diff options
| author |   Timo Gurr <tgurr@gentoo.org> | 2008-11-25 23:58:47 +0000 |
|---|---|---|
| committer | Timo Gurr <tgurr@gentoo.org> | 2008-11-25 23:58:47 +0000 |
| commit | bd07357b01e7ef084de61180a4f21a55e8bb562a (patch) | |
| tree | 8c1d66393413f78f0437871ce6cb42f43aa66e28 /net-print | |
| parent | Another couple of packages depending on the great mono-2 unmasking (diff) | |
| download | historical-bd07357b01e7ef084de61180a4f21a55e8bb562a.tar.gz historical-bd07357b01e7ef084de61180a4f21a55e8bb562a.tar.bz2 historical-bd07357b01e7ef084de61180a4f21a55e8bb562a.zip | |
Remove old and vulnerable versions, finally getting rid of CUPS 1.2.x.
Package-Manager: portage-2.2_rc16/cvs/Linux 2.6.27-gentoo-r4 x86_64
Diffstat (limited to 'net-print')
| -rw-r--r-- | net-print/cups/ChangeLog | 14 | ||||
| -rw-r--r-- | net-print/cups/Manifest | 15 | ||||
| -rw-r--r-- | net-print/cups/cups-1.2.12-r4.ebuild | 231 | ||||
| -rw-r--r-- | net-print/cups/cups-1.2.12-r8.ebuild | 237 | ||||
| -rw-r--r-- | net-print/cups/cups-1.3.8-r1.ebuild | 295 | ||||
| -rw-r--r-- | net-print/cups/files/cups-1.2.12-CVE-2007-4045.patch | 58 | ||||
| -rw-r--r-- | net-print/cups/files/cups-1.2.12-CVE-2007-4351.patch | 154 | ||||
| -rw-r--r-- | net-print/cups/files/cups-1.2.12-CVE-2007-5849.patch | 45 | ||||
| -rw-r--r-- | net-print/cups/files/cups-1.2.12-CVE-2008-0047.patch | 15 | ||||
| -rw-r--r-- | net-print/cups/files/cups-1.2.12-CVE-2008-0053.patch | 40 | ||||
| -rw-r--r-- | net-print/cups/files/cups-1.2.12-CVE-2008-0882.patch | 28 | ||||
| -rw-r--r-- | net-print/cups/files/cups-1.2.12-CVE-2008-1373.patch | 23 | ||||
| -rw-r--r-- | net-print/cups/files/cups-1.2.12-CVE-2008-1722.patch | 62 | ||||
| -rw-r--r-- | net-print/cups/files/cupsd.init | 20 |
14 files changed, 14 insertions, 1223 deletions
diff --git a/net-print/cups/ChangeLog b/net-print/cups/ChangeLog index 98ca5f87117d..839bc9a92478 100644 --- a/net-print/cups/ChangeLog +++ b/net-print/cups/ChangeLog @@ -1,6 +1,18 @@ # ChangeLog for net-print/cups # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.333 2008/11/09 21:44:56 klausman Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.334 2008/11/25 23:58:46 tgurr Exp $ + + 25 Nov 2008; Timo Gurr <tgurr@gentoo.org> + -files/cups-1.2.12-CVE-2007-4045.patch, + -files/cups-1.2.12-CVE-2007-4351.patch, + -files/cups-1.2.12-CVE-2007-5849.patch, + -files/cups-1.2.12-CVE-2008-0047.patch, + -files/cups-1.2.12-CVE-2008-0053.patch, + -files/cups-1.2.12-CVE-2008-0882.patch, + -files/cups-1.2.12-CVE-2008-1373.patch, + -files/cups-1.2.12-CVE-2008-1722.patch, -files/cupsd.init, + -cups-1.2.12-r4.ebuild, -cups-1.2.12-r8.ebuild, -cups-1.3.8-r1.ebuild: + Remove old and vulnerable versions, finally getting rid of CUPS 1.2.x. 09 Nov 2008; Tobias Klausmann <klausman@gentoo.org> Manifest: Fixed manifest for cups-1.3.8-source.tar.bz2 diff --git a/net-print/cups/Manifest b/net-print/cups/Manifest index ccd6975ef1d7..e0eaa053293a 100644 --- a/net-print/cups/Manifest +++ b/net-print/cups/Manifest @@ -1,11 +1,3 @@ -AUX cups-1.2.12-CVE-2007-4045.patch 1737 RMD160 6c239b26443af6cf841a457cc5611a2f78d809c3 SHA1 02c2bd1bf58204fd9e1b380f8899dae2f98c2fed SHA256 0e4898b7e42f74f894b416a1398d75bcf6062497a87e061984f09e904f68489e -AUX cups-1.2.12-CVE-2007-4351.patch 3910 RMD160 461a232b2a0ebc52a83cb729112c0f7d3f3d0ffe SHA1 9b7706a34fd08c32b7911a9f09f02a02c790a77c SHA256 1da64de6358dea65971105530795ffb8d100ddfe5b42c03cdbd815432de219c8 -AUX cups-1.2.12-CVE-2007-5849.patch 1017 RMD160 0fd58946d8cfca13460ad07bfde670a3319fe1ff SHA1 4c4cb69d857427de43b5b91b5aceb7cb157be530 SHA256 9288292457f8c8de77b04eab651b547dd6506a03453ed93294577e2fb4f3c67b -AUX cups-1.2.12-CVE-2008-0047.patch 495 RMD160 860037881672352969caca5a12c9a2592d31643c SHA1 8b1e7071c97e38df6cd33b7cae6a4f34d6d2bd60 SHA256 8edca38a6859360b27fd346e7d681ca864a9e83612f6362072af349ce2ab768f -AUX cups-1.2.12-CVE-2008-0053.patch 1509 RMD160 f8aa4d6f9722b4adf78d5546005d757e4abf1501 SHA1 e6ff84536f371f9d2b59c5f8fdb773b81a9e4b30 SHA256 7164d26aa572ae759644059ff3a2d1ff4e4f67515bcb57eb54bc358a87c649fe -AUX cups-1.2.12-CVE-2008-0882.patch 1090 RMD160 f6de4e0a4ebcb70f4969cbcb2cba38e5a98366c5 SHA1 3c834957b3fb625cdde4a0c21e5916c6a8c1667f SHA256 9168456e294e1ca30868580028ab79d68d31aaf208687f80699e3e30f3ad77e6 -AUX cups-1.2.12-CVE-2008-1373.patch 581 RMD160 04990465c98c38a90fec6daf7abe86f09b6abab3 SHA1 1f8813397ceaee5331e7200e61aecc1113a73c7a SHA256 a939de93c6e0206d939fb3e441062d3fb90b96b644c11a8ae0712db482dc9a64 -AUX cups-1.2.12-CVE-2008-1722.patch 1457 RMD160 5c887ad9b824c1e41f7a4894f757d03f5c76a585 SHA1 6d4a18b4845b492ac57f66be87c6d8871b959e36 SHA256 128a24d748df573dd8e92b8cf54b78ec217e40ad60b5a52411de731290d14e98 AUX cups-1.3.0-configure.patch 651 RMD160 e4c7f45d7ddc28157433bf025c7f946c7e3b6d6a SHA1 101bf1893b56640d9fa82078e29319fbbd1449c7 SHA256 d6e5e60a982a3c093c0d0f89cf865e2b4c36290f5b1e188b7bf305d210070736 AUX cups-1.3.7-backend-https.patch 450 RMD160 9a1ad48d2be40c89510ccc512649f0a2eb5543b0 SHA1 d3dd55fcdee47855d6b7c1443adb6c2b3d8c9cdb SHA256 060f929ae3eae5dc411ce6352a0d50c3296b013974f034fc2ad8d6bb0c81b45a AUX cups-1.3.8-CVE-2008-3639.patch 1098 RMD160 0c258e91ae4ac3c85facfb6d0adaa43d753a0ebd SHA1 487549912c483cc5dcd9b097da9e43f6f75306cc SHA256 92ced97fb6af55416f2968878ef90a97d76bdfdbb91b9f204a3fac6dbc77c58f @@ -13,16 +5,11 @@ AUX cups-1.3.8-CVE-2008-3640.patch 2487 RMD160 5c0180fdbf7521c651de7f0aeaddf2384 AUX cups-1.3.8-CVE-2008-3641.patch 4066 RMD160 42eb0aba35a2df15a32a68ba255675cc5550d4df SHA1 4c0fd2844091d3a73cf34bb0ec022cc62dbe9b86 SHA256 fa053a07ea03cd8b5d8345acc5ab91efb40bd2fe42e03ac08921d4bdb0073719 AUX cups-1.3.8-str2892-1.3.patch 2587 RMD160 6a189f1921760833028302619515a0ae895f2978 SHA1 befc3c7849bc5a53e29c9c3b26fb708ee8dc43f8 SHA256 