is enabled (it is disabled by default in Debian). * debian/patches/44_fixconfdirperms.dpatch: Do not change owner and mode of SSL certificate, in order to not break permissions of customized global ones (like the one from the ssl-cert package). Grrr, cups, no, you cannot own the world! * debian/patches/54_cups-config_modeldir.dpatch: Add --modeldir to cups-config so that other packages can use it to figure out the correct PPD base path. * debian/cupsys.examples: Do not ship .svn files (upstream Makefiles install them). * debian/local/{enable_browsing,browsing_status}: Adapt to single-file configuration file style. * Add debian/local/{enable_sharing,sharing_status}: Similar to enable_browsing and browsing_status, this switches between "Listen localhost:631" and "Port 631" (just as the web interface does). Install files in debian/rules. -- Kenshi Muto Mon, 24 Jul 2006 10:59:27 +0200 cupsys (1.2.2-0ubuntu4) edgy; urgency=low * Add appropriate Replaces: to cupsys-common to unbreak upgrades. -- Martin Pitt Mon, 4 Sep 2006 08:53:07 +0200 cupsys (1.2.2-0ubuntu3) edgy; urgency=low * Rebuild against dbus 0.90 -- Sebastian Dröge Thu, 24 Aug 2006 17:30:02 +0200 cupsys (1.2.2-0ubuntu2) edgy; urgency=low * debian/patches/ubuntu-disable-browsing.dpatch: Re-add BrowseAddress @LOCAL@ to fix browsing. * Enable web interface by default: - Add debian/patches/ubuntu-external-pam-helper.dpatch: + Add a helper program 'cups-check-pam-auth' which performs PAM authentication and returns the status as exit code. + scheduler/auth.c, cupsdAuthorize(): Attempt to use cups-check-pam-auth before trying native PAM. - debian/cupsys.files: Install helper. - debian/cupsys.postinst: Set permissions of helper to cupsys:shadow 2754. * Remove debian/patches/ubuntu-nowebadmin.dpatch, remove explanation of disabled web interface from debian/README.Debian. This version enables the web interface by default. Closes: LP#50886 * debian/cupsys.postinst: Remove cupsys from the shadow group on upgrades, so that users who previously enabled the web interface get the benefit of privilege separation as well. -- Martin Pitt Wed, 26 Jul 2006 18:11:22 +0200 cupsys (1.2.2-0ubuntu1) edgy; urgency=low * Merge to Debian unstable: - This gets rid of /etc/cups/conf.d/ again and re-merges the separate browsing and ports settings to /etc/cups/cupsd.conf again. Separating was nice for preserving an unchanged conffile for the most important settings, but it broke KDE and the web interface and generated way too many bugs. Closes: LP#37892, LP#50804, LP#53582 * Update to new upstream version 1.2.2 (UVF exception granted by by Matt Zimmerman): - Fixes printing to 1.1.x servers. Closes: LP#42513, LP#42802 - Fixes parsing of some PostScript files which previously generated empty pages. Closes: LP#51432 - Fixes parsing of network masks. Closes: LP#52390 - Lots of more fixes, see upstream changelog. * debian/cupsys.preinst: Drop some obsolete migration bits for Breezy->Dapper upgrade. * debian/control: Add libdbus-1-dev build dependency to enable dbus support. * debian/cupsys.examples: Do not ship .svn files (upstream Makefiles install them). * cupsys.postinst: Fix permissions of cupsd.conf to be writable by user cupsys world-readable. * debian/local/enable_{sharing,browsing}, {sharing,browsing}_status: Adapt to new single configuration file format. * debian/rules: Clean cups/raster.h symlink to unbreak source package build. * Add debian/patches/ubuntu-disable-browsing.dpatch: Disable browsing by default to avoid open port and stay compatible to previous releases. -- Martin Pitt Mon, 24 Jul 2006 11:20:04 +0200 cupsys (1.2.1-4) unstable; urgency=medium [Kenshi Muto] * Include changelogs during 1.1.23-13 - 1.1.23-15. (closes: #374494) * Apply upstream svn change r5754. - Fix negotiation problem between unstable clients and sarge servers. (closes: #375359) * 58_fixdestc: avoid build failure of r5754 (add ipp-private.h include). * 59_de_docroot: install German translation/images. Although upstream SVN has, Debian diff structure can't handle a binary diff. This patch will be removed when 1.2.2 is released. * Add snmp to backend choices. Because I don't make sure this backend is stable, the default is disabled. Use dpkg-reconfigure cupsys to enable. (closes: #376496) * Don't remove backend symlinks during reconfigure/upgrade process. (closes: #376499) * Check Include directive with case insensitive. (closes: #376883) * libcupsys2 has /etc/cups directory to allow admin put own client.conf. (closes: #370788) * Include sample client.conf in libcupsys2. You can copy /usr/share/ doc/libcupsys2/examples/client.conf to /etc/cups or ~/.cups and modify for your environment. (closes: #376840) * Split locale files to new package "cupsys-common". (closes: #378659) This package is used by cupsys and cupsys-client/cupsys-bsd. * removed 26_modprobe: because parallel backend executes with user 'lp' permission, modprobe can't work. We CUPS team believe it's better that lp module is loaded by discover or any other hardware detection programs instead of CUPS. We provide a module loader by init script for user's convenience at this time. * 60_device_uri: preserve old URI during the printer configuration on Web interface. -- Kenshi Muto Wed, 21 Jun 2006 15:06:02 +0000 cupsys (1.2.1-3) unstable; urgency=low [Kenshi Muto] * Apply upstream svn change r5673. - Remove unnecessary %s from dirsvc.c and will solve a mysterious cupsd crash. Thanks Neil. (closes: #372696, #370611) - Support again * character as IP address. (closes: #372291) - Fixes wrong command line arguments to backend. (closes: #372586, #373839) * Improve the wording of NEWS file, thanks Tomas (closes: #372256) * 53_usr_share_ppd_support: Use /usr/share/ppd as PPD path. (closes: #365300, #373722) Make symlink /usr/share/ppd/cups-transitional-dir -> /usr/share/cups/ppd for keeping a compatibility. We'll migrate all of PPD files to /usr/share/ppd in the future. * Revert to use single /etc/cups/cupsd.conf file for the configuration instead of using