Security bump, see bug #217232. Also fixes bug #217293.

(Portage version: 2.1.5_rc3)

7 files changed, 240 insertions, 148 deletions

diff --git a/net-print/cups/ChangeLog b/net-print/cups/ChangeLog
index 7ef21a4b94a4..060056ec53d8 100644
--- a/net-print/cups/ChangeLog
+++ b/net-print/cups/ChangeLog
@@ -1,6 +1,17 @@
 # ChangeLog for net-print/cups
 # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.299 2008/04/05 14:15:20 tgurr Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.300 2008/04/14 20:47:45 tgurr Exp $
+
+*cups-1.3.7-r1 (14 Apr 2008)
+*cups-1.2.12-r8 (14 Apr 2008)
+
+  14 Apr 2008; Timo Gurr <tgurr@gentoo.org>
+  +files/cups-1.2.12-CVE-2008-1722.patch,
+  -files/cups-1.3.6-CVE-2008-1373.patch,
+  +files/cups-1.3.7-CVE-2008-1722.patch,
+  +files/cups-1.3.7-backend-https.patch, +cups-1.2.12-r8.ebuild,
+  -cups-1.3.6-r3.ebuild, -cups-1.3.7.ebuild, +cups-1.3.7-r1.ebuild:
+  Security bump, see bug #217232. Also fixes bug #217293.
 
 *cups-1.3.7 (05 Apr 2008)
 
diff --git a/net-print/cups/cups-1.3.6-r3.ebuild b/net-print/cups/cups-1.2.12-r8.ebuild
index cee40edf6faf..79fe11854f97 100644
--- a/net-print/cups/cups-1.3.6-r3.ebuild
+++ b/net-print/cups/cups-1.2.12-r8.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2008 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.3.6-r3.ebuild,v 1.2 2008/04/05 13:42:26 genstef Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.2.12-r8.ebuild,v 1.1 2008/04/14 20:47:45 tgurr Exp $
 
 inherit autotools eutils flag-o-matic multilib pam
 
@@ -13,37 +13,27 @@ SRC_URI="mirror://sourceforge/cups/${MY_P}-source.tar.bz2"
 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd"
-IUSE="acl avahi dbus java jpeg kerberos ldap nls pam perl php png ppds python samba slp ssl static tiff X zeroconf"
+IUSE="ldap ssl slp pam php samba nls dbus tiff png ppds jpeg X"
 
-COMMON_DEPEND="acl? ( kernel_linux? ( sys-apps/acl sys-apps/attr ) )
-	avahi? ( net-dns/avahi )
-	dbus? ( sys-apps/dbus )
-	java? ( >=virtual/jre-1.4 )
-	jpeg? ( >=media-libs/jpeg-6b )
-	kerberos? ( virtual/krb5 )
+DEP="pam? ( virtual/pam )
+	ssl? ( net-libs/gnutls )
+	slp? ( >=net-libs/openslp-1.0.4 )
 	ldap? ( net-nds/openldap )
-	pam? ( virtual/pam )
-	perl? ( dev-lang/perl )
-	php? ( dev-lang/php )
+	dbus? ( sys-apps/dbus )
 	png? ( >=media-libs/libpng-1.2.1 )
-	python? ( dev-lang/python )
-	slp? ( >=net-libs/openslp-1.0.4 )
-	ssl? ( net-libs/gnutls )
 	tiff? ( >=media-libs/tiff-3.5.5 )
-	zeroconf? ( !avahi? ( net-misc/mDNSResponder ) )
-	app-text/libpaper
-	dev-libs/libgcrypt"
-
-DEPEND="${COMMON_DEPEND}
+	jpeg? ( >=media-libs/jpeg-6b )
+	php? ( dev-lang/php )
+	app-text/libpaper"
+DEPEND="${DEP}
 	!<net-print/foomatic-filters-ppds-20070501
 	!<net-print/hplip-1.7.4a-r1
 	nls? ( sys-devel/gettext )"
-
-RDEPEND="${COMMON_DEPEND}
-	!virtual/lpr
+RDEPEND="${DEP}
 	nls? ( virtual/libintl )
-	X? ( x11-misc/xdg-utils )
-	>=app-text/poppler-0.4.3-r1"
+	!virtual/lpr
+	>=app-text/poppler-0.4.3-r1
+	X? ( x11-misc/xdg-utils )"
 