b75b30ed996eb41baeb6e5dc35c82883e9e4d27c2c1febe0f09b2e9018184c2f AUX cups-1.3.8-str2924.patch 2296 RMD160 dc80896b4a12834be0c99ee82623cbee78c33754 SHA1 1f29545527a98c1371b52db5a148c31494ae9361 SHA256 a0ac058f3f276d73a1e2494cdadd30fae6941b87aa703cf8db6c6da8b0cafa44 -AUX cupsd.init 288 RMD160 9bd676af5b43a97ba08ca51f70cefb445faeb8b8 SHA1 922868e1a6acb81b83e87a3c6905149789f16503 SHA256 008eeadc4979ad0e1f05e8ce5d22449eb798375e75ffc3176cbef138a53de4f9 AUX cupsd.init.d 293 RMD160 19fbef21cee7e472e7028f3101b680baa0089c54 SHA1 e6b27b2638fec258fe2f55c926c2530e909ca3d2 SHA256 b4268a6bae95e96b6af21c3716ecc905073736ce7dc33be1489d574a447f3c48 AUX pdftops-1.20.gentoo 10412 RMD160 16e229662c47e03af1d1f4cb5764a76d17a66642 SHA1 6afb8a655b6ff013a2c8c8cbfb615ba1e561503b SHA256 ac5fa01ca776d75bd7cef62eef9f6b0c3945ee87e8950b40ca9f9f3ff46a16c1 -DIST cups-1.2.12-source.tar.bz2 3788301 RMD160 598270e37ff8a9b9ff1e667066d6f7e120493e32 SHA1 11a540f76a1d3164b6636bf8ba47928803ad9356 SHA256 b4ff8e934da7db32d5654360ea9068faa0ed5a00fde02161ae53c2052510d00f DIST cups-1.3.8-source.tar.bz2 3978390 RMD160 dc077c748ea7c8df7333260a96c7527a9b8d7c9e SHA1 3943608111426722ea6a2e0db588636b013acc1a SHA256 d488980f84ad0e6044a67859144306980624cafb654eb0cab071b3e46fee6e1d DIST cups-1.3.9-source.tar.bz2 3993875 RMD160 ec8bd9fc6ee45648b6eb22949f44fc4cf2defd4e SHA1 c1a596b355201320456b393446286fe3947bce16 SHA256 38856ab4b8bcf51be2bed1f554cd8089c1f2448a6979c055762b49eda82a6b6b -EBUILD cups-1.2.12-r4.ebuild 6960 RMD160 b96f268072dcb2b0ea12e558e805d24cc8e079e2 SHA1 effa314d1e1316edaed7b632859d0fd87b8d9a68 SHA256 7001a6a77195205b56ffdf0fcba29e947c0d2297215019c5f1e6c94a3f6dd90b -EBUILD cups-1.2.12-r8.ebuild 7345 RMD160 432b1358acd21dca138b53f9a311da29b7cf2d35 SHA1 2d838790aa923ba01469c03b7b2ce56674a28108 SHA256 5552d06ec6ddde542dda6038075191785b91f950e3551ad64ed830037aa7bd65 -EBUILD cups-1.3.8-r1.ebuild 8652 RMD160 9d833c48880665faa248a3b3aef2d20dc07374f9 SHA1 40726d8675f424c20c9bd3dfbdf56c464610b084 SHA256 ace62036d3aef4eae5333e7c5cca32d5bb5dff4955a8acaa5162c7de78c3a951 EBUILD cups-1.3.8-r2.ebuild 8903 RMD160 edbf3b92b5b850715423aa963ed31154daf9fd26 SHA1 618dea72e4175cd4ef88e9a17f946b5caffed90f SHA256 75cd39ef82d3300e3d7c335820e21e519dbaa2073e34718c99a1f6bf75fa5244 EBUILD cups-1.3.9.ebuild 8496 RMD160 156ecba317ce05d7674cf41b22f6b40dc361994f SHA1 85d9b9c7e2f1f8e682fe702debce2ea28762aeae SHA256 7e37057eff4139e3ca7c93801255af41bc3ac413de26e8decf65ad68936f121f -MISC ChangeLog 49106 RMD160 99a09bab8c3c02f0b6ca5fe5707aa143034fa9db SHA1 af8fcbaf96eea89070aebc7628fcf1e8955ef3c8 SHA256 222d7cf5aa7ef357e08f4f455db796c50ffe62cf932999d7a366569344fe0262 +MISC ChangeLog 49649 RMD160 32eb41892465fd2fc2c2d38a96823bdec1e4a134 SHA1 0e799548fe2ff079bb1fd0f876e49918eb85f816 SHA256 eead66f923496f632d907c14cb4e33a02427a6027d3aa338a82aa2ec41c766fa MISC metadata.xml 161 RMD160 1e5b1e42553c8869b93c4a5448e9a2a2ed9fe525 SHA1 209c6a46e4cdd891980115e42ba419e3799f8088 SHA256 7c85e6739a71f5bb23e8de36c88677d772946e61f7285892f7554e37bd2bca76 diff --git a/net-print/cups/cups-1.2.12-r4.ebuild b/net-print/cups/cups-1.2.12-r4.ebuild deleted file mode 100644 index 24a83d8f8fea..000000000000 --- a/net-print/cups/cups-1.2.12-r4.ebuild +++ /dev/null @@ -1,231 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.2.12-r4.ebuild,v 1.8 2008/10/10 19:38:50 tgurr Exp $ - -WANT_AUTOMAKE=latest - -inherit autotools eutils flag-o-matic multilib pam - -MY_P=${P/_} - -DESCRIPTION="The Common Unix Printing System" -HOMEPAGE="http://www.cups.org/" -SRC_URI="mirror://sourceforge/cups/${MY_P}-source.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="arm m68k s390 sh" -IUSE="ldap ssl slp pam php samba nls dbus tiff png ppds jpeg X" - -DEP="pam? ( virtual/pam ) - ssl? ( net-libs/gnutls ) - slp? ( >=net-libs/openslp-1.0.4 ) - ldap? ( net-nds/openldap ) - dbus? ( sys-apps/dbus ) - png? ( >=media-libs/libpng-1.2.1 ) - tiff? ( >=media-libs/tiff-3.5.5 ) - jpeg? ( >=media-libs/jpeg-6b ) - php? ( dev-lang/php ) - app-text/libpaper" -DEPEND="${DEP} - !<net-print/foomatic-filters-ppds-20070501 - !<net-print/hplip-1.7.4a-r1 - nls? ( sys-devel/gettext )" -RDEPEND="${DEP} - nls? ( virtual/libintl ) - !virtual/lpr - >=app-text/poppler-0.4.3-r1 - X? ( x11-misc/xdg-utils )" - -PDEPEND=" - ppds? ( || ( - ( - net-print/foomatic-filters-ppds - net-print/foomatic-db-ppds - ) - net-print/foomatic-filters-ppds - net-print/foomatic-db-ppds - net-print/hplip - net-print/gutenprint - net-print/foo2zjs - net-print/cups-pdf - ) ) - samba? ( >=net-fs/samba-3.0.8 ) - virtual/ghostscript" -PROVIDE="virtual/lpr" - -# upstream includes an interactive test which is a nono for gentoo. -# therefore, since the printing herd has bigger fish to fry, for now, -# we just leave it out, even if FEATURES=test -RESTRICT="test" - -S=${WORKDIR}/${MY_P} - -pkg_setup() { - if use x86 && [ -d "/usr/lib64" ] - then - eerror "You are running an x86 system, but /usr/lib64 exists, cups will install all library objects into this directory!" - eerror "You should remove /usr/lib64, but before you do, you should check for existing objects, and re-compile all affected packages." - eerror "You can use qfile (emerge portage-utils to install qfile) to get a list of the affected ebuilds:" - eerror "# qfile -qC /usr/lib64" - die "lib64 on x86 detected" - fi - - enewgroup lp - enewuser lp -1 -1 -1 lp - - enewgroup lpadmin 106 -} - -src_unpack() { - unpack ${A} - cd "${S}" - - # CVE-2007-4045 security patch, bug #199195 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2007-4045.patch - # CVE-2007-4351 security patch, bug #196736 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2007-4351.patch - # CVE-2007-5849 security patch, bug #201570 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2007-5849.patch - - # cups does not use autotools "the usual way" and ship a static config.h.in - eaclocal - eautoconf -} - -src_compile() { - export DSOFLAGS="${LDFLAGS}" - - if use ldap; then - append-flags -DLDAP_DEPRECATED - fi - - econf \ - --with-cups-user=lp \ - --with-cups-group=lp \ - --with-system-groups=lpadmin \ - --localstatedir=/var \ - --with-docdir=/usr/share/cups/html \ - $(use_enable pam) \ - $(use_enable ssl) \ - --enable-gnutls \ - $(use_enable slp) \ - $(use_enable nls) \ - $(use_enable dbus) \ - $(use_enable png) \ - $(use_enable jpeg) \ - $(use_enable tiff) \ - $(use_with php) \ - $(use_enable ldap) \ - --enable-libpaper \ - --enable-threads \ - --enable-static \ - --disable-pdftops \ - || die "econf failed" - - # Install in /usr/libexec always, instead of using /usr/lib/cups, as that - # makes more sense when facing multilib support. - sed -i -e 's:SERVERBIN.