-CHANGES.txt - 1.7.4 - 2014-07-08
+CHANGES.txt - 1.7.5 - 2014-07-30
--------------------------------
+CHANGES IN CUPS V1.7.5
+
+ - Security: Addressed some more situations where symlinked files would
+ be served by the web interface (STR #4455)
+ - The LPD backend did not work with some versions of glibc (STR #4452)
+ - CGI scripts did not work (STR #4454)
+ - The cupsd.conf man page did not list the ErrorPolicy directive
+ (STR #4457)
+ - Updated the Brazilian Portuguese translation (STR #4456)
+
+
CHANGES IN CUPS V1.7.4
- Security: The web interface incorrectly served symlinked files and
- Fixed a bug in the CUPS_SC_GET_DEVICE_ID handling by the network
backends (STR #4447)
- Added USB quirk rule for Lexmark E230 (STR #4448)
- - The LPD backend did not work with some versions of glibc (STR #4452)
CHANGES IN CUPS V1.7.3
-INSTALL - CUPS v1.7.4 - 2014-06-10
+INSTALL - CUPS v1.7.5 - 2014-07-30
----------------------------------
This file describes how to compile and install CUPS from source code. For more
-README - CUPS v1.7.4 - 2014-06-10
+README - CUPS v1.7.5 - 2014-07-30
---------------------------------
Looking for compile instructions? Read the file "INSTALL.txt" instead...
/*
- * "$Id: lpd.c 12005 2014-07-08 15:46:59Z msweet $"
+ * "$Id: lpd.c 12025 2014-07-15 13:00:17Z msweet $"
*
* Line Printer Daemon backend for CUPS.
*
* Try binding the port to the socket; return if all is OK...
*/
- if (!bind(fd, (struct sockaddr *)&addr, httpAddrSize(&addr)))
+ if (!bind(fd, (struct sockaddr *)&addr, httpAddrLength(&addr)))
return (fd);
/*
/*
- * End of "$Id: lpd.c 12005 2014-07-08 15:46:59Z msweet $".
+ * End of "$Id: lpd.c 12025 2014-07-15 13:00:17Z msweet $".
*/
AC_CONFIG_HEADER(config.h)
dnl Version number information...
-CUPS_VERSION=1.7.4
+CUPS_VERSION=1.7.5
CUPS_REVISION=
#if test -z "$CUPS_REVISION" -a -d .svn; then
# CUPS_REVISION="-r`svnversion . | awk -F: '{print $NF}' | sed -e '1,$s/[[a-zA-Z]]*//g'`"
ac_config_headers="$ac_config_headers config.h"
-CUPS_VERSION=1.7.4
+CUPS_VERSION=1.7.5
CUPS_REVISION=
#if test -z "$CUPS_REVISION" -a -d .svn; then
# CUPS_REVISION="-r`svnversion . | awk -F: '{print $NF}' | sed -e '1,$s/[[a-zA-Z]]*//g'`"
/*
- * "$Id: cups.h 11978 2014-07-02 10:35:09Z msweet $"
+ * "$Id: cups.h 12025 2014-07-15 13:00:17Z msweet $"
*
* API definitions for CUPS.
*
* Constants...
*/
-# define CUPS_VERSION 1.0704
+# define CUPS_VERSION 1.0705
# define CUPS_VERSION_MAJOR 1
# define CUPS_VERSION_MINOR 7
-# define CUPS_VERSION_PATCH 4
+# define CUPS_VERSION_PATCH 5
# define CUPS_BC_FD 3
/* Back-channel file descriptor for
#endif /* !_CUPS_CUPS_H_ */
/*
- * End of "$Id: cups.h 11978 2014-07-02 10:35:09Z msweet $".
+ * End of "$Id: cups.h 12025 2014-07-15 13:00:17Z msweet $".
*/
<dd>Specifies the level of encryption that is required for a particular
location.
</dd>
+<dt>ErrorPolicy abort-job
+</dt>
+<dd>Specifies that a failed print job should be aborted (discarded) unless otherwise specified for the printer.
+</dd>
+<dt>ErrorPolicy retry-job
+</dt>
+<dd>Specifies that a failed print job should be retried at a later time unless otherwise specified for the printer.
+</dd>
+<dt>ErrorPolicy retry-this-job
+</dt>
+<dd>Specifies that a failed print job should be retried immediately unless otherwise specified for the printer.
+</dd>
+<dt>ErrorPolicy stop-printer
+</dt>
+<dd>Specifies that a failed print job should stop the printer unless otherwise specified for the printer. The 'stop-printer' error policy is the default.
+</dd>
<dt>FilterLimit limit
</dt>
<dd></dd>
#
msgid ""
msgstr ""
-"Project-Id-Version: CUPS 1.7.2\n"
+"Project-Id-Version: CUPS 1.7.4\n"
"Report-Msgid-Bugs-To: http://www.cups.org/str.php\n"
"POT-Creation-Date: 2014-05-09 13:32-0700\n"
-"PO-Revision-Date: 2014-04-30 23:57-0300\n"
+"PO-Revision-Date: 2014-07-22 00:19-0300\n"
"Last-Translator: Rafael Ferreira <rafael.f.f1@gmail.com>\n"
"Language-Team: Brazilian Portuguese <traducao-cups-pt-br@googlegroups.com>\n"
"Language: pt_BR\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"X-Generator: Poedit 1.6.4\n"
+"X-Generator: Poedit 1.6.5\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
msgid "\t\t(all)"
msgstr "Nenhuma conexão ativa"
msgid "No active connection."
