CUPS v2.3.6 for CVE-2022-26691

13 files changed, 36 insertions, 32 deletions

diff --git a/CHANGES.md b/CHANGES.md
index efc6f4fa4..9da22c8e7 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,6 +1,10 @@
 Change History
 ==============
 
+Changes in CUPS v2.3.6
+----------------------
+- CVE-2022-26691: An incorrect comparison in local admin authentication.
+
 
 Changes in CUPS v2.3.5
 ----------------------
diff --git a/INSTALL.md b/INSTALL.md
index a9482fb75..f88dfedff 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -1,4 +1,4 @@
-INSTALL - CUPS v2.3.4 - 2020-04-24 (IN PROGRESS)
+INSTALL - CUPS v2.3.6 - 2022-05-25
 ==================================
 
 This file describes how to compile and install CUPS from source code. For more
diff --git a/README.md b/README.md
index a470ecd06..f48de5367 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-README - Apple CUPS v2.3.5 - 2021-09-13
+README - Apple CUPS v2.3.6 - 2022-05-25
 =======================================
 
 > Note: Apple CUPS is the version of CUPS that is shipped with macOS and iOS.
diff --git a/config-scripts/cups-compiler.m4 b/config-scripts/cups-compiler.m4
index 2b619977c..604faf1b9 100644
--- a/config-scripts/cups-compiler.m4
+++ b/config-scripts/cups-compiler.m4
@@ -169,7 +169,7 @@ if test -n "$GCC"; then
 	fi
 
 	# Add useful warning options for tracking down problems...
-	WARNING_OPTIONS="-Wall -Wno-format-y2k -Wunused -Wno-unused-result -Wsign-conversion"
+	WARNING_OPTIONS="-Wall -Wno-format-y2k -Wunused -Wno-unused-result -Wsign-conversion  -Wno-unused-but-set-variable  -Wno-unused-variable"
 
 	# Test GCC version for certain warning flags since -Werror
 	# doesn't trigger...
@@ -182,7 +182,7 @@ if test -n "$GCC"; then
 
 	# Additional warning options for development testing...
 	if test -d .git; then
-		WARNING_OPTIONS="-Werror -Wno-error=deprecated-declarations $WARNING_OPTIONS"
+		WARNING_OPTIONS="-Werror -Wno-error=deprecated-declarations -Wno-unknown-warning-option $WARNING_OPTIONS"
 	fi
 else
 	# Add vendor-specific compiler options...
diff --git a/configure b/configure
index 0abf8c1ad..642b3058d 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for CUPS 2.3.5.
+# Generated by GNU Autoconf 2.69 for CUPS 2.3.6.
 #
 # Report bugs to <https://github.com/apple/cups/issues>.
 #
@@ -580,8 +580,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='CUPS'
 PACKAGE_TARNAME='cups'
-PACKAGE_VERSION='2.3.5'
-PACKAGE_STRING='CUPS 2.3.5'
+PACKAGE_VERSION='2.3.6'
+PACKAGE_STRING='CUPS 2.3.6'
 PACKAGE_BUGREPORT='https://github.com/apple/cups/issues'
 PACKAGE_URL='https://www.cups.org/'
 
@@ -1467,7 +1467,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures CUPS 2.3.5 to adapt to many kinds of systems.
+\`configure' configures CUPS 2.3.6 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1532,7 +1532,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of CUPS 2.3.5:";;
+     short | recursive ) echo "Configuration of CUPS 2.3.6:";;
    esac
   cat <<\_ACEOF
 
@@ -1713,7 +1713,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-CUPS configure 2.3.5
+CUPS configure 2.3.6
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2177,7 +2177,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by CUPS $as_me 2.3.5, which was
+It was created by CUPS $as_me 2.3.6, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2694,7 +2694,7 @@ done
 ac_config_headers="$ac_config_headers config.h"
 
 
-CUPS_VERSION="2.3.5"
+CUPS_VERSION="2.3.6"
 CUPS_REVISION=""
 CUPS_BUILD="cups-$CUPS_VERSION"
 
@@ -6905,7 +6905,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
 	fi
 
 	# Add useful warning options for tracking down problems...
-	WARNING_OPTIONS="-Wall -Wno-format-y2k -Wunused -Wno-unused-result -Wsign-conversion"
+	WARNING_OPTIONS="-Wall -Wno-format-y2k -Wunused -Wno-unused-result -Wsign-conversion  -Wno-unused-but-set-variable  -Wno-unused-variable"
 
 	# Test GCC version for certain warning flags since -Werror
 	# doesn't trigger...
@@ -6918,7 +6918,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
 
 	# Additional warning options for development testing...
 	if test -d .git; then
-		WARNING_OPTIONS="-Werror -Wno-error=deprecated-declarations $WARNING_OPTIONS"
+		WARNING_OPTIONS="-Werror -Wno-error=deprecated-declarations -Wno-unknown-warning-option $WARNING_OPTIONS"
 	fi
 else
 	# Add vendor-specific compiler options...
@@ -10385,7 +10385,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by CUPS $as_me 2.3.5, which was
+This file was extended by CUPS $as_me 2.3.6, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -10448,7 +10448,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-CUPS config.status 2.3.5
+CUPS config.status 2.3.6
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff --git a/configure.ac b/configure.ac
index 5ba59dd3e..f8767969d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -12,7 +12,7 @@ dnl We need at least autoconf 2.60...
 AC_PREREQ(2.60)
 
 dnl Package name and version...
-AC_INIT([CUPS], [2.3.5], [https://github.com/apple/cups/issues], [cups], [https://www.cups.org/])
+AC_INIT([CUPS], [2.3.6], [https://github.com/apple/cups/issues], [cups], [https://www.cups.org/])
 