*:SERVERBIN = $(BUILDROOT)/usr/libexec/cups:' Makedefs - sed -i -e 's:#define CUPS_SERVERBIN.*:#define CUPS_SERVERBIN "/usr/libexec/cups":' config.h - sed -i -e 's:cups_serverbin=.*:cups_serverbin=/usr/libexec/cups:' cups-config - - emake || die "emake failed" -} - -src_install() { - emake BUILDROOT="${D}" install || die "emake install failed" - dodoc {CHANGES{,-1.{0,1}},CREDITS,LICENSE,README}.txt - - # clean out cups init scripts - rm -rf "${D}"/etc/{init.d/cups,rc*,pam.d/cups} - # install our init scripts - newinitd "${FILESDIR}"/cupsd.init cupsd - # install our pam script - pamd_mimic_system cups auth account - - # correct path - sed -i -e "s:server = .*:server = /usr/libexec/cups/daemon/cups-lpd:" "${D}"/etc/xinetd.d/cups-lpd - # it is safer to disable this by default, bug 137130 - grep -w 'disable' "${D}"/etc/xinetd.d/cups-lpd || \ - sed -i -e "s:}:\tdisable = yes\n}:" "${D}"/etc/xinetd.d/cups-lpd - - # install pdftops filter - exeinto /usr/libexec/cups/filter/ - newexe "${FILESDIR}"/pdftops-1.20.gentoo pdftops - - # only for gs-esp this is correct, see bug 163897 - if has_version app-text/ghostscript-gpl || has_version app-text/ghostscript-gnu; then - sed -i -e "s:#application/vnd.cups-postscript:application/vnd.cups-postscript:" "${D}"/etc/cups/mime.convs - fi - - keepdir /usr/share/cups/profiles /usr/libexec/cups/driver /var/log/cups \ - /var/run/cups/certs /var/cache/cups /var/spool/cups/tmp /etc/cups/ssl - - # .desktop handling. X useflag. xdg-open from freedesktop is preferred - if use X; then - sed -i -e "s:htmlview:xdg-open:" "${D}"/usr/share/applications/cups.desktop - else - rm -r "${D}"/usr/share/applications - fi - - # Fix a symlink collision, see bug #172341 - dodir /usr/share/ppd - dosym /usr/share/ppd /usr/share/cups/model/foomatic-ppds -} - -pkg_preinst() { - # cleanups - [ -n "${PN}" ] && rm -fR "${ROOT}"/usr/share/doc/${PN}-* - has_version "=${CATEGORY}/${PN}-1.1*" - upgrade_from_1_1=$? -} - -pkg_postinst() { - echo - elog "Remote printing: change " - elog "Listen localhost:631" - elog "to" - elog "Listen *:631" - elog "in /etc/cups/cupsd.conf" - echo - elog "For more information about installing a printer take a look at:" - elog "http://www.gentoo.org/doc/en/printing-howto.xml." - echo - - local good_gs=false - for x in app-text/ghostscript-gpl app-text/ghostscript-gnu app-text/ghostscript-esp; do - if has_version ${x} && built_with_use ${x} cups; then - good_gs=true - break - fi - done; - if ! ${good_gs}; then - ewarn - ewarn "You need to emerge ghostscript with the \"cups\" USE flag turned on" - fi - if [[ $upgrade_from_1_1 = 0 ]] ; then - ewarn - ewarn "The configuration changed with cups-1.2, you may want to save the old" - ewarn "one and start from scratch:" - ewarn "# mv /etc/cups /etc/cups.orig; emerge -va1 cups" - ewarn - ewarn "You need to rebuild kdelibs for kdeprinter to work with cups-1.2" - fi - if [ -e "${ROOT}"/usr/lib/cups ]; then - ewarn - ewarn "/usr/lib/cups exists - You need to remerge every ebuild that" - ewarn "installed into /usr/lib/cups and /etc/cups, qfile is in portage-utils:" - ewarn "# FEATURES=-collision-protect emerge -va1 \$(qfile -qC /usr/lib/cups /etc/cups | sed \"s:net-print/cups$::\")" - ewarn - ewarn "FEATURES=-collision-protect is needed to overwrite the compatibility" - ewarn "symlinks installed by this package, it wont be needed on later merges." - ewarn "You should also run revdep-rebuild" - - # place symlinks to make the update smoothless - for i in "${ROOT}"/usr/lib/cups/{backend,filter}/*; do - if [ "${i/\*}" == "${i}" ] && ! [ -e ${i/lib/libexec} ]; then - ln -s ${i} ${i/lib/libexec} - fi - done - fi -} diff --git a/net-print/cups/cups-1.2.12-r8.ebuild b/net-print/cups/cups-1.2.12-r8.ebuild deleted file mode 100644 index 5fa3c4107615..000000000000 --- a/net-print/cups/cups-1.2.12-r8.ebuild +++ /dev/null @@ -1,237 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.2.12-r8.ebuild,v 1.11 2008/10/10 20:26:35 tgurr Exp $ - -inherit autotools eutils flag-o-matic multilib pam - -MY_P=${P/_} - -DESCRIPTION="The Common Unix Printing System" -HOMEPAGE="http://www.cups.org/" -SRC_URI="mirror://sourceforge/cups/${MY_P}-source.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~arm ~m68k ~s390 ~sh" -IUSE="ldap ssl slp pam php samba nls dbus tiff png ppds jpeg X" - -DEP="pam? ( virtual/pam ) - ssl? ( net-libs/gnutls ) - slp? ( >=net-libs/openslp-1.0.4 ) - ldap? ( net-nds/openldap ) - dbus? ( sys-apps/dbus ) - png? ( >=media-libs/libpng-1.2.1 ) - tiff? ( >=media-libs/tiff-3.5.5 ) - jpeg? ( >=media-libs/jpeg-6b ) - php? ( dev-lang/php ) - app-text/libpaper" -DEPEND="${DEP} - !<net-print/foomatic-filters-ppds-20070501 - !