-msgstr ""
+msgstr "Nenhuma conexão ativa."
#, c-format
msgid "No active jobs on %s."
msgstr "Nenhum printer-uri na requisição."
msgid "No request sent."
-msgstr ""
+msgstr "Nenhuma requisição enviada."
msgid "No request-id"
msgstr "Nenhum request-id"
.\"
-.\" "$Id: cupsd.conf.man.in 11109 2013-07-08 21:15:13Z msweet $"
+.\" "$Id: cupsd.conf.man.in 12060 2014-07-28 14:04:41Z msweet $"
.\"
.\" cupsd.conf man page for CUPS.
.\"
.\" which should have been included with this file. If this file is
.\" file is missing or damaged, see the license at "http://www.cups.org/".
.\"
-.TH cupsd.conf 5 "CUPS" "8 July 2013" "Apple Inc."
+.TH cupsd.conf 5 "CUPS" "28 July 2014" "Apple Inc."
.SH NAME
cupsd.conf \- server configuration file for cups
.SH DESCRIPTION
Specifies the level of encryption that is required for a particular
location.
.TP 5
+ErrorPolicy abort-job
+Specifies that a failed print job should be aborted (discarded) unless otherwise specified for the printer.
+.TP 5
+ErrorPolicy retry-job
+Specifies that a failed print job should be retried at a later time unless otherwise specified for the printer.
+.TP 5
+ErrorPolicy retry-this-job
+Specifies that a failed print job should be retried immediately unless otherwise specified for the printer.
+.TP 5
+ErrorPolicy stop-printer
+Specifies that a failed print job should stop the printer unless otherwise specified for the printer. The 'stop-printer' error policy is the default.
+.TP 5
FilterLimit limit
.br
Specifies the maximum cost of filters that are run concurrently.
.SH COPYRIGHT
Copyright 2007-2013 by Apple Inc.
.\"
-.\" End of "$Id: cupsd.conf.man.in 11109 2013-07-08 21:15:13Z msweet $".
+.\" End of "$Id: cupsd.conf.man.in 12060 2014-07-28 14:04:41Z msweet $".
.\"
Summary: CUPS
Name: cups
-Version: 1.7.4
+Version: 1.7.5
Release: 1
Epoch: 1
License: GPL
Group: System Environment/Daemons
-Source: http://www.cups.org/software/1.7.4/cups-1.7.4-source.tar.bz2
+Source: http://www.cups.org/software/1.7.5/cups-1.7.5-source.tar.bz2
Url: http://www.cups.org
Packager: Anonymous <anonymous@foo.com>
Vendor: Apple Inc.
/*
- * "$Id: client.c 12009 2014-07-09 17:02:38Z msweet $"
+ * "$Id: client.c 12057 2014-07-22 14:03:19Z msweet $"
*
* Client routines for the CUPS scheduler.
*
* then fallback to the default one...
*/
- if ((status = stat(filename, filestats)) != 0 && language[0] &&
+ if ((status = lstat(filename, filestats)) != 0 && language[0] &&
strncmp(con->uri, "/icons/", 7) &&
strncmp(con->uri, "/ppd/", 5) &&
strncmp(con->uri, "/rss/", 5) &&
plen = len - (ptr - filename);
strlcpy(ptr, "index.html", plen);
- status = stat(filename, filestats);
+ status = lstat(filename, filestats);
#ifdef HAVE_JAVA
if (status)
{
strlcpy(ptr, "index.class", plen);
- status = stat(filename, filestats);
+ status = lstat(filename, filestats);
}
#endif /* HAVE_JAVA */
if (status)
{
strlcpy(ptr, "index.pl", plen);
- status = stat(filename, filestats);
+ status = lstat(filename, filestats);
}
#endif /* HAVE_PERL */
if (status)
{
strlcpy(ptr, "index.php", plen);
- status = stat(filename, filestats);
+ status = lstat(filename, filestats);
}
#endif /* HAVE_PHP */
if (status)
{
strlcpy(ptr, "index.pyc", plen);
- status = stat(filename, filestats);
+ status = lstat(filename, filestats);
}
if (status)
{
strlcpy(ptr, "index.py", plen);
- status = stat(filename, filestats);
+ status = lstat(filename, filestats);
}
#endif /* HAVE_PYTHON */
}
while (status && language[0]);
+
+ /*
+ * If we've found a symlink, 404 the sucker to avoid disclosing information.
+ */
+
+ if (!status && S_ISLNK(filestats->st_mode))
+ {
+ cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Symlinks such as \"%s\" are not allowed.", con->http.fd, filename);
+ return (NULL);
+ }
+
+ /*
+ * Similarly, if the file/directory does not have world read permissions, do
+ * not allow access...
+ */
+
+ if (!status && !(filestats->st_mode & S_IROTH))
+ {
+ cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Files/directories such as \"%s\" must be world-readable.", con->http.fd, filename);
+ return (NULL);
+ }
}
cupsdLogMessage(CUPSD_LOG_DEBUG2,
argv[0] = command;
if (options)
- {
- commptr = options;
- if (*commptr == ' ')
- commptr ++;
- strlcpy(argbuf, commptr, sizeof(argbuf));
- }
+ strlcpy(argbuf, options, sizeof(argbuf));
else
argbuf[0] = '\0';
/*
- * End of "$Id: client.c 12009 2014-07-09 17:02:38Z msweet $".
+ * End of "$Id: client.c 12057 2014-07-22 14:03:19Z msweet $".
*/