 sinclude(config-scripts/cups-opsys.m4)
 sinclude(config-scripts/cups-common.m4)
diff --git a/cups/cups.h b/cups/cups.h
index 826e600bc..bdf9f7a18 100644
--- a/cups/cups.h
+++ b/cups/cups.h
@@ -1,7 +1,7 @@
 /*
  * API definitions for CUPS.
  *
- * Copyright © 2007-2021 by Apple Inc.
+ * Copyright © 2007-2022 by Apple Inc.
  * Copyright © 1997-2007 by Easy Software Products.
  *
  * Licensed under Apache License v2.0.  See the file "LICENSE" for more
@@ -42,10 +42,10 @@ extern "C" {
  * Constants...
  */
 
-#  define CUPS_VERSION			2.0305
+#  define CUPS_VERSION			2.0306
 #  define CUPS_VERSION_MAJOR		2
 #  define CUPS_VERSION_MINOR		3
-#  define CUPS_VERSION_PATCH		5
+#  define CUPS_VERSION_PATCH		6
 
 #  define CUPS_BC_FD			3
 					/* Back-channel file descriptor for
diff --git a/cups/cupspm.md b/cups/cupspm.md
index f271c89d3..7e03c3d65 100644
--- a/cups/cupspm.md
+++ b/cups/cupspm.md
@@ -1,8 +1,8 @@
 ---
 title: CUPS Programming Manual
 author: Michael R Sweet
-copyright: Copyright © 2007-2020 by Apple Inc. All Rights Reserved.
-version: 2.3.4
+copyright: Copyright © 2007-2022 by Apple Inc. All Rights Reserved.
+version: 2.3.6
 ...
 
 > Please [file issues on Github](https://github.com/apple/cups/issues) to
diff --git a/doc/help/cupspm.html b/doc/help/cupspm.html
index e9a80d9c3..677f2bc3c 100644
--- a/doc/help/cupspm.html
+++ b/doc/help/cupspm.html
@@ -7,8 +7,8 @@
     <meta http-equiv="Content-Type" content="text/html;charset=utf-8">
     <meta name="creator" content="codedoc v3.1">
     <meta name="author" content="Michael R Sweet">
-    <meta name="copyright" content="Copyright &#xa9; 2007-2020 by Apple Inc. All Rights Reserved.">
-    <meta name="version" content="2.3.4">
+    <meta name="copyright" content="Copyright &#xa9; 2007-2022 by Apple Inc. All Rights Reserved.">
+    <meta name="version" content="2.3.6">
     <style type="text/css"><!--
 body, p, h1, h2, h3, h4 {
   font-family: sans-serif;
diff --git a/locale/cups.pot b/locale/cups.pot
index b294b02e0..db081a50c 100644
--- a/locale/cups.pot
+++ b/locale/cups.pot
@@ -23,7 +23,7 @@
 #, fuzzy
 msgid ""
 msgstr ""
-"Project-Id-Version: CUPS 2.3.4\n"
+"Project-Id-Version: CUPS 2.3.6\n"
 "Report-Msgid-Bugs-To: https://github.com/apple/cups/issues\n"
 "POT-Creation-Date: 2019-12-18 20:19-0500\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
diff --git a/scripts/makesrcdist b/scripts/makesrcdist
index 33b2f37cc..fa8dd4efd 100755
--- a/scripts/makesrcdist
+++ b/scripts/makesrcdist
@@ -59,7 +59,7 @@ else
 		exit 1
 	fi
 
-	temp=`head -1 README.md | awk '{print $4}'`
+	temp=`head -1 README.md | awk '{print $5}'`
 	if test "$temp" != "v$version"; then
 		echo "Still need to update version to v$version in README.md (saw $temp)"
 		exit 1
diff --git a/vcnet/config.h b/vcnet/config.h
index 6e3e70e28..b74bf2e09 100644
--- a/vcnet/config.h
+++ b/vcnet/config.h
@@ -1,7 +1,7 @@
 /*
  * Configuration file for CUPS on Windows.
  *
- * Copyright © 2007-2021 by Apple Inc.
+ * Copyright © 2007-2022 by Apple Inc.
  * Copyright © 1997-2007 by Easy Software Products.
  *
  * Licensed under Apache License v2.0.  See the file "LICENSE" for more
@@ -97,8 +97,8 @@ typedef unsigned long useconds_t;
  * Version of software...
  */
 
-#define CUPS_SVERSION "CUPS v2.3.5"
-#define CUPS_MINIMAL "CUPS/2.3.5"
+#define CUPS_SVERSION "CUPS v2.3.6"
+#define CUPS_MINIMAL "CUPS/2.3.6"
 
 
 /*
diff --git a/xcode/config.h b/xcode/config.h
index 03aea505f..f05007751 100644
--- a/xcode/config.h
+++ b/xcode/config.h
@@ -1,7 +1,7 @@
 /*
  * Configuration file for CUPS and Xcode.
  *
- * Copyright 2007-2021 by Apple Inc.
+ * Copyright 2007-2022 by Apple Inc.
  * Copyright 1997-2007 by Easy Software Products.
  *
  * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
@@ -18,8 +18,8 @@
  * Version of software...
  */
 
-#define CUPS_SVERSION "CUPS v2.3.5"
-#define CUPS_MINIMAL "CUPS/2.3.5"
+#define CUPS_SVERSION "CUPS v2.3.6"
+#define CUPS_MINIMAL "CUPS/2.3.6"
 
 
 /*