<net-print/hplip-1.7.4a-r1 - nls? ( sys-devel/gettext )" -RDEPEND="${DEP} - nls? ( virtual/libintl ) - !virtual/lpr - >=app-text/poppler-0.4.3-r1 - X? ( x11-misc/xdg-utils )" - -PDEPEND=" - ppds? ( || ( - ( - net-print/foomatic-filters-ppds - net-print/foomatic-db-ppds - ) - net-print/foomatic-filters-ppds - net-print/foomatic-db-ppds - net-print/hplip - net-print/gutenprint - net-print/foo2zjs - net-print/cups-pdf - ) ) - samba? ( >=net-fs/samba-3.0.8 ) - virtual/ghostscript" -PROVIDE="virtual/lpr" - -# upstream includes an interactive test which is a nono for gentoo. -# therefore, since the printing herd has bigger fish to fry, for now, -# we just leave it out, even if FEATURES=test -RESTRICT="test" - -S="${WORKDIR}/${MY_P}" - -pkg_setup() { - if use x86 && [ -d "/usr/lib64" ] - then - eerror "You are running an x86 system, but /usr/lib64 exists, cups will install all library objects into this directory!" - eerror "You should remove /usr/lib64, but before you do, you should check for existing objects, and re-compile all affected packages." - eerror "You can use qfile (emerge portage-utils to install qfile) to get a list of the affected ebuilds:" - eerror "# qfile -qC /usr/lib64" - die "lib64 on x86 detected" - fi - - enewgroup lp - enewuser lp -1 -1 -1 lp - - enewgroup lpadmin 106 -} - -src_unpack() { - unpack ${A} - cd "${S}" - - # CVE-2007-4351 security patch, bug #196736 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2007-4351.patch - # CVE-2007-5849 security patch, bug #201570 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2007-5849.patch - # CVE-2008-0047 security patch, bug #212364 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-0047.patch - # CVE-2008-0053 security patch, bug #214068 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-0053.patch - # CVE-2008-0882 security patch, bug #211449 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-0882.patch - # CVE-2008-1373 security patch, bug #214068 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-1373.patch - # CVE-2008-1722 security patch, bug #217232 - epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-1722.patch - - # cups does not use autotools "the usual way" and ship a static config.h.in - eaclocal - eautoconf -} - -src_compile() { - export DSOFLAGS="${LDFLAGS}" - - if use ldap; then - append-flags -DLDAP_DEPRECATED - fi - - econf \ - --with-cups-user=lp \ - --with-cups-group=lp \ - --with-system-groups=lpadmin \ - --localstatedir=/var \ - --with-docdir=/usr/share/cups/html \ - $(use_enable pam) \ - $(use_enable ssl) \ - --enable-gnutls \ - $(use_enable slp) \ - $(use_enable nls) \ - $(use_enable dbus) \ - $(use_enable png) \ - $(use_enable jpeg) \ - $(use_enable tiff) \ - $(use_with php) \ - $(use_enable ldap) \ - --enable-libpaper \ - --enable-threads \ - --enable-static \ - --disable-pdftops \ - || die "econf failed" - - # Install in /usr/libexec always, instead of using /usr/lib/cups, as that - # makes more sense when facing multilib support. - sed -i -e 's:SERVERBIN.*:SERVERBIN = $(BUILDROOT)/usr/libexec/cups:' Makedefs - sed -i -e 's:#define CUPS_SERVERBIN.*:#define CUPS_SERVERBIN "/usr/libexec/cups":' config.h - sed -i -e 's:cups_serverbin=.*:cups_serverbin=/usr/libexec/cups:' cups-config - - emake || die "emake failed" -} - -src_install() { - emake BUILDROOT="${D}" install || die "emake install failed" - dodoc {CHANGES{,-1.{0,1}},CREDITS,LICENSE,README}.txt - - # clean out cups init scripts - rm -rf "${D}"/etc/{init.d/cups,rc*,pam.d/cups} - # install our init scripts - newinitd "${FILESDIR}"/cupsd.init cupsd - # install our pam script - pamd_mimic_system cups auth account - - # correct path - sed -i -e "s:server = .*:server = /usr/libexec/cups/daemon/cups-lpd:" "${D}"/etc/xinetd.d/cups-lpd - # it is safer to disable this by default, bug 137130 - grep -w 'disable' "${D}"/etc/xinetd.d/cups-lpd || \ - sed -i -e "s:}:\tdisable = yes\n}:" "${D}"/etc/xinetd.d/cups-lpd - - # install pdftops filter - exeinto /usr/libexec/cups/filter/ - newexe "${FILESDIR}"/pdftops-1.20.gentoo pdftops - - # only for gs-esp this is correct, see bug 163897 - if has_version app-text/ghostscript-gpl || has_version app-text/ghostscript-gnu; then - sed -i -e "s:#application/vnd.cups-postscript:application/vnd.cups-postscript:" "${D}"/etc/cups/mime.convs - fi - - keepdir /usr/share/cups/profiles /usr/libexec/cups/driver /var/log/cups \ - /var/run/cups/certs /var/cache/cups /var/spool/cups/tmp /etc/cups/ssl - - # .desktop handling. X useflag. xdg-open from freedesktop is preferred - if use X; then - sed -i -e "s:htmlview:xdg-open:" "${D}"/usr/share/applications/cups.desktop - else - rm -r "${D}"/usr/share/applications - fi - - # Fix a symlink collision, see bug #172341 - dodir /usr/share/ppd - dosym /usr/share/ppd /usr/share/cups/model/foomatic-ppds -} - -pkg_preinst() { - # cleanups - [ -n "${PN}" ] && rm -fR "${ROOT}"/usr/share/doc/${PN}-* - has_version "=${CATEGORY}/${PN}-1.1*" - upgrade_from_1_1=$? -} - -pkg_postinst() { - echo - elog "Remote printing: change " - elog "Listen localhost:631" - elog "to" - elog "Listen *:631" - elog "in /etc/cups/cupsd.conf" - echo - elog "For more information about installing a printer take a look at:" - elog "http://www.gentoo.org/doc/en/printing-howto.xml." - echo - - local good_gs=false - for x in app-text/ghostscript-gpl app-text/ghostscript-gnu app-text/ghostscript-esp; do - if has_version ${x} && built_with_use ${x} cups; then - good_gs=true - break - fi - done; - if ! ${good_gs}; then - ewarn - ewarn "You need to emerge ghostscript with the \"cups\" USE flag turned on" - fi - if [[ $upgrade_from_1_1 = 0 ]] ; then - ewarn - ewarn "The configuration changed with cups-1.2, you may want to save the old" - ewarn "one and start from scratch:" - ewarn "# mv /etc/cups /etc/cups.orig; emerge -va1 cups" - ewarn - ewarn "You need to rebuild kdelibs for kdeprinter to work with cups-1.2" - fi - if [ -e "${ROOT}"/usr/lib/cups ]; then - ewarn - ewarn "/usr/lib/cups exists - You need