diff options
| -rw-r--r-- | CHANGES.md | 11 | ||||
| -rw-r--r-- | INSTALL.md | 2 | ||||
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | config-scripts/cups-compiler.m4 | 6 | ||||
| -rwxr-xr-x | configure | 24 | ||||
| -rw-r--r-- | configure.ac | 2 | ||||
| -rw-r--r-- | cups/cups.h | 4 | ||||
| -rw-r--r-- | cups/cupspm.md | 2 | ||||
| -rw-r--r-- | cups/ipp.c | 2 | ||||
| -rw-r--r-- | cups/ppd.c | 3 | ||||
| -rw-r--r-- | doc/help/cupspm.html | 2 | ||||
| -rw-r--r-- | locale/cups.pot | 2 | ||||
| -rw-r--r-- | ppdc/ppdc-source.cxx | 16 | ||||
| -rw-r--r-- | scheduler/printers.c | 2 | ||||
| -rw-r--r-- | vcnet/config.h | 4 | ||||
| -rw-r--r-- | xcode/config.h | 4 |
16 files changed, 47 insertions, 41 deletions
diff --git a/CHANGES.md b/CHANGES.md index 6af792b82..df7289268 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,6 +1,15 @@ -CHANGES - 2.3.2 - 2019-12-18 +CHANGES - 2.3.3 - 2020-04-24 ============================ +Changes in CUPS v2.3.3 +---------------------- + +- CVE-2020-3898: The `ppdOpen` function did not handle invalid UI + constraint. `ppdcSource::get_resolution` function did not handle + invalid resolution strings. +- CVE-2019-8842: The `ippReadIO` function may under-read an extension + field. +- Fixed WARNING_OPTIONS support for GCC 9.x Changes in CUPS v2.3.2 ---------------------- diff --git a/INSTALL.md b/INSTALL.md index f8801347a..37cc94b6b 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -1,4 +1,4 @@ -INSTALL - CUPS v2.3.1 - 2019-12-13 +INSTALL - CUPS v2.3.3 - 2020-04-24 ================================== This file describes how to compile and install CUPS from source code. For more @@ -1,4 +1,4 @@ -README - CUPS v2.3.1 - 2019-12-13 +README - CUPS v2.3.3 - 2020-04-24 ================================= INTRODUCTION diff --git a/config-scripts/cups-compiler.m4 b/config-scripts/cups-compiler.m4 index 63ea1f470..86e8bc488 100644 --- a/config-scripts/cups-compiler.m4 +++ b/config-scripts/cups-compiler.m4 @@ -175,10 +175,8 @@ if test -n "$GCC"; then # doesn't trigger... gccversion=`$CC --version | head -1 | awk '{print $NF}'` case "$gccversion" in - 1.* | 2.* | 3.* | 4.* | 5.* | 6.* | \(clang-*) - ;; - *) - WARNING_OPTIONS="$WARNING_OPTIONS -Wno-format-truncation -Wno-format-overflow -Wno-tautological-compare" + 7.* | 8.*) + WARNING_OPTIONS="$WARNING_OPTIONS -Wno-format-truncation -Wno-tautological-compare" ;; esac @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for CUPS 2.3.2. +# Generated by GNU Autoconf 2.69 for CUPS 2.3.3. # # Report bugs to <https://github.com/apple/cups/issues>. # @@ -580,8 +580,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='CUPS' PACKAGE_TARNAME='cups' -PACKAGE_VERSION='2.3.2' -PACKAGE_STRING='CUPS 2.3.2' +PACKAGE_VERSION='2.3.3' +PACKAGE_STRING='CUPS 2.3.3' PACKAGE_BUGREPORT='https://github.com/apple/cups/issues' PACKAGE_URL='https://www.cups.org/' @@ -1467,7 +1467,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures CUPS 2.3.2 to adapt to many kinds of systems. +\`configure' configures CUPS 2.3.