 PDEPEND="
 	ppds? ( || (
@@ -60,7 +50,6 @@ PDEPEND="
 	) )
 	samba? ( >=net-fs/samba-3.0.8 )
 	virtual/ghostscript"
-
 PROVIDE="virtual/lpr"
 
 # upstream includes an interactive test which is a nono for gentoo.
@@ -70,18 +59,14 @@ RESTRICT="test"
 
 S="${WORKDIR}/${MY_P}"
 
-LANGS="de en es et fr he it ja pl sv zh_TW"
-for X in ${LANGS} ; do
-	IUSE="${IUSE} linguas_${X}"
-done
-
 pkg_setup() {
-	if use avahi && ! built_with_use net-dns/avahi mdnsresponder-compat ; then
-		echo
-		eerror "In order to have cups working with avahi zeroconf support, you need"
-		eerror "to have net-dns/avahi emerged with 'mdnsresponder-compat' in your USE"
-		eerror "flag. Please add that flag, re-emerge avahi, and then emerge cups again."
-		die "net-dns/avahi is missing the mdnsresponder-compat feature."
+	if use x86 && [ -d "/usr/lib64" ]
+	then
+		eerror "You are running an x86 system, but /usr/lib64 exists, cups will install all library objects into this directory!"
+		eerror "You should remove /usr/lib64, but before you do, you should check for existing objects, and re-compile all affected packages."
+		eerror "You can use qfile (emerge portage-utils to install qfile) to get a list of the affected ebuilds:"
+		eerror "# qfile -qC /usr/lib64"
+		die "lib64 on x86 detected"
 	fi
 
 	enewgroup lp
@@ -94,13 +79,20 @@ src_unpack() {
 	unpack ${A}
 	cd "${S}"
 
-	# disable configure automagic for acl/attr, upstream bug STR #2723.
-	epatch "${FILESDIR}/${PN}-1.3.0-configure.patch"
-
+	# CVE-2007-4351 security patch, bug #196736
+	epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2007-4351.patch
+	# CVE-2007-5849 security patch, bug #201570
+	epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2007-5849.patch
 	# CVE-2008-0047 security patch, bug #212364
-	epatch "${FILESDIR}/${PN}-1.2.12-CVE-2008-0047.patch"
+	epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-0047.patch
+	# CVE-2008-0053 security patch, bug #214068
+	epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-0053.patch
+	# CVE-2008-0882 security patch, bug #211449
+	epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-0882.patch
 	# CVE-2008-1373 security patch, bug #214068
-	epatch "${FILESDIR}/${P}-CVE-2008-1373.patch"
+	epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-1373.patch
+	# CVE-2008-1722 security patch, bug #217232
+	epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-1722.patch
 
 	# cups does not use autotools "the usual way" and ship a static config.h.in
 	eaclocal
@@ -108,62 +100,38 @@ src_unpack() {
 }
 
 src_compile() {
-
-	# locale support
-	strip-linguas ${LANGS}
-
-	if [ -z "${LINGUAS}" ] ; then
-		export LINGUAS=all
-	fi
-
 	export DSOFLAGS="${LDFLAGS}"
 