to remerge every ebuild that" - ewarn "installed into /usr/lib/cups and /etc/cups, qfile is in portage-utils:" - ewarn "# FEATURES=-collision-protect emerge -va1 \$(qfile -qC /usr/lib/cups /etc/cups | sed \"s:net-print/cups$::\")" - ewarn - ewarn "FEATURES=-collision-protect is needed to overwrite the compatibility" - ewarn "symlinks installed by this package, it wont be needed on later merges." - ewarn "You should also run revdep-rebuild" - - # place symlinks to make the update smoothless - for i in "${ROOT}"/usr/lib/cups/{backend,filter}/*; do - if [ "${i/\*}" == "${i}" ] && ! [ -e ${i/lib/libexec} ]; then - ln -s ${i} ${i/lib/libexec} - fi - done - fi -} diff --git a/net-print/cups/cups-1.3.8-r1.ebuild b/net-print/cups/cups-1.3.8-r1.ebuild deleted file mode 100644 index 3ce36e19603f..000000000000 --- a/net-print/cups/cups-1.3.8-r1.ebuild +++ /dev/null @@ -1,295 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.3.8-r1.ebuild,v 1.11 2008/11/01 06:50:26 vapier Exp $ - -inherit autotools eutils flag-o-matic multilib pam - -MY_P=${P/_} - -DESCRIPTION="The Common Unix Printing System" -HOMEPAGE="http://www.cups.org/" -SRC_URI="http://ftp.easysw.com/pub/cups/${PV}/${MY_P}-source.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd" -IUSE="acl avahi dbus gnutls java jpeg kerberos ldap pam perl php png ppds python samba slp ssl static tiff X xinetd zeroconf" - -COMMON_DEPEND="acl? ( kernel_linux? ( sys-apps/acl sys-apps/attr ) ) - avahi? ( net-dns/avahi ) - dbus? ( sys-apps/dbus ) - gnutls? ( net-libs/gnutls ) - java? ( >=virtual/jre-1.4 ) - jpeg? ( >=media-libs/jpeg-6b ) - kerberos? ( virtual/krb5 ) - ldap? ( net-nds/openldap ) - pam? ( virtual/pam ) - perl? ( dev-lang/perl ) - php? ( dev-lang/php ) - png? ( >=media-libs/libpng-1.2.1 ) - python? ( dev-lang/python ) - slp? ( >=net-libs/openslp-1.0.4 ) - ssl? ( !gnutls? ( >=dev-libs/openssl-0.9.8g ) ) - tiff? ( >=media-libs/tiff-3.5.5 ) - xinetd? ( sys-apps/xinetd ) - zeroconf? ( !avahi? ( net-misc/mDNSResponder ) ) - app-text/libpaper - dev-libs/libgcrypt" - -DEPEND="${COMMON_DEPEND} - !<net-print/foomatic-filters-ppds-20070501 - !<net-print/hplip-1.7.4a-r1" - -RDEPEND="${COMMON_DEPEND} - !virtual/lpr - X? ( x11-misc/xdg-utils ) - >=app-text/poppler-0.4.3-r1" - -PDEPEND=" - ppds? ( || ( - ( - net-print/foomatic-filters-ppds - net-print/foomatic-db-ppds - ) - net-print/foomatic-filters-ppds - net-print/foomatic-db-ppds - net-print/hplip - net-print/gutenprint - net-print/foo2zjs - net-print/cups-pdf - ) ) - samba? ( >=net-fs/samba-3.0.8 ) - virtual/ghostscript" - -PROVIDE="virtual/lpr" - -# upstream includes an interactive test which is a nono for gentoo. -# therefore, since the printing herd has bigger fish to fry, for now, -# we just leave it out, even if FEATURES=test -RESTRICT="test" - -S="${WORKDIR}/${MY_P}" - -LANGS="de en es et fr he id it ja pl sv zh_TW" -for X in ${LANGS} ; do - IUSE="${IUSE} linguas_${X}" -done - -pkg_setup() { - if use avahi && ! built_with_use net-dns/avahi mdnsresponder-compat ; then - echo - eerror "In order to have cups working with avahi zeroconf support, you need" - eerror "to have net-dns/avahi emerged with \"mdnsresponder-compat\" in your USE" - eerror "flag. Please add that flag, re-emerge avahi, and then emerge cups again." - die "net-dns/avahi is missing the mdnsresponder-compat feature." - fi - - enewgroup lp - enewuser lp -1 -1 -1 lp - - enewgroup lpadmin 106 -} - -src_unpack() { - unpack ${A} - cd "${S}" - - # disable configure automagic for acl/attr, upstream bug STR #2723 - epatch "${FILESDIR}/${PN}-1.3.0-configure.patch" - - # create a missing symlink to allow https printing via IPP, bug #217293 - epatch "${FILESDIR}/${PN}-1.3.7-backend-https.patch" - - # Upstream fix for using the webinterface via SSL with FF3, upstream bug STR #2892 - epatch "${FILESDIR}/${PN}-1.3.8-str2892-1.3.patch" - - # cups does not use autotools "the usual way" and ship a static config.h.in - eaclocal - eautoconf -} - -src_compile() { - # needed to prevent ghostscript compile failures - use kerberos && strip-flags - - # locale support - strip-linguas ${LANGS} - - if [ -z "${LINGUAS}" ] ; then - export LINGUAS=all - fi - - export DSOFLAGS="${LDFLAGS}" - - if use ldap ; then - append-flags -DLDAP_DEPRECATED - fi - - local myconf - - if use avahi || use zeroconf ; then - myconf="${myconf} --enable-dnssd" - else - myconf="${myconf} --disable-dnssd" - fi - - if use ssl || use gnutls ; then - myconf="${myconf} \ - $(use_enable gnutls) \ - $(use_enable !gnutls openssl)" - else - myconf="${myconf} \ - --disable-gnutls \ - --disable-openssl" - fi - - econf \ - --libdir=/usr/$(get_libdir) \ - --localstatedir=/var \ - --with-cups-user=lp \ - --with-cups-group=lp \ - --with-docdir=/usr/share/cups/html \ - --with-languages=${LINGUAS} \ - --with-system-groups=lpadmin \ - --with-xinetd=/etc/xinetd.d \ - $(use_enable acl) \ - $(use_enable dbus) \ - $(use_enable jpeg) \ - $(use_enable kerberos gssapi) \ - $(use_enable ldap) \ - $(use_enable pam) \ - $(use_enable png) \ - $(use_enable slp) \ - $(use_enable static) \ - $(use_enable tiff) \ - $(use_with java) \ - $(use_with perl) \ - $(use_with php) \ - $(use_with python) \ - --enable-libpaper \ - --enable-threads \ - --disable-pdftops \ - ${myconf} \ - || die "econf failed" - - # install in /usr/libexec always, instead of using /usr/lib/cups, as that - # makes more sense when facing multilib support. - sed -i -e 's:SERVERBIN.*:SERVERBIN = "$(BUILDROOT)"/usr/libexec/cups:' Makedefs - sed -i -e 's:#define CUPS_SERVERBIN.*:#define CUPS_SERVERBIN "/usr/libexec/cups":' config.h - sed -i -e 's:cups_serverbin=.*:cups_serverbin=/usr/libexec/cups:' cups-config - - emake || die "emake failed" -} - -src_install() { - emake BUILDROOT="${D}" install || die "emake install failed" - dodoc {CHANGES{,-1.