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1532,7 +1532,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of CUPS 2.3.2:";; + short | recursive ) echo "Configuration of CUPS 2.3.3:";; esac cat <<\_ACEOF @@ -1713,7 +1713,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -CUPS configure 2.3.2 +CUPS configure 2.3.3 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2177,7 +2177,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by CUPS $as_me 2.3.2, which was +It was created by CUPS $as_me 2.3.3, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2694,7 +2694,7 @@ done ac_config_headers="$ac_config_headers config.h" -CUPS_VERSION="2.3.2" +CUPS_VERSION="2.3.3" CUPS_REVISION="" CUPS_BUILD="cups-$CUPS_VERSION" @@ -6911,9 +6911,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext # doesn't trigger... gccversion=`$CC --version | head -1 | awk '{print $NF}'` case "$gccversion" in - 1.* | 2.* | 3.* | 4.* | 5.* | 6.* | \(clang-*) - ;; - *) + 7.* | 8.* | 9.*) WARNING_OPTIONS="$WARNING_OPTIONS -Wno-format-truncation -Wno-format-overflow -Wno-tautological-compare" ;; esac @@ -10387,7 +10385,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by CUPS $as_me 2.3.2, which was +This file was extended by CUPS $as_me 2.3.3, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -10450,7 +10448,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -CUPS config.status 2.3.2 +CUPS config.status 2.3.3 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index eff353b7e..dbf3bda38 100644 --- a/configure.ac +++ b/configure.ac @@ -12,7 +12,7 @@ dnl We need at least autoconf 2.60... AC_PREREQ(2.60) dnl Package name and version... -AC_INIT([CUPS], [2.3.2], [https://github.com/apple/cups/issues], [cups], [https://www.cups.org/]) +AC_INIT([CUPS], [2.3.3], [https://github.com/apple/cups/issues], [cups], [https://www.cups.org/]) sinclude(config-scripts/cups-opsys.m4) sinclude(config-scripts/cups-common.m4) diff --git a/cups/cups.h b/cups/cups.h index 6d48141e5..74955ebd6 100644 --- a/cups/cups.h +++ b/cups/cups.h @@ -42,10 +42,10 @@ extern "C" { * Constants... */ -# define CUPS_VERSION 2.0302 +# define CUPS_VERSION 2.0303 # define CUPS_VERSION_MAJOR 2 # define CUPS_VERSION_MINOR 3 -# define CUPS_VERSION_PATCH 2 +# define CUPS_VERSION_PATCH 3 # define CUPS_BC_FD 3 /* Back-channel file descriptor for diff --git a/cups/cupspm.md b/cups/cupspm.md index d4d6d7c55..b6e09baa9 100644 --- a/cups/cupspm.md +++ b/cups/cupspm.md @@ -2,7 +2,7 @@ title: CUPS Programming Manual author: Michael R Sweet copyright: Copyright © 2007-2019 by Apple Inc. All Rights Reserved. -version: 2.3.1 +version: 2.3.3 ... > Please [file issues on Github](https://github.com/apple/cups/issues) to diff --git a/cups/ipp.c b/cups/ipp.c index 1595b8b61..3d529346c 100644 --- a/cups/ipp.c +++ b/cups/ipp.c @@ -2956,7 +2956,7 @@ ippReadIO(void *src, /* I - Data source */ * Read 32-bit "extension" tag... */ - if ((*cb)(src, buffer, 4) < 1) + if ((*cb)(src, buffer, 4) < 4) { DEBUG_puts("1ippReadIO: Callback returned EOF/error"); _cupsBufferRelease((char *)buffer); diff --git a/cups/ppd.c