separate files in /etc/cups/cups.d. The migration will be done automatically. (closes: #345973, #372727) * Apply correct permission modes to the files under /etc/cups at postinst stage. * Update debconf translations: - Danish (closes: #371170) - French (closes: #372714) - Italian (closes: #372198) -- Kenshi Muto Sun, 11 Jun 2006 11:51:01 +0000 cupsys (1.2.1-2ubuntu4) edgy; urgency=low * Add forgotten versioned-dependency on sysv-rc to get new update-rc.d behaviour. Go me. -- Scott James Remnant Fri, 21 Jul 2006 01:20:39 +0100 cupsys (1.2.1-2ubuntu3) edgy; urgency=low * Remove stop links from rc0 and rc6 -- Scott James Remnant Thu, 20 Jul 2006 22:13:25 +0100 cupsys (1.2.1-2ubuntu2) edgy; urgency=low * debian/patches/44_fixconfdirperms.dpatch: - Do not change owner and mode of SSL certificate, in order to not break the SSL snakeoil cert/key (and customized global ones). (Grrr, cups, no, you cannot own the world!) * debian/cupsys.preinst: Add transitional code to fix snakeoil SSL cert/key owner and mode. -- Martin Pitt Tue, 27 Jun 2006 16:05:38 +0200 cupsys (1.2.1-2ubuntu1) edgy; urgency=low * Merge to current SVN head of Debian. * Removed debian/patches/svn*.dpatch, these were backported from 1.2.1 in 1.2.0-0ubuntu3. * Do not build libcupsys2-gnutls10 any more (it was a transitional package). * snakeoil SSL certificate support: - debian/cupsys.postinst: Symlink snakeoil SSL certificate/key to /etc/cups/ssl/ and put cupsys into ssl-cert on upgrades or fresh installs. - debian/control: Depend on ssl-cert. -- Martin Pitt Thu, 15 Jun 2006 20:54:51 +0200 cupsys (1.2.1-2) unstable; urgency=low [Kenshi Muto] * Provides /etc/cups/ssl directory for SSL. (closes: #370407, #370450) * Add an newline after 'Starting ...' message by appending log_end_msg to /etc/init.d/cupsys. (closes: #370460) -- Kenshi Muto Mon, 5 Jun 2006 22:44:55 +0900 cupsys (1.2.1-1) unstable; urgency=low [Kenshi Muto] * New upstream release 1.2.1 for Debian unstable/testing. * 00_r5610: Apply patches from upstream r5610. * Re-update Dutch debconf translation (closes: #369004) * Pump up shlibs to >=1.2.1 for compatibility safe. -- Kenshi Muto Wed, 31 May 2006 13:17:16 +0000 cupsys (1.2.1-0exp1) experimental; urgency=low [Kenshi Muto] * New upstream release 1.2.1. * Update Dutch debconf translation (closes: #369004) * Update Italian debconf translation (closes: #367943) * Includes the installation guide of dvi filter to /usr/share/doc/ cupsys/examples/filters/dvipipetops.INSTALL is contributed by Francesco Potort. This is partial fix for Bug#368450. [Martin Pitt] * New upstream release 1.2.0. * Update patches for new upstream release. * Remove debian/patches/01_cupsimage.dpatch, fixed upstream. * Remove debian/patches/20_httpGetHostname_crash.dpatch, fixed upstream. * debian/patches/55_ppd_okidata_name.dpatch: Change "Oki" manufacturer name to "Okidata" to be consistent with other PPD files. * Implement http://wiki.debian.org/PpdFileStructureSpecification: - debian/dirs: Create /usr/share/ppd/cups-included/. - debian/rules: Install shipped PPDs into /usr/share/ppd/cups-included// and provide a symlink to the old /usr/share/cups/model directory for backwards compatibility. * debian/cupsys.dirs: Ship /usr/lib/cups/driver/ to avoid error messages if it's missing. * debian/patches/09_runasuser.dpatch, scheduler/cert.c: Change root certificate permissions from 0440 to 0240, so that the CGI programs cannot read it any more. Without this patch, cupsd presented its own certificate to itself, and *every* user could do admin tasks without authentication. * debian/cupsys-client.links: Fix cupsenable/cupsdisable manpage link. Closes: #364447 * debian/patches/08_cupsd.conf.conf.d.dpatch: - Set "BrowseAddress @LOCAL"; without this, sending browsing information does not work (Browsing still has to be enabled). - Add some comments to point out that the Port and Browsing settings are moved to /etc/cups/cups.d/. * debian/cupsys.postrm: Clean up passwd.md5 on purge. -- Kenshi Muto Sun, 28 May 2006 13:07:36 +0000 cupsys (1.2.0-0ubuntu5) dapper; urgency=low * Remove debian/patches/56_revert_svn_5438.dpatch: The reason for this reversion has now been fixed in gnome-cups-manager 0.31-1.1ubuntu8. This fixes the handling of spaces in manufacturer names. Closes: LP#33545 -- Martin Pitt Wed, 17 May 2006 13:18:05 +0200 cupsys (1.2.0-0ubuntu4) dapper; urgency=low * Add debian/patches/svn5530_str1667_octet_stream.dpatch: Fix printing of application/octet-stream jobs (usually from Windows clients with locally installed driver). (STR #1667) Closes: LP#43145 -- Martin Pitt Wed, 17 May 2006 08:58:16 +0200 cupsys (1.2.0-0ubuntu3) dapper; urgency=low * Pull some bug fixes from SVN head: * Add debian/patches/svn5512_KCMYcm_fix.dpatch: Fix bug in KCMYcm handling (typo in variable name). * Add debian/patches/svn5518_12bitraster.dpatch: Make sure we swap 12/16 bit chunky data in raster filter. * Add debian/patches/svn5523_1_2_4bit_raster.dpatch: - Fix imagetoraster generation of 1/2/4-bit raster data. - Fix cupsRasterWritePixels() - bad double line termination. * Add debian/patches/svn5526_str1676_stopped_jobs_active.dpatch: Fix stopped jobs to be considered active (STR #1676). * Add debian/patches/svn5527_LDAP_define.dpatch: Fix typo in #ifdef: s/OPENDAP/OPENLDAP/. * Add debian/patches/svn5527_str1683_lpstaterror.dpatch: The lpstat command displayed the wrong error message for a missing destination (STR #1683). * Add debian/patches/svn5527_str1689_printeroptions.dpatch: "Set Printer Options" in the web interface did not update the DefaultImageableArea or DefaultPaperDimension attributes in the PPD file (STR #1689). * Add debian/patches/svn5528_str1680_load_custom_options.dpatch: ppdOpen*() did not load custom options properly (STR #1680). -- Martin Pitt Tue, 16 May 2006 12:39:35 +0200 cupsys (1.2.0-0ubuntu2) dapper; urgency=low * debian/cupsys.init: - Load the 'lp' module. Earlier installers did not put it in /etc/modules and we keep getting dozens of bug reports about that, so let's just