{0,1}},CREDITS,README}.txt || die "dodoc install failed" - - # clean out cups init scripts - rm -rf "${D}"/etc/{init.d/cups,rc*,pam.d/cups} - - # install our init script - local neededservices - use avahi && neededservices="$neededservices avahi-daemon" - use dbus && neededservices="$neededservices dbus" - use zeroconf && ! use avahi && neededservices="$neededservices mDNSResponderPosix" - [[ -n ${neededservices} ]] && neededservices="need${neededservices}" - sed -e "s/@neededservices@/$neededservices/" "${FILESDIR}"/cupsd.init.d > "${T}"/cupsd - doinitd "${T}"/cupsd - - # install our pam script - pamd_mimic_system cups auth account - - if use xinetd ; then - # correct path - sed -i -e "s:server = .*:server = /usr/libexec/cups/daemon/cups-lpd:" "${D}"/etc/xinetd.d/cups-lpd - # it is safer to disable this by default, bug #137130 - grep -w 'disable' "${D}"/etc/xinetd.d/cups-lpd || \ - sed -i -e "s:}:\tdisable = yes\n}:" "${D}"/etc/xinetd.d/cups-lpd - else - rm -rf "${D}"/etc/xinetd.d - fi - - # install pdftops filter - exeinto /usr/libexec/cups/filter/ - newexe "${FILESDIR}"/pdftops-1.20.gentoo pdftops - - # only for gs-esp this is correct, see bug #163897 - if has_version app-text/ghostscript-gpl || has_version app-text/ghostscript-gnu ; then - sed -i -e "s:#application/vnd.cups-postscript:application/vnd.cups-postscript:" "${D}"/etc/cups/mime.convs - fi - - keepdir /usr/share/cups/profiles /usr/libexec/cups/driver /var/log/cups \ - /var/run/cups/certs /var/cache/cups /var/spool/cups/tmp /etc/cups/ssl - - # .desktop handling. X useflag. xdg-open from freedesktop is preferred, upstream bug STR #2724. - if use X ; then - sed -i -e "s:htmlview:xdg-open:" "${D}"/usr/share/applications/cups.desktop - else - rm -r "${D}"/usr/share/applications - fi - - # fix a symlink collision, see bug #172341 - dodir /usr/share/ppd - dosym /usr/share/ppd /usr/share/cups/model/foomatic-ppds - - # create RSS feed directory - diropts -m 0740 -o lp -g lp - dodir /var/cache/cups/rss - - # create /etc/cups/client.conf, bug #196967 - echo "ServerName localhost" >> "${D}"/etc/cups/client.conf -} - -pkg_preinst() { - # cleanups - [ -n "${PN}" ] && rm -fR "${ROOT}"/usr/share/doc/"${PN}"-* - has_version "=${CATEGORY}/${PN}-1.2*" - upgrade_from_1_2=$? -} - -pkg_postinst() { - echo - elog "For information about installing a printer and general cups setup" - elog "take a look at: http://www.gentoo.org/doc/en/printing-howto.xml" - echo - - local good_gs=false - for x in app-text/ghostscript-gpl app-text/ghostscript-gnu app-text/ghostscript-esp ; do - if has_version ${x} && built_with_use ${x} cups ; then - good_gs=true - break - fi - done - if ! ${good_gs} ; then - echo - ewarn "You need to emerge ghostscript with the \"cups\" USE flag turned on." - echo - fi - - if [[ $upgrade_from_1_2 = 0 ]] ; then - echo - ewarn "You have upgraded from an older cups version. Please make sure" - ewarn "to run \"etc-update\" and \"revdep-rebuild\" NOW." - echo - fi - - if [ -e "${ROOT}"/usr/lib/cups ] ; then - echo - ewarn "/usr/lib/cups exists - You need to remerge every ebuild that" - ewarn "installed into /usr/lib/cups and /etc/cups, qfile is in portage-utils:" - ewarn "# FEATURES=-collision-protect emerge -va1 \$(qfile -qC /usr/lib/cups /etc/cups | sed \"s:net-print/cups$::\")" - echo - ewarn "FEATURES=-collision-protect is needed to overwrite the compatibility" - ewarn "symlinks installed by this package, it won't be needed on later merges." - ewarn "You should also run revdep-rebuild" - echo - - # place symlinks to make the update smoothless - for i in "${ROOT}"/usr/lib/cups/{backend,filter}/* ; do - if [ "${i/\*}" == "${i}" ] && ! [ -e ${i/lib/libexec} ] ; then - ln -s ${i} ${i/lib/libexec} - fi - done - fi -} diff --git a/net-print/cups/files/cups-1.2.12-CVE-2007-4045.patch b/net-print/cups/files/cups-1.2.12-CVE-2007-4045.patch deleted file mode 100644 index e28a7bb4ff9d..000000000000 --- a/net-print/cups/files/cups-1.2.12-CVE-2007-4045.patch +++ /dev/null @@ -1,58 +0,0 @@ -diff -up cups-1.2.4/scheduler/client.c.CVE-2007-4045 cups-1.2.4/scheduler/client.c ---- cups-1.2.4/scheduler/client.c.CVE-2007-4045 2007-10-30 09:51:04.000000000 +0000 -+++ cups-1.2.4/scheduler/client.c 2007-10-30 10:07:10.000000000 +0000 -@@ -105,6 +105,25 @@ static int write_file(cupsd_client_t *c - struct stat *filestats); - - -+void -+_cupsdFixClientsBIO(void) -+{ -+#ifdef HAVE_LIBSSL -+ cupsd_client_t *c; -+ BIO *bio; -+ cupsArraySave (Clients); -+ for (c = (cupsd_client_t *)cupsArrayFirst(Clients); -+ c; -+ c = (cupsd_client_t *)cupsArrayNext(Clients)) -+ { -+ bio = SSL_get_wbio(c->http.tls); -+ BIO_ctrl(bio, BIO_C_SET_FILE_PTR, 0, (char *)HTTP(c)); -+ } -+ cupsArrayRestore (Clients); -+#endif -+} -+ -+ - /* - * 'cupsdAcceptClient()' - Accept a new client. - */ -@@ -438,6 +457,7 @@ cupsdAcceptClient(cupsd_listener_t *lis) - } - - cupsArrayAdd(Clients, con); -+ _cupsdFixClientsBIO(); - - cupsdLogMessage(CUPSD_LOG_DEBUG2, - "cupsdAcceptClient: %d connected to server on %s:%d", -@@ -729,6 +749,7 @@ cupsdCloseClient(cupsd_client_t *con) /* - */ - - cupsArrayRemove(Clients, con); -+ _cupsdFixClientsBIO(); - - free(con); - } -diff -up cups-1.2.4/scheduler/main.c.CVE-2007-4045 cups-1.2.4/scheduler/main.c ---- cups-1.2.4/scheduler/main.c.CVE-2007-4045 2007-10-30 09:51:04.000000000 +0000 -+++ cups-1.2.4/scheduler/main.c 2007-10-30 09:51:05.000000000 +0000 -@@ -948,7 +948,7 @@ main(int argc, /* I - Number of comm - * Write data as needed... - */ - -- if (con->pipe_pid && FD_ISSET(con->file, input)) -+ if (con->pipe_pid && con->file >= 0 && FD_ISSET(con->file, input)) - { - /* - * Keep track of pending input from the file/pipe separately - diff --git a/net-print/cups/files/cups-1.2.12-CVE-2007-4351.patch b/net-print/cups/files/cups-1.2.12-CVE-2007-4351.patch deleted file mode 100644 index 5cd70e0a3abe..000000000000 --- a/net-print/cups/files/cups-1.2.12-CVE-2007-4351.patch +++ /dev/null @@ -1,154 +0,0 @@ -Index: ipp.c -=================================================================== ---- cups-1.2.12.orig/cups/ipp.c (revision 7023) -+++ cups-1.2.12./cups/ipp.c (working copy) -@@ -1315,6 +1315,12 @@ - { - case IPP_TAG_INTEGER : - case IPP_TAG_ENUM : -+ if (n != 4) -+ { -+ DEBUG_printf(("ippReadIO: bad value length %d!