Comment 3 for bug 9107

Here is the upstream report for CAN-2004-0923:

http://www.cups.org/str.php?L920

which shows that the original security fix did not have this change, but it was
intentionally added later. So I think we could reintroduce some exposure by
reverting that part of the patch. That function is enormous, so I'm not sure
what is going on yet.

Debian seems to have taken the earlier version of the patch without this change.
 CUPS CVS shows that this change has not been reverted upstream:

http://cvs.easysw.com/cvsweb.cgi/cups/scheduler/job.c

so if this change breaks SMB printing, it affects the CUPS upstream releases as
well.