fix it here once and for all. - Load the 'ppdev' module. This should fix detection of parallel printers. Closes: LP#29050 -- Martin Pitt Thu, 11 May 2006 11:09:59 +0200 cupsys (1.2.0-0ubuntu1) dapper; urgency=low * Final 1.2.0 upstream release (bug fixes only). Closes: LP#43898 * Remove debian/patches/01_cupsimage.dpatch, fixed upstream. * Remove debian/patches/57_svn_5461.dpatch, fixed upstream. * debian/patches/58_cupsd.conf-AllowLocal.dpatch: Fix typo: @LOCAL@ -> @LOCAL. Closes: LP#43933 -- Martin Pitt Wed, 10 May 2006 12:09:54 +0200 cupsys (1.1.99.rc3-0ubuntu4) dapper; urgency=low * Add debian/patches/58_cupsd.conf-AllowLocal.dpatch: Add 'Allow @LOCAL' to server ACL to actually allow LAN computers to access the printer if sharing is enabled. This avoid having to change two things for enabling printer sharing (a source of much confusion and a FAQ). This does not change the default behavior (port only listens on localhost by default). -- Martin Pitt Tue, 9 May 2006 17:53:02 +0200 cupsys (1.1.99.rc3-0ubuntu3) dapper; urgency=low * debian/cupsys.config: Print migration note to stderr, not stdout, to not confuse debconf. Closes: LP#41716 * debian/cupsys.postinst: Fix ownership of files in /var/cache/cups/ so that they are writable by non-root cupsd. Earlier dapper versions got the ownership wrong, so fix this for intra-dapper upgrades. Closes: LP#40795 * Add debian/local/{sharing_status,enable_sharing}: Scripts to control printer sharing (by opening or closing the TCP port). Thanks to Ante Karamatić for his initial scripts and research! -- Martin Pitt Tue, 9 May 2006 16:33:19 +0200 cupsys (1.1.99.rc3-0ubuntu2) dapper; urgency=low * debian/cupsys.init.d: Fix log creation for real. Closes: LP#41267 * debian/cupsys.logrotate: Create files as cupsys:lpadmin, not root:lp. (Also part of LP#41267) -- Martin Pitt Tue, 2 May 2006 19:36:22 +0200 cupsys (1.1.99.rc3-0ubuntu1) dapper; urgency=low * New upstream bug fix release 1.2RC3, UVF exception approved by Matt Zimmerman. * Add debian/patches/56_revert_svn_5438.dpatch: Revert upstream svn commit 5438 (fixed handling of products/manufacturers with spaces in the name) for now since it causes regressions in gnome-cups-add. Will be reactivated later when the issue is sorted out with upstream. * Update patches for new upstream release. * Remove debian/patches/20_httpGetHostname_crash.dpatch, fixed upstream. * Add debian/patches/14_dont_force_ssl.dpatch: Upstream now requires encryption by default for accessing /admin/, but our GUI frontends do not yet cope with that. Disable SSL requirement for now to revert to the old behaviour. * debian/patches/08_cupsd.conf.conf.d.dpatch: - Set "BrowseAddress @LOCAL"; without this, sending browsing information does not work (Browsing still has to be enabled). Since enable_browsing now works for exporting printers, too, this Closes: LP#17981 - Add some comments to point out that the Port and Browsing settings are moved to /etc/cups/cups.d/. * debian/cupsys.postrm: Clean up passwd.md5 on purge. * debian/cupsys.init.d: Pre-create error_log, too, and clean up code a bit. Closes: LP#41267 * debian/cupsys.postinst: If upgrading from Breezy, adapt the inclusion of external browsing configuration in cupsd.conf to retain the correct setting for modified cupsd.conf files. * debian/cupsys.config: - Fix handling of cupsd-browsing.conf -> cups.d/browse.conf transition for breezy->dapper upgrades. - Fix browse.conf parsing to set the correct debconf default value, so that the browse setting is not reset to 'off' on upgrades. Closes: LP#38704 * Add debian/patches/57_svn_5461.dpatch: - Properly HTML-quote the printer name so that names containing e. g. '+' work properly in the web interface. - Upstream svn commit 5461. - Closes: LP#37018 -- Martin Pitt Tue, 25 Apr 2006 20:09:37 +0200 cupsys (1.1.99.rc2-0ubuntu2) dapper; urgency=low * debian/cupsys-client.links: Fix cupsenable/cupsdisable manpage link. Closes: LP#40725 * debian/patches/09_runasuser.dpatch: Do not drop additional group privileges in scheduler/process.c. This should fix a range of bugs concerning detection of parallel port printers and other 'permission denied' bugs. -- Martin Pitt Mon, 24 Apr 2006 19:17:12 +0200 cupsys (1.1.99.rc2-0ubuntu1) dapper; urgency=low * Many changes have been applied in Debian now; reapply remaining Ubuntu changes from scratch to clean up some cruft (see below for details). Also, maintain Ubuntu package as SVN branch of the Debian one. * debian/rules: Enable --with-cups-user=cupsys and --enable-privilege-dropping to not run cupsd as root. * debian/control: Remove libdbus-1-dev build dependency, dbus support is not something for dapper. * debian/cupsys.init.d: Disable reload (it doesn't work as normal user), change force-reload to restart. * debian/cupsys.init.d: Pre-create access_log and error_log since cupsd can't create them as normal user. * debian/rules: Set rc runlevel priority to 19. * debian/cupsys.{postinst,postrm}, debian/cupsys-client.postinst: Setup/remove cupsys user and its needed groups. * debian/cupsys.templates: Disable browsing by default due to our 'no open ports in the default install' policy. * debian/README.Debian: Explain disabling of administrative functions in web interface and describe how to re-enable it. * debian/cupsys.preinst: - Migrate /etc/cups/cupsd-browsing.conf to /etc/cups/cups.d/browse.conf for smooth upgrades from Hoary. - Fix owner of /etc/cups/ppd/* on upgrades. * debian/patches/ubuntu-nowebadmin.dpatch: Explain disabling of administrative functions in the web interface and point to doc how to reenable it. * debian/patches/55_ppd_okidata_name.dpatch: Change "Oki" manufacturer name to "Okidata" to be consistent with other PPD files. * Implement http://wiki.debian.org/PpdFileStructureSpecification: - debian/dirs: Create /usr/share/ppd/cups-included/. - debian/rules: Install shipped PPDs into /usr/share/ppd/cups-included// and provide a symlink to the old /usr/share/cups/model directory for backwards compatibility. * debian/libcupsys2.shlibs: Remove Debian revision to allow -0ubuntuN number. * Support custom PPD installation by lpadmin members (through e. g. gnome-cups-manager): - debian/cupsys.dirs: Create /usr/share/ppd/custom/. - debian/cupsys.init.d: Fix permissions of that dir to root:lpadmin 3775. - debian/rules: Install compatibility symlink /usr/share/cups/model/custom. * debian/cupsys.dirs: Ship /usr/lib/cups/driver/ to avoid error messages if it's missing. * debian/patches/09_runasuser.dpatch, scheduler/cert.c: Change root certificate permissions from 0440 to 0240, so that the CGI programs cannot read it any more. Without this patch, cupsd presented its own certificate to itself, and *every* user could do admin tasks without authentication. -- Martin Pitt Fri, 21 Apr 2006 16:19:37 +0200 cupsys (1.1.99.rc2-0exp1) experimental; urgency=low [ Kenshi Muto ] * New upstream release 1.2RC2. - Because -fpie config becomes optional, compiler works on amd64 and other architectures. (closes: #335199) * Enable LDAP support. * Remove duplicated update-rc.d (closes: #356911) * Stopped asking admin password because it works only if user chooses digest authentication. The default configuration of Debian uses PAM and basic authentication. * Enable dbus support. * 03_clean.dpatch: Remove produced and remained files during build. * Now CUPS uses 'lp' user/group privilege to call backend or any other programs. CUPS SystemGroup is 'lpadmin'. You need to add users who are allowed to add/modify/remove printers/jobs/classes. * Remove image.h.patch from source. It is no longer needed. * 02_configure.dpath: Remove -rpath from configure. * Fix typo in cupsys-bsd description. (closes: #362070) * Add Galician debconf translation. (closes: #361258) * Update Danish debconf translation. (closes: #357969) * Use 'reload' during logrotate instead of 'restart'. It looks safe on CUPS 1.2. (though job-restart problem still remains) * set TZ in init script only if TZ isn't defined yet. * Use if-fi structure style for postrotate of logrotate script. It solves error when cupsys is not running. (closes: #347641) * Unset TMPDIR environment variable before running daemon. (closes: #347829) * Removed /etc/cups/pdftops.conf because it was for pdftops of upstream version. Debian CUPS uses xpdf-utils wrapper and doesn't need pdftops.conf. * Notice: /etc/cups/client.conf has been removed upstream. * Notice: {dis,en}able have been renamed to cups{dis,en}able. [ Martin Pitt ] * debian/patches/48_stdlib.dpatch: Adapted to new upstream version. * debian/cupsys.init.d: - Fix arguments of start-stop-daemon and remove the hideous kill algorithm. - Ensure that /var/run/cupsd exists; this makes the init script work with /var/run mounted on a tmpfs. * debian/libcupsys2-dev.files, debian/libcupsimage2-dev.files: Remove static library; upstream does not build them any more, and they are useless anyway. * Add debian/patches/06_disable_backend_setuid.dpatch: Remove the uid changing in scheduler/cups-deviced.c which was introduced recently in upstream. It totally breaks device node access (e. g. /dev/lp0 is root:lp 0660, which is inaccessible for a process which runs as lp:root). * debian/rules: Remove --with-cups-user, upstream does not support it any more. * debian/patches/09_runasuser_fixes.dpatch: RunAsUser was removed upstream; rename the patch to 09_runasuser.dpatch and rewrite it: - Enclose all changes in an #if CUPS_DROP_PRIVILEGES, so that it is easy to enable this feature. - scheduler/main.c: Drop privileges after initialization. - scheduler/conf.c: If we build with CUPS_DROP_PRIVILEGES, set RunUser to User instead of getuid(), since at that point we will always run as root (privileges cannot yet be dropped at that point). - config-scripts/cups-defaults.m4: Add --enable-privilege-dropping option. - config.h.in: Add CUPS_DROP_PRIVILEGES option template. * Add debian/patches/09_runasuser_autoconf.dpatch: autoconf changes for 09_runasuser_fixes.dpatch changes. * debian/pdftops: Fix reading from stdin (https://launchpad.net/bugs/17124) * debian/cupsys.preinst: Remove dangling /etc/cups/pdftops.conf symlink on upgrades to unbreak printing with poppler-utils. * debian/control: Add poppler-utils alternative for xpdf-utils dependency. * Add debian/patches/12_quiesce_ipp_logging.dpatch: - Drop successful IPP messages to log level 'debug' and unsuccessful ones to 'info'. - Do not flood access_log with successful CUPS-Get-Printers and Get-Printer-Attributes queries (which are generated by e. g. gnome-cups-icon every 3 seconds). - Closes: #280718 * Add debian/patches/13_default_log_warn.dpatch: Raise default log severity to 'warning' to not log gazillions of IPP requests by default. (other part of #280718) * debian/rules, debian/cupsys.postinst: Remove obsolete /etc/cups/certs and /var/lib/cups/certs (certificates are managed in /var/run/certs now). * debian/cupsys.preinst: Remove obsolete /etc/cups/certs symlink on upgrades. * debian/cupsys-client.files: Install cupstestdsc and manpage. * debian/cupsd.init: Have force-reload to reload, not restart. * debian/cupsys.logrotate: Use force-reload instead of reload, since the latter is not required to exist by Debian Policy. * debian/rules: Ship browsing_status and enable_browsing. * debian/patches/20_httpGetHostname_crash.dpatch: Add some robustifications to httpGetHostname() to hopefully fix a reported crash. -- Kenshi Muto Sun, 16 Apr 2006 17:49:57 +0900 cupsys (1.1.99.b1.r4929-0ubuntu9) dapper; urgency=low * Correct permissions of /var/run/cups in the init script. -- Scott James Remnant Wed, 19 Apr 2006 14:15:14 +0100 cupsys (1.1.99.b1.r4929-0ubuntu8) dapper; urgency=low * Disable 53_usr_share_ppd_support.dpatch again, too many packages still have /usr/share/cups/model hardcoded. * Symlink /usr/share/cups/model/cups-included to /usr/share/ppd/cups-included. * Place ppd files in manufacturer specific subdirectories. * Change "Oki" manufacturer name to "Okidata". * Symlink /usr/share/cups/model/custom to /usr/share/ppd/custom. -- Matthias