\n", n)); -+ return (IPP_ERROR); -+ } -+ - if ((*cb)(src, buffer, 4) < 4) - { - DEBUG_puts("ippReadIO: Unable to read integer value!"); -@@ -1327,6 +1333,12 @@ - value->integer = n; - break; - case IPP_TAG_BOOLEAN : -+ if (n != 1) -+ { -+ DEBUG_printf(("ippReadIO: bad value length %d!\n", n)); -+ return (IPP_ERROR); -+ } -+ - if ((*cb)(src, buffer, 1) < 1) - { - DEBUG_puts("ippReadIO: Unable to read boolean value!"); -@@ -1344,6 +1356,12 @@ - case IPP_TAG_CHARSET : - case IPP_TAG_LANGUAGE : - case IPP_TAG_MIMETYPE : -+ if (n >= sizeof(buffer)) -+ { -+ DEBUG_printf(("ippReadIO: bad value length %d!\n", n)); -+ return (IPP_ERROR); -+ } -+ - if ((*cb)(src, buffer, n) < n) - { - DEBUG_puts("ippReadIO: unable to read name!"); -@@ -1356,6 +1374,12 @@ - value->string.text)); - break; - case IPP_TAG_DATE : -+ if (n != 11) -+ { -+ DEBUG_printf(("ippReadIO: bad value length %d!\n", n)); -+ return (IPP_ERROR); -+ } -+ - if ((*cb)(src, value->date, 11) < 11) - { - DEBUG_puts("ippReadIO: Unable to date integer value!"); -@@ -1363,6 +1387,12 @@ - } - break; - case IPP_TAG_RESOLUTION : -+ if (n != 9) -+ { -+ DEBUG_printf(("ippReadIO: bad value length %d!\n", n)); -+ return (IPP_ERROR); -+ } -+ - if ((*cb)(src, buffer, 9) < 9) - { - DEBUG_puts("ippReadIO: Unable to read resolution value!"); -@@ -1379,6 +1409,12 @@ - (ipp_res_t)buffer[8]; - break; - case IPP_TAG_RANGE : -+ if (n != 8) -+ { -+ DEBUG_printf(("ippReadIO: bad value length %d!\n", n)); -+ return (IPP_ERROR); -+ } -+ - if ((*cb)(src, buffer, 8) < 8) - { - DEBUG_puts("ippReadIO: Unable to read range value!"); -@@ -1394,7 +1430,7 @@ - break; - case IPP_TAG_TEXTLANG : - case IPP_TAG_NAMELANG : -- if (n > sizeof(buffer) || n < 4) -+ if (n >= sizeof(buffer) || n < 4) - { - DEBUG_printf(("ippReadIO: bad value length %d!\n", n)); - return (IPP_ERROR); -@@ -1420,22 +1456,27 @@ - - n = (bufptr[0] << 8) | bufptr[1]; - -- if (n >= sizeof(string)) -+ if ((bufptr + 2 + n) >= (buffer + sizeof(buffer)) || -+ n >= sizeof(string)) - { -- memcpy(string, bufptr + 2, sizeof(string) - 1); -- string[sizeof(string) - 1] = '\0'; -+ DEBUG_printf(("ippReadIO: bad value length %d!\n", n)); -+ return (IPP_ERROR); - } -- else -- { -- memcpy(string, bufptr + 2, n); -- string[n] = '\0'; -- } - -+ memcpy(string, bufptr + 2, n); -+ string[n] = '\0'; -+ - value->string.charset = _cupsStrAlloc((char *)string); - - bufptr += 2 + n; - n = (bufptr[0] << 8) | bufptr[1]; - -+ if ((bufptr + 2 + n) >= (buffer + sizeof(buffer))) -+ { -+ DEBUG_printf(("ippReadIO: bad value length %d!\n", n)); -+ return (IPP_ERROR); -+ } -+ - bufptr[2 + n] = '\0'; - value->string.text = _cupsStrAlloc((char *)bufptr + 2); - break; -@@ -1477,6 +1518,12 @@ - * we need to carry over... - */ - -+ if (n >= sizeof(buffer)) -+ { -+ DEBUG_printf(("ippReadIO: bad value length %d!\n", n)); -+ return (IPP_ERROR); -+ } -+ - if ((*cb)(src, buffer, n) < n) - { - DEBUG_puts("ippReadIO: Unable to read member name value!"); -@@ -1498,6 +1545,12 @@ - break; - - default : /* Other unsupported values */ -+ if (n > sizeof(buffer)) -+ { -+ DEBUG_printf(("ippReadIO: bad value length %d!\n", n)); -+ return (IPP_ERROR); -+ } -+ - value->unknown.length = n; - if (n > 0) - { - diff --git a/net-print/cups/files/cups-1.2.12-CVE-2007-5849.patch b/net-print/cups/files/cups-1.2.12-CVE-2007-5849.patch deleted file mode 100644 index cc1c9067b904..000000000000 --- a/net-print/cups/files/cups-1.2.12-CVE-2007-5849.patch +++ /dev/null @@ -1,45 +0,0 @@ -diff -Naur cups-1.3.4/backend/snmp.c cups-1.3.4.new/backend/snmp.c ---- cups-1.3.4/backend/snmp.c 2007-07-11 23:46:42.000000000 +0200 -+++ cups-1.3.4.new/backend/snmp.c 2007-12-10 12:56:12.680574919 +0100 -@@ -1064,18 +1064,38 @@ - char *string, /* I - String buffer */ - int strsize) /* I - String buffer size */ - { -- if (length < strsize) -+ if (length < 0) - { -- memcpy(string, *buffer, length); -+ /* -+ * Disallow negative lengths! -+ */ -+ -+ fprintf(stderr, "ERROR: Bad ASN1 string length %d!\n", length); -+ *string = '\0'; -+ } -+ else if (length < strsize) -+ { -+ /* -+ * String is smaller than the buffer... -+ */ -+ -+ if (length > 0) -+ memcpy(string, *buffer, length); -+ - string[length] = '\0'; - } - else - { -+ /* -+ * String is larger than the buffer... -+ */ -+ - memcpy(string, buffer, strsize - 1); - string[strsize - 1] = '\0'; - } - -- (*buffer) += length; -+ if (length > 0) -+ (*buffer) += length; - - return (string); - } diff --git a/net-print/cups/files/cups-1.2.12-CVE-2008-0047.patch b/net-print/cups/files/cups-1.2.12-CVE-2008-0047.patch deleted file mode 100644 index 6eb786ff9eb4..000000000000 --- a/net-print/cups/files/cups-1.2.12-CVE-2008-0047.patch +++ /dev/null @@ -1,15 +0,0 @@ -Index: cups-1.2.12/cgi-bin/search.c -=================================================================== ---- cups-1.2.12.orig/cgi-bin/search.c -+++ cups-1.2.12/cgi-bin/search.c -@@ -171,7 +171,9 @@ cgiCompileSearch(const char *query) /* I - * string + RE overhead... - */ - -- wlen = (sptr - s) + 4 * wlen + 2 * strlen(prefix) + 4; -+ wlen = (sptr - s) + 2 * 4 * wlen + 2 * strlen(prefix) + 11; -+ if (lword) -+ wlen += strlen(lword); - - if (wlen > slen) - { diff --git a/net-print/cups/files/cups-1.2.12-CVE-2008-0053.patch