b/cups/ppd.c index ff52df2e1..199cf0348 100644 --- a/cups/ppd.c +++ b/cups/ppd.c @@ -1719,8 +1719,7 @@ _ppdOpen( constraint->choice1, constraint->option2, constraint->choice2)) { - case 0 : /* Error */ - case 1 : /* Error */ + default : /* Error */ pg->ppd_status = PPD_BAD_UI_CONSTRAINTS; goto error; diff --git a/doc/help/cupspm.html b/doc/help/cupspm.html index 9b48cde34..fbe4f6d88 100644 --- a/doc/help/cupspm.html +++ b/doc/help/cupspm.html @@ -8,7 +8,7 @@ <meta name="creator" content="codedoc v3.1"> <meta name="author" content="Michael R Sweet"> <meta name="copyright" content="Copyright © 2007-2019 by Apple Inc. All Rights Reserved."> - <meta name="version" content="2.3.1"> + <meta name="version" content="2.3.3"> <style type="text/css"><!-- body, p, h1, h2, h3, h4 { font-family: sans-serif; diff --git a/locale/cups.pot b/locale/cups.pot index ebe0ba3ee..679d18560 100644 --- a/locale/cups.pot +++ b/locale/cups.pot @@ -23,7 +23,7 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: CUPS 2.3.1\n" +"Project-Id-Version: CUPS 2.3.3\n" "Report-Msgid-Bugs-To: https://github.com/apple/cups/issues\n" "POT-Creation-Date: 2019-12-18 20:19-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" diff --git a/ppdc/ppdc-source.cxx b/ppdc/ppdc-source.cxx index c25d49668..b28c4724f 100644 --- a/ppdc/ppdc-source.cxx +++ b/ppdc/ppdc-source.cxx @@ -1743,15 +1743,17 @@ ppdcSource::get_resolution(ppdcFile *fp)// I - File to read switch (sscanf(name, "%dx%d", &xdpi, &ydpi)) { - case 0 : - _cupsLangPrintf(stderr, - _("ppdc: Bad resolution name \"%s\" on line %d of " - "%s."), name, fp->line, fp->filename); - break; case 1 : ydpi = xdpi; - break; - } + break; + case 2 : + break; + default : + _cupsLangPrintf(stderr, + _("ppdc: Bad resolution name \"%s\" on line %d of " + "%s."), name, fp->line, fp->filename); + break; +} // Create the necessary PS commands... snprintf(command, sizeof(command), diff --git a/scheduler/printers.c b/scheduler/printers.c index 80690397d..e341bdb00 100644 --- a/scheduler/printers.c +++ b/scheduler/printers.c @@ -446,7 +446,7 @@ cupsdCreateCommonData(void) /* cups-version */ ippAddString(CommonData, IPP_TAG_PRINTER, IPP_TAG_TEXT | IPP_TAG_COPY, - "cups-version", NULL, CUPS_SVERSION + 6); + "cups-version", NULL, &CUPS_SVERSION[6]); /* generated-natural-language-supported (no IPP_TAG_COPY) */ ippAddString(CommonData, IPP_TAG_PRINTER, IPP_TAG_LANGUAGE, diff --git a/vcnet/config.h b/vcnet/config.h index 6c87f98b5..76fc7fd5f 100644 --- a/vcnet/config.h +++ b/vcnet/config.h @@ -97,8 +97,8 @@ typedef unsigned long useconds_t; * Version of software... */ -#define CUPS_SVERSION "CUPS v2.3.2" -#define CUPS_MINIMAL "CUPS/2.3.2" +#define CUPS_SVERSION "CUPS v2.3.3" +#define CUPS_MINIMAL "CUPS/2.3.3" /* diff --git a/xcode/config.h b/xcode/config.h index 782a62ff8..5953431a3 100644 --- a/xcode/config.h +++ b/xcode/config.h @@ -18,8 +18,8 @@ * Version of software... */ -#define CUPS_SVERSION "CUPS v2.3.2" -#define CUPS_MINIMAL "CUPS/2.3.2" +#define CUPS_SVERSION "CUPS v2.3.3" +#define CUPS_MINIMAL "CUPS/2.3.3" /* |