-	if use ldap ; then
+	if use ldap; then
 		append-flags -DLDAP_DEPRECATED
 	fi
 
-	local myconf
-
-	if use avahi || use zeroconf ; then
-		myconf="${myconf} --enable-dnssd"
-	else
-		myconf="${myconf} --disable-dnssd"
-	fi
-
 	econf \
-		--libdir=/usr/$(get_libdir) \
-		--localstatedir=/var \
 		--with-cups-user=lp \
 		--with-cups-group=lp \
-		--with-docdir=/usr/share/cups/html \
-		--with-languages=${LINGUAS} \
 		--with-system-groups=lpadmin \
-		$(use_enable acl) \
-		$(use_enable dbus) \
-		$(use_enable jpeg) \
-		$(use_enable kerberos gssapi) \
-		$(use_enable ldap) \
-		$(use_enable nls) \
+		--localstatedir=/var \
+		--with-docdir=/usr/share/cups/html \
 		$(use_enable pam) \
-		$(use_enable png) \
-		$(use_enable slp) \
 		$(use_enable ssl) \
-		$(use_enable static) \
+		--enable-gnutls \
+		$(use_enable slp) \
+		$(use_enable nls) \
+		$(use_enable dbus) \
+		$(use_enable png) \
+		$(use_enable jpeg) \
 		$(use_enable tiff) \
-		$(use_with java) \
-		$(use_with perl) \
 		$(use_with php) \
-		$(use_with python) \
-		--enable-gnutls \
+		$(use_enable ldap) \
 		--enable-libpaper \
 		--enable-threads \
+		--enable-static \
 		--disable-pdftops \
-		${myconf} \
 		|| die "econf failed"
 
-	# install in /usr/libexec always, instead of using /usr/lib/cups, as that
+	# Install in /usr/libexec always, instead of using /usr/lib/cups, as that
 	# makes more sense when facing multilib support.
-	sed -i -e 's:SERVERBIN.*:SERVERBIN = "$(BUILDROOT)"/usr/libexec/cups:' Makedefs
+	sed -i -e 's:SERVERBIN.*:SERVERBIN = $(BUILDROOT)/usr/libexec/cups:' Makedefs
 	sed -i -e 's:#define CUPS_SERVERBIN.*:#define CUPS_SERVERBIN "/usr/libexec/cups":' config.h
 	sed -i -e 's:cups_serverbin=.*:cups_serverbin=/usr/libexec/cups:' cups-config
 
@@ -172,20 +140,12 @@ src_compile() {
 
 src_install() {
 	emake BUILDROOT="${D}" install || die "emake install failed"
-	dodoc {CHANGES{,-1.{0,1}},CREDITS,README}.txt || die "dodoc install failed"
+	dodoc {CHANGES{,-1.{0,1}},CREDITS,LICENSE,README}.txt
 
 	# clean out cups init scripts
 	rm -rf "${D}"/etc/{init.d/cups,rc*,pam.d/cups}
-
-	# install our init script
-	local neededservices
-	use avahi && neededservices="$neededservices avahi-daemon"
-	use dbus && neededservices="$neededservices dbus"
-	use zeroconf && ! use avahi && neededservices="$neededservices mDNSResponderPosix"
-	[[ -n ${neededservices} ]] && neededservices="need${neededservices}"
-	sed -e "s/@neededservices@/$neededservices/" "${FILESDIR}"/cupsd.init.d > "${T}"/cupsd
-	doinitd "${T}"/cupsd
-
+	# install our init scripts
+	newinitd "${FILESDIR}"/cupsd.init cupsd
 	# install our pam script
 	pamd_mimic_system cups auth account
 
@@ -200,80 +160,74 @@ src_install() {
 	newexe "${FILESDIR}"/pdftops-1.20.gentoo pdftops
 
 	# only for gs-esp this is correct, see bug 163897
-	if has_version app-text/ghostscript-gpl || has_version app-text/ghostscript-gnu ; then
+	if has_version app-text/ghostscript-gpl || has_version app-text/ghostscript-gnu; then
 		sed -i -e "s:#application/vnd.cups-postscript:application/vnd.cups-postscript:" "${D}"/etc/cups/mime.convs
 	fi
 
 	keepdir /usr/share/cups/profiles /usr/libexec/cups/driver /var/log/cups \
 		/var/run/cups/certs /var/cache/cups /var/spool/cups/tmp /etc/cups/ssl
 
-	# .desktop handling. X useflag. xdg-open from freedesktop is preferred, upstream bug STR #2724.
-	if use X ; then
+	# .desktop handling. X useflag. xdg-open from freedesktop is preferred
+	if use X; then
 		sed -i -e "s:htmlview:xdg-open:" "${D}"/usr/share/applications/cups.desktop
 	else
 		rm -r "${D}"/usr/share/applications
 	fi
 