Klose Wed, 12 Apr 2006 19:26:18 +0200 cupsys (1.1.99.b1.r4929-0ubuntu7) dapper; urgency=low * debian/cupsys.init.d: Move log_end_msg to the right place again. * Add debian/patches/53_usr_share_ppd_support.dpatch: - Look for PPDs in /usr/share/ppd, according to http://wiki.debian.org/PpdFileStructureSpecification. - Fixes Debian bug #358186. * debian/rules: Install PPD files into /usr/share/ppd/cups-included, according to above specification. * debian/patches/54_cups-config_modeldir.dpatch: Add --modeldir to cups-config so that other packages can use it to figure out the correct PPD base path. * debian/libcupsys2.shlibs: Bump version number so that other packages can rely on cups-config's modeldir. * Re-add debian/patches/51_dont_log_ipp_printer_query.dpatch, since these log messages are routed through a different code path. * debian/cupsys.init.d: Change custom PPD path from /usr/share/cups/ppd to /usr/share/ppd/custom. -- Martin Pitt Fri, 7 Apr 2006 17:14:25 +0200 cupsys (1.1.99.b1.r4929-0ubuntu6) dapper; urgency=low * Add debian/patches/51_ipp_log_severity_info.dpatch: Drop successful IPP messages to log level 'debug' and unsuccessful ones to 'info'. This is a more generic approach to avoid ridiculously huge logs due to polling by gnome-cups-icon and friends. * Drop debian/patches/51_dont_log_ipp_printer_query.dpatch, obsoleted by above patch. * Add debian/patches/52_default_log_level_warning.dpatch: Raise default log level from info to warning. Closes: LP#38042 -- Martin Pitt Thu, 6 Apr 2006 12:05:45 +0200 cupsys (1.1.99.b1.r4929-0ubuntu5) dapper; urgency=low * debian/patches/51_dont_log_ipp_printer_query.dpatch: Suppress logging of successful CUPS_GET_DEFAULT messages, too. Closes: LP#29895 * debian/pdftops: Fix reading from stdin. Closes: LP#17124 -- Martin Pitt Thu, 30 Mar 2006 19:52:20 +0200 cupsys (1.1.99.b1.r4929-0ubuntu4) dapper; urgency=low * debian/cupsys.postinst: Make sure that the scanner group exists before trying to add the cupsys user to it. -- Colin Watson Thu, 9 Mar 2006 08:20:02 +0000 cupsys (1.1.99.b1.r4929-0ubuntu3) dapper; urgency=low * debian/rules: Do not install dangling pdftops.conf symlink. (Malone #26785) * debian/cupsys.preinst: Remove a dangling pdftops.conf symlink on upgrades to this version. * debian/cupsys.postinst: Add cupsys to group 'scanner' to be able to access printer/scanner combined devices. (Malone #29050) * debian/patches/44_fixconfdirperms.dpatch: Make /etc/cups/ppd group writable. (Malone #31533) * debian/cupsys.init.d: Make sure that page_log exists with the right permissions. (Malone #33409) * Add debian/patches/51_dont_log_ipp_printer_query.dpatch: Do not flood access_log with successful CUPS-Get-Printers and Get-Printer-Attributes queries (which are generated by gnome-cups-icon every 3 seconds). This is a hideous and hackish patch, but it has to do until we dbusify cupsys properly. (Malone #29895) -- Martin Pitt Mon, 6 Mar 2006 16:08:32 +0100 cupsys (1.1.99.b1.r4929-0ubuntu2) dapper; urgency=low * Add 50_truncate_ppd.dpatch: - cups/file.c: Do not forget to write the pending uncompressed tail when copying a compressed file. Fixes cropped PPD files in /etc/cups/ppd. - Patch taken from upstream svn commit 4942. - Malone #28642 * debian/cupsys.init.d: Create access_log with proper permissions if it does not yet exist. (Malone #28492) * debian/cupsys.preinst: If we upgrade from a version earlier than this one, change all root-owned PPD files in /etc/cups/ppd to be owned by cupsys. (Malone #12879) -- Martin Pitt Thu, 19 Jan 2006 16:55:51 +0100 cupsys (1.1.99.b1.r4929-0ubuntu1) dapper; urgency=low * New upstream snapshot with lots of bug fixes. * Remove debian/patches/50_local_username_check.dpatch: Adopted upstream. * debian/patches/02_configure.patch: Greatly simplified to be more robust against upstream changes; renamed to debian/patches/02_disable_pie.patch for clarity. * Disable debian/patches/48_stdlib.dpatch, it shouldn't be necessary on at least our platforms. -- Martin Pitt Tue, 17 Jan 2006 16:44:47 +0100 cupsys (1.1.99.b1.r4892-0ubuntu1) dapper; urgency=low * New upstream snapshot. * Adapt patches to new upstream version: - 02_configure.dpatch - 48_stdlib.dpatch - ubuntu-nowebadmin.dpatch * Add debian/patches/50_local_username_check.dpatch: Fix the restriction of changing/cancelling of print jobs to the owner. - scheduler/auth.c: Disable weird code that bypasses user name check for local authentication. - scheduler/ipp.c: Copy the determined user name of the connection to the con structure, so that cupsdCheckPolicy() has a chance to actually verify it. - Ubuntu #12177 -- Martin Pitt Fri, 13 Jan 2006 15:28:22 +0100 cupsys (1.1.99.b1.r4885-1) experimental; urgency=low [ Kenshi Muto ] * New SVN release taken from rr4885. * Updated Russian debconf translation, taken from cupsys trunk. * Downgrade port and browse question to low. * Add timeout routine to avoid lockup. * debian/patches/08_cupsd.conf.conf.d.dpatch: - Commented out Port/Listen/Browsing from cupsd.conf.in. CUPS crashes when there is a duplicate definition. * Updated Swedish debconf translation. * Set seen false flag when ports configuration is failed. * Allow '*' for hostname in ports.conf. * Use /bin/echo instead of shell built-in echo. * Improve cupsys.templates. * Updated Russian, German, Czech,French, Vietnamese debconf translation. * Removed example descriptions from init.d script. * Fix IPv4 validation. [ Martin Pitt ] * Adapt debian/patches/02_configure.dpatch to r4885. * Move forcefully killing of cupsd if start-stop-daemon fails from postinst to init script, where it belongs to. Do not kill all running cupsd processes, but only the one in the pid file; this will unbreak cupsd behaviour in chroots. * debian/cupsys.default: Remove obsolete FORCE_RESTART option. * Resurrect debian/patches/01_cupsimage.dpatch (formerly 03_cupsimage.dpatch), as we get unresolved symbols if libcupsimage isn't properly linked to libcupsys, causing other packages to FTBFS. Thanks to Adam Conrad. * debian/cupsys.init.d: Add --oknodo to not fail if cupsd is already running. * debian/rules: In clean rule, clean up a lot of files that are left behind by 'make clean'. -- Kenshi Muto Fri, 23 Dec 2005 06:33:05 +0000 cupsys (1.1.99.b1.r4876-1) unstable; urgency=low [ Martin Pitt ] * debian/local/{enable_browsing,browsing_status}: Adapt configuration file locations to new conf.d structure. * debian/cupsys.templates: Fix default value for cupsys/browse: 'yes' is an invalid bool option, change to true. * debian/cupsys.init.d: Use LSB init functions. Add lsb-base package dependency. * debian/cupsys.postinst: Wait a second between kill -9'ing cupsys and checking if the process still exists to avoid false positives and upgrade failures. * Clean up support for /etc/cups/conf.d: - Add debian/patches/08_cupsd.conf.conf.d.dpatch: Add include commands to default cupsd.conf file. - debian/cupsys.postinst: Remove fiddling with cupsd.conf. - This will ensure that cupsd.conf will remain an unchanged conffile. * debian/rules: Remove empty debian/patched on clean. * debian/patches/10_cupsd.conf2.dpatch: Re-enable listening to localhost to make the web interface work. * debian/patches/44_fixconfdirperms.dpatch: - Put configuration files into group root instead of nobody to avoid privilege escalation of nobody/nogroup and comply to Debian standards. - Use CUPS_DEFAULT_GROUP instead of 'nobody' as the default group for setgid'ing to and conffiles which must be writable for cupsd. - Disable changing permissions of cupsd.conf conffile. * Add debian/patches/09_runasuser_fixes.dpatch: - scheduler/main.c: Generate a certificate even when running as user, just as in 1.1.x; this unbreaks local certificate authorization for cupsd when it runs as normal user. - scheduler/main.c: When running as non-root, call initgroups() instead of setgroups() to allow auxiliary groups. These are required to access different device types (lp for USB/parallel printers, dialout for serial printers, etc.) [ Kenshi Muto ] * New SVN release taken from r4876. -- Kenshi Muto Thu, 8 Dec 2005 21:26:22 +0900 cupsys (1.1.99.b1.r4841-1ubuntu8) dapper; urgency=low * debian/cupsys.init.d: Remove the hideous killing hacks and just invoke start-stop-daemon with the correct arguments. -- Martin Pitt Wed, 11 Jan 2006 19:23:47 +0100 cupsys (1.1.99.b1.r4841-1ubuntu7) dapper; urgency=low * debian/cupsys.init.d: Make sure that the PID file directory /var/run/cups exists. The new approach of mounting /var/run as tmpfs removes the directory that is shipped in the deb. (Ubuntu #22261) -- Martin Pitt Wed, 11 Jan 2006 13:47:45 +0100 cupsys (1.1.99.b1.r4841-1ubuntu6) dapper; urgency=low * debian/cupsys.init: Call stop/start in the 'restart/force-reload' section to make use of the much more robust 'stop' handling. This should avoid frequent failures of force-reload. (Ubuntu #21787) * debian/cupsys.postinst: - Set permissions of /etc/cups/interfaces to root:lpadmin 2775. - Make /etc/printcap writable for group lpadmin. - This fixes third-party printer drivers and command line tools. - Ubuntu #20891 -- Martin Pitt Thu, 5 Jan 2006 18:11:51 +0100 cupsys (1.1.99.b1.r4841-1ubuntu5) dapper; urgency=low * Synchronize to Debian's svn head to get the various configuration handling RC bug fixes, but keep Ubuntu upstream version at r4841 since 4885 has serious regressions. * All non-Ubuntu specific patches have been applied in Debian now. * Drop the following patches (accepted in Debian): - ubuntu-sanitize-conffile-handling.dpatch - ubuntu-localports.dpatch - ubuntu-include-conf.d.dpatch - ubuntu-nowebadmin.dpatch - ubuntu-cupsimage.dpatch * ubuntu-runasuser.dpatch: Remove the upstream code fixes (already in Debian now), just add the 'RunAsUser' directive to cupsd.conf. * debian/cupsys.templates: Disable browsing by default. -- Martin Pitt Thu, 22 Dec 2005 15:08:51 +0100 cupsys (1.1.99.b1.r4885-1) experimental; urgency=low [ Kenshi Muto ] * New SVN release taken from rr4885. * Updated Russian debconf translation, taken from cupsys trunk. * Downgrade port and browse question to low. * Add timeout routine to avoid lockup. * debian/patches/08_cupsd.conf.conf.d.dpatch: - Commented out Port/Listen/Browsing from cupsd.conf.in. CUPS crashes when there is a duplicate definition. * Updated Swedish debconf translation. * Set seen false flag when ports configuration is failed. * Allow '*' for hostname in ports.conf. * Use /bin/echo instead of shell built-in echo. * Improve cupsys.templates. * Updated Russian, German, Czech,French, Vietnamese debconf translation. * Removed example descriptions from init.d script. * Fix IPv4 validation. [ Martin Pitt ] * Adapt debian/patches/02_configure.dpatch to r4885. * Move forcefully killing of cupsd if start-stop-daemon fails from postinst to init script, where it belongs to. Do not kill all running cupsd processes, but only the one in the pid file; this will unbreak cupsd behaviour in chroots. * debian/cupsys.default: Remove obsolete FORCE_RESTART option. * Resurrect debian/patches/01_cupsimage.dpatch (formerly 03_cupsimage.dpatch), as we get unresolved symbols if libcupsimage isn't properly linked to libcupsys, causing other packages to FTBFS. Thanks to Adam Conrad. * debian/cupsys.init.d: Add --oknodo to not fail if cupsd is already running. * debian/rules: In clean rule, clean up a lot of files that are left behind by 'make clean'. -- Kenshi Muto Fri, 23 Dec 2005 06:33:05 +0000 cupsys (1.1.99.b1.r4876-1) unstable; urgency=low [ Martin Pitt ] * debian/local/{enable_browsing,browsing_status}: Adapt configuration file locations to new conf.d structure. * debian/cupsys.templates: Fix default value for cupsys/browse: 'yes' is an invalid bool option, change to true. * debian/cupsys.init.d: Use LSB init functions. Add lsb-base package dependency. * debian/cupsys.postinst: Wait a second between kill -9'ing cupsys and checking if the process still exists to avoid false positives and upgrade failures. * Clean up support for /etc/cups/conf.d: - Add debian/patches/08_cupsd.conf.conf.d.dpatch: Add include commands to default cupsd.conf file. - debian/cupsys.postinst: Remove fiddling with cupsd.conf. - This will ensure that cupsd.conf will remain an unchanged conffile. * debian/rules: Remove empty debian/patched on clean. * debian/patches/10_cupsd.conf2.dpatch: Re-enable listening to localhost to make the web interface work. * debian/patches/44_fixconfdirperms.dpatch: - Put configuration files into group root instead of nobody to avoid privilege escalation of nobody/nogroup and comply to Debian standards. - Use CUPS_DEFAULT_GROUP instead of 'nobody' as the default group for setgid'ing to and conffiles which must be writable for cupsd. - Disable changing permissions of cupsd.conf conffile. * Add debian/patches/09_runasuser_fixes.dpatch: - scheduler/main.c: Generate a certificate even when running as user, just as in 1.1.x; this unbreaks local certificate authorization for cupsd when it runs as normal user. - scheduler/main.c: When running as non-root, call initgroups() instead of setgroups() to allow auxiliary groups. These are required to access different device types (lp for USB/parallel printers, dialout for serial printers, etc.) [ Kenshi Muto ] * New SVN release taken from r4876. -- Kenshi Muto Thu, 8 Dec 2005 21:26:22 +0900 cupsys (1.1.99.b1.r4841-1) experimental; urgency=low * EXPERIMENTAL * New SVN release taken from r4841. * Remove -pie and -fpie from compiler option. pie option causes a problem with Debian binutils. I hope this change avoids FTBFS on sparc and others. (closes: #339120) -- Kenshi Muto Wed, 16 Nov 2005 12:27:27 +0000 cupsys (1.1.99.b1.r4748-4) experimental; urgency=low * EXPERIMENTAL * 00_r4835.dpatch: Taken from r4835. Well, r4835 removes some files. It means dpkg-buildpackage always fails when we rebuild source. Maybe it's time to change orig source. Moved obsolete patches to patches/obsolete. * 48_stdlib.dpatch: Fix FTBFS for arm, mips, and mipsel. * 03_manext.dpatch: Don't use upstream's manpage file handling. Debian uses dh_installman. * 04_freebsd.dpatch: Apply Brian's patch to support GNU/kFreeBSD (closes: #338266) * Install lppasswd as owner 'lp'. -- Kenshi Muto Fri, 4 Nov 2005 13:56:27 +0000 cupsys (1.1.99.b1.r4748-3) experimental; urgency=low * EXPERIMENTAL * 47_pid.dpatch: Modified to allow to configure location of pid file. (closes: #337093) You can change this location by PidFile directive at your cupsd.conf. * Remove example comments from init script. (closes: #334842) -- Kenshi Muto Thu, 3 Nov 2005 11:39:07 +0000 cupsys (1.1.99.b1.r4748-2) experimental; urgency=medium * EXPERIMENTAL * 02_configure.dpatch: Modified to remove -pie/-fpie if arch = x86_64. (closes: #335199) -- Kenshi Muto Mon, 24 Oct 2005 11:42:59 +0000 cupsys (1.1.99.b1.r4748-1) experimental; urgency=low * EXPERIMENTAL * CUPS 1.2 snapshot (r4748) from SVN. -- Kenshi Muto Wed, 5 Oct 2005 12:54:27 +0000 cupsys (1.1.23-15) unstable; urgency=high [Kenshi Muto] * Allow '*' for hostname in ports.conf. (closes: #340975) * Fix IPv4 address validation. * Use /bin/echo instead of shell built-in echo. (closes: #343566) * Improve cupsys.templates. (closes: #343498) * Updated Swedish debconf translation. * Updated Russian debconf translation. * Updated German debconf translation. * Updated Czech debconf translation. (closes: #343716) * Updated French debconf translation. (closes: #344116) * Updated Vietnamese debconf translation. * Removed example descriptions from init.d script. (closes: #334842) * Apply kFreeBSD patch. (closes: 338266) -- Kenshi Muto Fri, 16 Dec 2005 21:05:47 +0900 cupsys (1.1.23-14) unstable; urgency=high [Kenshi Muto] * Downgrade port and browse question to low. (closes: #343341) * debian/patches/08_cupsd.conf.conf.d.dpatch: - Commented out Port/Listen/Browsing in cupsd.conf.in because CUPS crashes when there is a duplicate definition! (closes: #343251, #343279, ##343285, #343292) * Added NEWS to explain how to fix this for 1.1.23-13 users: Tweaking cupsd.conf via postinst is a bad idea, so I gave up trying to correct this automatically. Instead, comment out the Port/Listen/Browsing lines in /etc/cups/cupsd.conf if you had already replaced this file by the one from 1.1.23-13. * Updated Swedish debconf translation. (closes: #343397) * Set seen false flag when ports configuration is failed. (closes: #343400) [Martin-Éric Racine] * Added debian/watch file. -- Kenshi Muto Thu, 15 Dec 2005 06:00:09 +0900 cupsys (1.1.23-13) unstable; urgency=high * 38_pdftopscan.dpatch: Apply CAN-2005-0064, CAN-2004-0888, and CAN-2005-2097 patches. (closes: #324459, #324460, #324464) Because Debian cupsys uses xpdf wrapper instead of forked pdftops, so users aren't affected these security problems. This patch is just for users who want to create own pdftops from source. * Move Port/Listen and Browsing configurations from /etc/cups/ cupsd.conf to /etc/cups/cups.d/. /etc/cups/cups.d/ports.conf: Port/Listen configuration. /etc/cups/cups.d/browse.conf: Browsing configuration You can configure these values by using "dpkg-reconfigure cupsys". (closes: #235906, #297695, #178838, #288838) * Added Swedish debconf translation (closes: #338545). Thanks Daniel. * Updated Russian debconf translation (closes: #340626). Thanks Yuri. * Applied xpdf patch to fix buffer overflows [pdftops/Stream.cxx, pdftops/Stream.h, CAN-2005-3191, CAN-2005-3192, 48_security_CAN-2005-3191.dpatch] Because Debian cupsys uses xpdf wrapper instead of forked pdftops, so users aren't affected these security problems. This patch is just for users who want to create own pdftops from source. -- Kenshi Muto Mon, 22 Aug 2005 18:50:26 +0900 cupsys (1.1.23-12) unstable; urgency=medium * foomatic-rip may be treated as recommended tool. Modified control file. (closes: #320196) * Add debconf-2.0 as debconf alternative. * Migrated to libgnutls12. (closes: #322087) libcupsys2 backed as real library. libcupsys2-gnutls10 became transitional package. (closes: #322018) * Add procps to Depends: of cupsys. ps command is used by cupsys.postinst. * 47_pid.dpatch: Added