Ubuntu
cups package

  1. Bug #1971242
  2. Comment #23

Comment 23 for bug 1971242

Revision history for this message
Till Kamppeter (till-kamppeter) wrote :

Fixed in Mantic via cups 2.4.5-0ubuntu1:

cups (2.4.5-0ubuntu1) mantic; urgency=medium

  * Update to new upstream version 2.4.5.
    - Fixes color printing on printers with "CMYK" choice instead of "RGB"
      in "ColorModel" option of their PPD (Upstream issues #451 and #500,
      LP: 1971242).
  * Merge from Debian unstable. Remaining changes:
    - Added "--enable-snapped-clients" to the "./configure" options to use
      the correct Snap mediation mode for an unsnapped cupsd, like provided
      by this package.
    - In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
      to allow cupsd to determine which interfaces a snapped client
      is plugging.
    - Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
      Snap mediation.
    - Added fully automatic generation of PPD option setting presets to
      be applied depending on the settings of the job IPP attributes
      "print-color-mode", "print-quality", and "print-content-optimize".
      This allows easy control of any printer with only standard IPP
      attributes, as for example from a phone (functionality overtaken
      from cups-filters, mot (yet) upstream in CUPS).
    - In debian/rules updated ./configure arguments from --enable-gnutls to
      --with-tls=gnutls. Now libcups has support for all hash types again,
      especially can provide sha2-256 to PAPPL.
    - When polling capabilities of a driverless printer via
      get-printer-attributes IPP request, do a separate poll of the
      media-col-database attribute in case it did not get obtained by the
      first polls.
    - In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
  * Manually refreshed patch 9100-ppd-cache-add-auto-presets.patch.
  * Removed patches included upstream:
    - 9110-create-local-printer-localhost-fix.patch
    - CVE-2022-26691-2.patch
    - snapd-glib-2.patch
    - poll-media-col-database-separately.patch
    - CVE-2023-32324.patch

cups (2.4.2-4) unstable; urgency=medium

  * CVE-2023-32324
    A heap buffer overflow vulnerability would allow a remote attacker to
    lauch a dos attack.