-	# fix a symlink collision, see bug #172341
+	# Fix a symlink collision, see bug #172341
 	dodir /usr/share/ppd
 	dosym /usr/share/ppd /usr/share/cups/model/foomatic-ppds
-
-	# create RSS feed directory
-	diropts -m 0740 -o lp -g lp
-	dodir /var/cache/cups/rss
-
-	# create /etc/cups/client.conf, bug #196967
-	echo "ServerName localhost" >> "${D}"/etc/cups/client.conf
 }
 
 pkg_preinst() {
 	# cleanups
-	[ -n "${PN}" ] && rm -fR "${ROOT}"/usr/share/doc/"${PN}"-*
+	[ -n "${PN}" ] && rm -fR "${ROOT}"/usr/share/doc/${PN}-*
 }
 
 pkg_postinst() {
 	echo
-	elog "For information about installing a printer and general cups setup"
-	elog "take a look at: http://www.gentoo.org/doc/en/printing-howto.xml"
+	elog "Remote printing: change "
+	elog "Listen localhost:631"
+	elog "to"
+	elog "Listen *:631"
+	elog "in /etc/cups/cupsd.conf"
+	echo
+	elog "For more information about installing a printer take a look at:"
+	elog "http://www.gentoo.org/doc/en/printing-howto.xml."
 	echo
 
 	local good_gs=false
-	for x in app-text/ghostscript-gpl app-text/ghostscript-gnu app-text/ghostscript-esp ; do
-		if has_version ${x} && built_with_use ${x} cups ; then
+	for x in app-text/ghostscript-gpl app-text/ghostscript-gnu app-text/ghostscript-esp; do
+		if has_version ${x} && built_with_use ${x} cups; then
 			good_gs=true
 			break
 		fi
 	done;
 	if ! ${good_gs}; then
-		echo
+		ewarn
 		ewarn "You need to emerge ghostscript with the \"cups\" USE flag turned on"
-		echo
 	fi
-
-	if has_version =net-print/cups-1.1* ; then
-		echo
-		ewarn "The configuration changed with cups-1.3, you may want to save the old"
+	if has_version =net-print/cups-1.1*; then
+		ewarn
+		ewarn "The configuration changed with cups-1.2, you may want to save the old"
 		ewarn "one and start from scratch:"
 		ewarn "# mv /etc/cups /etc/cups.orig; emerge -va1 cups"
-		echo
-		ewarn "You need to rebuild kdelibs for kdeprinter to work with cups-1.3"
-		echo
+		ewarn
+		ewarn "You need to rebuild kdelibs for kdeprinter to work with cups-1.2"
 	fi
-
-	if [ -e "${ROOT}"/usr/lib/cups ] ; then
-		echo
+	if [ -e "${ROOT}"/usr/lib/cups ]; then
+		ewarn
 		ewarn "/usr/lib/cups exists - You need to remerge every ebuild that"
 		ewarn "installed into /usr/lib/cups and /etc/cups, qfile is in portage-utils:"
 		ewarn "# FEATURES=-collision-protect emerge -va1 \$(qfile -qC /usr/lib/cups /etc/cups | sed \"s:net-print/cups$::\")"
-		echo
+		ewarn
 		ewarn "FEATURES=-collision-protect is needed to overwrite the compatibility"
-		ewarn "symlinks installed by this package, it won't be needed on later merges."
+		ewarn "symlinks installed by this package, it wont be needed on later merges."
 		ewarn "You should also run revdep-rebuild"
-		echo
 
 		# place symlinks to make the update smoothless
-		for i in "${ROOT}"/usr/lib/cups/{backend,filter}/* ; do
-			if [ "${i/\*}" == "${i}" ] && ! [ -e ${i/lib/libexec} ] ; then
+		for i in "${ROOT}"/usr/lib/cups/{backend,filter}/*; do
+			if [ "${i/\*}" == "${i}" ] && ! [ -e ${i/lib/libexec} ]; then
 				ln -s ${i} ${i/lib/libexec}
 			fi
 		done
diff --git a/net-print/cups/cups-1.3.7.ebuild b/net-print/cups/cups-1.3.7-r1.ebuild
index 4e7cbabaae26..ce98307f0474 100644
--- a/net-print/cups/cups-1.3.7.ebuild
+++ b/net-print/cups/cups-1.3.7-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2008 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.3.7.ebuild,v 1.1 2008/04/05 14:15:20 tgurr Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.3.7-r1.ebuild,v 1.1 2008/04/14 20:47:45 tgurr Exp $
 
 inherit autotools eutils flag-o-matic multilib pam
 
@@ -94,9 +94,15 @@ src_unpack() {
 	unpack ${A}
 	cd "${S}"
 