a patch to make forked PID file. Now init script use this file instead of one created by start-stop-daemon. I hope this solves Samba starting bug. (closes: #315017) * Back gs-esp to Depends:. (closes: #312244) PostScript printer owners may claim this, but currently we Debian CUPS Maintainers team have massive complains about missing gs-esp dependency. It's current best workaround to avoid such printing problems. -- Kenshi Muto Thu, 28 Jul 2005 11:35:27 +0900 cupsys (1.1.23-11) unstable; urgency=low * "At Debconf 5" release. * Now CUPS is maintained by Debian CUPS Maintainers Team. * Do "sleep 2" to wait daemon's wake up. (this is just workaround... needs better solution, for #309794 and #315017) * Added Vietnamese translation. (closes: #310152) * Check whether daemon is running or not before restart in logrotate. (closes: #310535) * Add description about foomatic-rip (in foomatic-filters package) to README.Debian. (closes: #309399) * Remove unnecessary comment from debian/po/de.po (closes: #314135) * Apply status option for init script (closes: #312683). Thanks Stephen. * Suggests cupsys-driver-gutenprint, this package is new name of cupsys-driver-gimpprint. * 46_ppdsdat: Move /etc/cups/ppds.dat to /var/lib/cups/ppds.dat and make symlink. (closes: #317905) * Unapply NOAUTH handling from 33_jobauthorize. A user warns me it's dangerous to use. -- Kenshi Muto Fri, 20 May 2005 11:07:42 +0900 cupsys (1.1.23-10ubuntu4) breezy; urgency=low * Add debian/patches/ubuntu-disable-conffile-chmod.dpatch: - Stop fiddling with the /etc/cups/cupsd.conf permissions at server startup. The default permissions as shipped (root:root 0644) are just fine for that file, and cupsys modifies it in a way that normal users cannot read them any more, which breaks gnome-cups-manager. - Ubuntu #15165 * debian/cupsys.postinst: - If the package is upgraded from a version earlier than this one, correct permissions of cupsd.conf. -- Martin Pitt Wed, 14 Sep 2005 14:52:13 +0200 cupsys (1.1.23-10ubuntu3) breezy; urgency=low * Fix installation of /usr/share/cups/{enable-browsing,browsing_status} to ship these scripts again. (Ubuntu #14546 ) -- Martin Pitt Fri, 2 Sep 2005 12:00:02 +0200 cupsys (1.1.23-10ubuntu2) breezy; urgency=low * Added debian/patches/ubuntu-confpermissions.dpatch: - Add and document ConfigFilePerm to cupsd.conf and set it to 0600 to avoid exposing SMB passwords to lpadmin members. This makes it slightly harder to intercept the password. (Ubuntu #12036) -- Martin Pitt Thu, 23 Jun 2005 12:44:14 +0200 cupsys (1.1.23-10ubuntu1) breezy; urgency=low * Debian adopted many changes and MOM output was messy; reapplied remaining Ubuntu changes to pristine Debian version. Mention them here again to ease further merges and Debian adoptions. * Convert Ubuntu patches to dpatch and added descriptions. * Convert to poppler: - debian/patches/ubuntu-pdf2ps_poppler.dpatch: Replace pdftops/pdftops.cxx with a port from xpdf-utils to libpoppler. - debian/control: Add build dependency libpoppler-dev, remove xpdf-utils dependency. - Disable 06_replacepdftops.dpatch to build the pdftops/ subdir again. - debian/rules: Install newly built pdftops into /usr/lib/cups/. * Run as user 'cupsys' instead of root: - debian/patches/ubuntu-runasuser.dpatch: Enable RunAsUser in configuration. - debian/patches/ubuntu-auxgroups.dpatch: When running as non-root, call initgroups() instead of setgroups() to allow auxiliary groups. - debian/rules: Configure with --with-cups-user=cupsys. - debian/cupsys.postinst, debian/cupsys-client.postinst: Create cupsys user and setup permissions. - debian/cupsys.postrm: Remove cupsys user on purge. * Disable web interface to avoid putting the user 'cupsys' into group shadow: - debian/README.Debian: Explain the change. - debian/patches/ubuntu-nowebadmin.dpatch: Explain the disabled administrator pages in the web interface. - Add debian/local/ja-nowebadmin.ptch: Add the same explanation to the Japanese translation in patches/ja.tar.gz.uu. - debian/rules: Apply debian/local/ja-nowebadmin.ptch. * Automatic detection of LAN printers (browsing): - Add debian/local/{enable_browsing,browsing_status,cupsd-browsing.conf} and install them in debian/rules. - debian/patches/ubuntu-externalbrowseconf.dpatch: Externalize browsing setting to cupsd-browsing.conf. * Listen to local port only by default to comply to Ubuntu Security Policy: - debian/patches/ubuntu-localports.dpatch * debian/cupsys.init.d: LSB init script. -- Martin Pitt Thu, 23 Jun 2005 11:23:37 +0200 cupsys (1.1.23-10) unstable; urgency=high * Recovered http backend. -8 and -9 missed it. (closes: #305169) * Use absolete path for doc-root instead of relative path. (closes: #305339) -- Kenshi Muto Tue, 19 Apr 2005 20:47:49 +0900 cupsys (1.1.23-9) unstable; urgency=medium * Remove unnecessary and toxic space in doc-base file. (closes: #305084) -- Kenshi Muto Mon, 18 Apr 2005 08:08:03 +0900 cupsys (1.1.23-8) unstable; urgency=medium * "Brush up for Sarge" release. * Introduced dpatch for source management. * Included Spanish man pages. * 43_filtercost: Applied a patch for wrong computation of cost (closes: #304205) * Applied many part of ubuntu patch, http://people.ubuntu.com/~scott/patches/cupsys/cupsys_1.1.23-7ubuntu1.patch. (User 'cupsys' feature and Browsing feature aren't applied at this time. They are post-Sarge things) * Applied improved dvifilter patch. (Although you need to modify /etc/cups/mime.convs and some other files to use it) (closes: #198100) * Provides /var/run/cups/cupsd.pid. (closes: #301804) * Added cupsys documentation to doc-base structure. (closes: #171396, #304333) * Included filter for PostScript from Windows PostScript driver, created by Matt Swift . If you want to use, put /usr/share/doc/cupsys/examples/filters/samba-postscript.* to /etc/cups, and put /usr/share/doc/cupsys/examples/filters/samba-ps-to-ps to /usr/lib/cups/filter. (closes: #246577) -- Kenshi Muto Wed, 16 Mar 2005 10:01:57 +0900 cupsys (1.1.23-7ubuntu2) breezy; urgency=low * debian/control: - Add bui