b/net-print/cups/files/cups-1.2.12-CVE-2008-0053.patch deleted file mode 100644 index 8924068d6d7f..000000000000 --- a/net-print/cups/files/cups-1.2.12-CVE-2008-0053.patch +++ /dev/null @@ -1,40 +0,0 @@ -Index: cups-1.2.12/filter/hpgl-input.c -=================================================================== ---- cups-1.2.12.orig/filter/hpgl-input.c -+++ cups-1.2.12/filter/hpgl-input.c -@@ -56,6 +56,7 @@ ParseCommand(FILE *fp, /* I - File to - i; /* Looping var */ - char buf[262144], /* String buffer */ - *bufptr; /* Pointer into buffer */ -+ float temp; /* Temporary parameter value */ - static param_t p[MAX_PARAMS]; /* Parameter buffer */ - - -@@ -220,10 +221,10 @@ ParseCommand(FILE *fp, /* I - File to - case '-' : - case '+' : - ungetc(ch, fp); -- fscanf(fp, "%f", &(p[num_params].value.number)); -- if (num_params < MAX_PARAMS) -+ if (fscanf(fp, "%f", &temp) == 1 && num_params < MAX_PARAMS) - { -- p[num_params].type = PARAM_RELATIVE; -+ p[num_params].type = PARAM_RELATIVE; -+ p[num_params].value.number = temp; - num_params ++; - } - break; -@@ -239,10 +240,10 @@ ParseCommand(FILE *fp, /* I - File to - case '9' : - case '.' : - ungetc(ch, fp); -- fscanf(fp, "%f", &(p[num_params].value.number)); -- if (num_params < MAX_PARAMS) -+ if (fscanf(fp, "%f", &temp) == 1 && num_params < MAX_PARAMS) - { -- p[num_params].type = PARAM_ABSOLUTE; -+ p[num_params].type = PARAM_ABSOLUTE; -+ p[num_params].value.number = temp; - num_params ++; - } - break; diff --git a/net-print/cups/files/cups-1.2.12-CVE-2008-0882.patch b/net-print/cups/files/cups-1.2.12-CVE-2008-0882.patch deleted file mode 100644 index 655e70e01bf7..000000000000 --- a/net-print/cups/files/cups-1.2.12-CVE-2008-0882.patch +++ /dev/null @@ -1,28 +0,0 @@ -diff -up cups-1.2.4/scheduler/dirsvc.c.str2656 cups-1.2.4/scheduler/dirsvc.c ---- cups-1.2.4/scheduler/dirsvc.c.str2656 2008-02-21 13:33:06.000000000 +0000 -+++ cups-1.2.4/scheduler/dirsvc.c 2008-02-21 13:33:49.000000000 +0000 -@@ -1943,9 +1943,9 @@ process_browse_data( - if (hptr && !*hptr) - *hptr = '.'; /* Resource FQDN */ - -- if ((p = cupsdFindClass(name)) == NULL && BrowseShortNames) -+ if ((p = cupsdFindDest(name)) == NULL && BrowseShortNames) - { -- if ((p = cupsdFindClass(resource + 9)) != NULL) -+ if ((p = cupsdFindDest(resource + 9)) != NULL) - { - if (p->hostname && strcasecmp(p->hostname, host)) - { -@@ -2049,9 +2049,9 @@ process_browse_data( - if (hptr && !*hptr) - *hptr = '.'; /* Resource FQDN */ - -- if ((p = cupsdFindPrinter(name)) == NULL && BrowseShortNames) -+ if ((p = cupsdFindDest(name)) == NULL && BrowseShortNames) - { -- if ((p = cupsdFindPrinter(resource + 10)) != NULL) -+ if ((p = cupsdFindDest(resource + 10)) != NULL) - { - if (p->hostname && strcasecmp(p->hostname, host)) - { - diff --git a/net-print/cups/files/cups-1.2.12-CVE-2008-1373.patch b/net-print/cups/files/cups-1.2.12-CVE-2008-1373.patch deleted file mode 100644 index 299caa5442dd..000000000000 --- a/net-print/cups/files/cups-1.2.12-CVE-2008-1373.patch +++ /dev/null @@ -1,23 +0,0 @@ -Index: cups-1.2.12/filter/image-gif.c -=================================================================== ---- cups-1.2.12.orig/filter/image-gif.c -+++ cups-1.2.12/filter/image-gif.c -@@ -47,6 +47,8 @@ - #define GIF_INTERLACE 0x40 - #define GIF_COLORMAP 0x80 - -+#define MAX_LWZ_BITS 12 -+ - typedef cups_ib_t gif_cmap_t[256][4]; - typedef short gif_table_t[4096]; - -@@ -471,6 +473,9 @@ gif_read_image(FILE *fp, /* I - - pass = 0; - code_size = getc(fp); - -+ if (code_size > MAX_LWZ_BITS) -+ return (-1); -+ - if (gif_read_lzw(fp, 1, code_size) < 0) - return (-1); - diff --git a/net-print/cups/files/cups-1.2.12-CVE-2008-1722.patch b/net-print/cups/files/cups-1.2.12-CVE-2008-1722.patch deleted file mode 100644 index dad7dd083aea..000000000000 --- a/net-print/cups/files/cups-1.2.12-CVE-2008-1722.patch +++ /dev/null @@ -1,62 +0,0 @@ -diff -Naur cups-1.2.12/filter/image-png.c cups-1.2.12.new/filter/image-png.c ---- cups-1.2.12/filter/image-png.c 2006-05-11 13:41:36.000000000 +0200 -+++ cups-1.2.12.new/filter/image-png.c 2008-04-14 15:46:35.665695675 +0200 -@@ -179,16 +179,56 @@ - * Interlaced images must be loaded all at once... - */ - -+ size_t bufsize; /* Size of buffer */ -+ -+ - if (color_type == PNG_COLOR_TYPE_GRAY || - color_type == PNG_COLOR_TYPE_GRAY_ALPHA) -- in = malloc(img->xsize * img->ysize); -+ { -+ bufsize = img->xsize * img->ysize; -+ -+ if ((bufsize / img->ysize) != img->xsize) -+ { -+ fprintf(stderr, "DEBUG: PNG image dimensions (%ux%u) too large!\n", -+ (unsigned)width, (unsigned)height); -+ fclose(fp); -+ return (1); -+ } -+ } - else -- in = malloc(img->xsize * img->ysize * 3); -+ { -+ bufsize = img->xsize * img->ysize * 3; -+ -+ if ((bufsize / (img->ysize * 3)) != img->xsize) -+ { -+ fprintf(stderr, "DEBUG: PNG image dimensions (%ux%u) too large!\n", -+ (unsigned)width, (unsigned)height); -+ fclose(fp); -+ return (1); -+ } -+ } -+ -+ in = malloc(bufsize); - } - - bpp = cupsImageGetDepth(img); - out = malloc(img->xsize * bpp); - -+ if (!in || !out) -+ { -+ fputs("DEBUG: Unable to allocate memory for PNG image!\n", stderr); -+ -+ if (in) -+ free(in); -+ -+ if (out) -+ free(out); -+ -+ fclose(fp); -+ -+ return (1); -+ } -+ - /* - * Read the image, interlacing as needed... - */ diff --git a/net-print/cups/files/cupsd.init b/net-print/cups/files/cupsd.init deleted file mode 100644 index 9364c840721e..000000000000 --- a/net-print/cups/files/cupsd.init +++ /dev/null @@ -1,20 +0,0 @@ -#!/sbin/runscript - -depend() { - use net - after logger - before nfs - use hotplug -} - -start() { - ebegin "Starting cupsd" - start-stop-daemon --start --quiet --exec /usr/sbin/cupsd - eend $? -} - -stop() { - ebegin "Stopping cupsd" - start-stop-daemon --stop --quiet --exec /usr/sbin/cupsd - eend $? -} |