CHANGES-1.3.txt
---------------
+CHANGES IN CUPS V1.3.11
+
+ - The scheduler did not prevent nested classes (STR #3211)
+ - The scheduler did not reprint processing jobs that were moved to
+ another destination (STR #3222)
+ - The scheduler did not reset the current job file when stopping a
+ printer (STR #3226)
+ - The scheduler did not handle POSTs to custom CGIs properly (STR #3221)
+ - The pdftops filter did not print landscape PDF pages properly
+ (STR #2881)
+ - The scheduler did not handle partial header lines properly from CGI
+ programs (STR #3194)
+ - The web interface could hang on OpenBSD (STR #3176, STR #3196)
+ - The scheduler and cupsfilter utility did not handle rules starting
+ with a negation operator properly (STR #3160)
+ - The scheduler and cupsfilter utility would crash with certain MIME
+ .types rules (STR #3159)
+ - httpSetField wasn't bracketing IPv6 numeric addresses for the Host:
+ field (STR #3164)
+ - The ServerName, if specified, was not treated as a valid alias for the
+ local system (STR #3167)
+ - "make epm" did not work (STR #3166)
+ - "lpstat -h server" showed non-shared printers (STR #3147)
+ - "make check" did not work on Linux (STR #3161)
+
+
CHANGES IN CUPS V1.3.10
- Documentation fixes (STR #2994, STR #2995, STR #3008, STR #3056,
STR #3057)
+ - SECURITY: The scheduler now protects against DNS rebinding attacks
+ (STR #3118)
+ - SECURITY: Fixed TIFF integer overflow in image filters (STR #3031)
+ - The scheduler did not support the job-hold-until attribute with the
+ Restart-Job operation (STR #3130)
+ - SECURITY: The PNG image reading code did not validate the
+ image size properly, leading to a potential buffer overflow
+ (STR #2974)
+ - The rastertohp driver did not set the 1-sided printing mode when
+ needed (STR #3131)
- Now use a wrapper program instead of our fork of the Xpdf code to
support printing of PDF files. The new wrapper supports using Xpdf,
poppler, or Ghostscript to convert PDF files to PostScript (STR #3129)
- The scheduler now rejects ATTR: messages with empty values.
- The scheduler could consume all CPU handling closed connections
(STR #2988)
- - The scheduler now protects against DNS rebinding attacks on
- localhost.
- - SECURITY: The PNG image reading code did not validate the
- image size properly, leading to a potential buffer overflow
- (STR #2974)
- Fixed some configure script bugs with rc/xinetd directories
(STR #2970)
- The Epson sample driver PPDs contained errors (STR #2979)