-	# disable configure automagic for acl/attr, upstream bug STR #2723.
+	# disable configure automagic for acl/attr, upstream bug STR #2723
 	epatch "${FILESDIR}/${PN}-1.3.0-configure.patch"
 
+	# create a missing symlink to allow https printing via IPP, bug #217293
+	epatch "${FILESDIR}/${PN}-1.3.7-backend-https.patch"
+
+	# CVE-2008-1722 security patch, bug #217232
+	epatch "${FILESDIR}/${PN}-1.3.7-CVE-2008-1722.patch"
+
 	# cups does not use autotools "the usual way" and ship a static config.h.in
 	eaclocal
 	eautoconf
diff --git a/net-print/cups/files/cups-1.2.12-CVE-2008-1722.patch b/net-print/cups/files/cups-1.2.12-CVE-2008-1722.patch
new file mode 100644
index 000000000000..dad7dd083aea
--- /dev/null
+++ b/net-print/cups/files/cups-1.2.12-CVE-2008-1722.patch
@@ -0,0 +1,62 @@
+diff -Naur cups-1.2.12/filter/image-png.c cups-1.2.12.new/filter/image-png.c
+--- cups-1.2.12/filter/image-png.c	2006-05-11 13:41:36.000000000 +0200
++++ cups-1.2.12.new/filter/image-png.c	2008-04-14 15:46:35.665695675 +0200
+@@ -179,16 +179,56 @@
+     * Interlaced images must be loaded all at once...
+     */
+ 
++    size_t bufsize;			/* Size of buffer */
++
++
+     if (color_type == PNG_COLOR_TYPE_GRAY ||
+ 	color_type == PNG_COLOR_TYPE_GRAY_ALPHA)
+-      in = malloc(img->xsize * img->ysize);
++    {
++      bufsize = img->xsize * img->ysize;
++
++      if ((bufsize / img->ysize) != img->xsize)
++      {
++	fprintf(stderr, "DEBUG: PNG image dimensions (%ux%u) too large!\n",
++		(unsigned)width, (unsigned)height);
++	fclose(fp);
++	return (1);
++      }
++    }
+     else
+-      in = malloc(img->xsize * img->ysize * 3);
++    {
++      bufsize = img->xsize * img->ysize * 3;
++
++      if ((bufsize / (img->ysize * 3)) != img->xsize)
++      {
++	fprintf(stderr, "DEBUG: PNG image dimensions (%ux%u) too large!\n",
++		(unsigned)width, (unsigned)height);
++	fclose(fp);
++	return (1);
++      }
++    }
++
++    in = malloc(bufsize);
+   }
+ 
+   bpp = cupsImageGetDepth(img);
+   out = malloc(img->xsize * bpp);
+ 
++  if (!in || !out)
++  {
++    fputs("DEBUG: Unable to allocate memory for PNG image!\n", stderr);
++
++    if (in)
++      free(in);
++
++    if (out)
++      free(out);
++
++    fclose(fp);
++
++    return (1);
++  }
++
+  /*
+   * Read the image, interlacing as needed...
+   */
diff --git a/net-print/cups/files/cups-1.3.6-CVE-2008-1373.patch b/net-print/cups/files/cups-1.3.6-CVE-2008-1373.patch
deleted file mode 100644
index 8a7383f4e096..000000000000
--- a/net-print/cups/files/cups-1.3.6-CVE-2008-1373.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-Index: cups-1.3.6/filter/image-gif.c
-===================================================================
---- cups-1.3.6.orig/filter/image-gif.c
-+++ cups-1.3.6/filter/image-gif.c
-@@ -38,6 +38,8 @@
- #define GIF_INTERLACE	0x40
- #define GIF_COLORMAP	0x80
- 
-+#define MAX_LWZ_BITS	12
-+
- typedef cups_ib_t	gif_cmap_t[256][4];
- typedef short		gif_table_t[4096];
- 
-@@ -462,6 +464,9 @@ gif_read_image(FILE         *fp,	/* I - 
-   pass      = 0;
-   code_size = getc(fp);
- 
-+  if (code_size > MAX_LWZ_BITS)
-+    return (-1);
-+
-   if (!pixels)
-     return (-1);
- 
diff --git a/net-print/cups/files/cups-1.3.7-CVE-2008-1722.patch b/net-print/cups/files/cups-1.3.7-CVE-2008-1722.patch
new file mode 100644
index 000000000000..908134c47ee4
--- /dev/null
+++ b/net-print/cups/files/cups-1.3.7-CVE-2008-1722.patch
@@ -0,0 +1,71 @@
+diff -Naur cups-1.3.7/filter/image-png.c cups-1.3.7.new/filter/image-png.c
+--- cups-1.3.7/filter/image-png.c	2007-07-11 23:46:42.000000000 +0200
++++ cups-1.3.7.new/filter/image-png.c	2008-04-14 15:48:56.641188980 +0200
+@@ -3,7 +3,7 @@
+  *
+  *   PNG image routines for the Common UNIX Printing System (CUPS).
+  *
+- *   Copyright 2007 by Apple Inc.
++ *   Copyright 2007-2008 by Apple Inc.
+  *   Copyright 1993-2007 by Easy Software Products.
+  *
+  *   These coded instructions, statements, and computer programs are the
+@@ -170,16 +170,56 @@
+     * Interlaced images must be loaded all at once...
+     */
+ 
++    size_t bufsize;			/* Size of buffer */
++
++
+     if (color_type == PNG_COLOR_TYPE_GRAY ||
+ 	color_type == PNG_COLOR_TYPE_GRAY_ALPHA)
+-      in = malloc(img->xsize * img->ysize);
++    {
++      bufsize = img->xsize * img->ysize;
++
++      if ((bufsize / img->ysize) != img->xsize)
++      {
++	fprintf(stderr, "DEBUG: PNG image dimensions (%ux%u) too large!\n",
++		(unsigned)width, (unsigned)height);
++	fclose(fp);
++	return (1);
++      }
++    }
+     else
+-      in = malloc(img->xsize * img->ysize * 3);
++    {
++      bufsize = img->xsize * img->ysize * 3;
++
++      if ((bufsize / (img->ysize * 3)) != img->xsize)
++      {
++	fprintf(stderr, "DEBUG: PNG image dimensions (%ux%u) too large!\n",
++		(unsigned)width, (unsigned)height);
++	fclose(fp);
++	return (1);
++      }
++    }
++
++    in = malloc(bufsize);
+   }
+ 
+   bpp = cupsImageGetDepth(img);
+   out = malloc(img->xsize * bpp);
+ 
++  if (!in || !out)
++  {
++    fputs("DEBUG: Unable to allocate memory for PNG image!\n", stderr);
++
++    if (in)
++      free(in);
++
++    if (out)
++      free(out);
++
++    fclose(fp);
++
++    return (1);
++  }
++
+  /*
+   * Read the image, interlacing as needed...
+   */
diff --git a/net-print/cups/files/cups-1.3.7-backend-https.patch b/net-print/cups/files/cups-1.3.7-backend-https.patch
new file mode 100644
index 000000000000..44706b3e4a24
--- /dev/null
+++ b/net-print/cups/files/cups-1.3.7-backend-https.patch
@@ -0,0 +1,11 @@
+diff -Naur cups-1.3.7/backend/Makefile cups-1.3.7.new/backend/Makefile
+--- cups-1.3.7/backend/Makefile	2007-08-08 21:27:51.000000000 +0200
++++ cups-1.3.7.new/backend/Makefile	2008-04-14 16:42:18.106785330 +0200
+@@ -62,6 +62,7 @@
+ 	done
+ 	$(RM) $(SERVERBIN)/backend/http
+ 	$(LN) ipp $(SERVERBIN)/backend/http
++	$(LN) ipp $(SERVERBIN)/backend/https
+ 	if test "x$(SYMROOT)" != "x"; then \
+ 		$(INSTALL_DIR) $(SYMROOT); \
+ 		for file in $(TARGETS); do \