debcrafters-packages team mailing list archive
-
debcrafters-packages team
-
Mailing list archive
-
Message #09904
[Bug 2130070] [NEW] Merge cups from Debian Unstable for resolute
Public bug reported:
Scheduled-For: ubuntu-25.11
Ubuntu: 2.4.12-0ubuntu3
Debian Unstable: 2.4.14-1
The current version in Ubuntu went ahead of Debian in the past, so this
package may be diverged from Debian and require more review than usual
to get back to mergeability.
If this package should not be considered for merges or syncs in the
future, you may wish to consider adding it to the `sync-blocklist` at:
https://code.launchpad.net/~ubuntu-archive/+git/sync-blocklist
A new release of cups is available for merging from Debian Unstable.
If it turns out this needs a sync rather than a merge, please change the
tagging from ['dcr-merge'] to ['dcr-sync'], and (optionally) update the
title as desired.
If this merge pulls in a new upstream version, also consider adding an
entry to the resolute Release Notes:
https://discourse.ubuntu.com/t/resolute-raccoon-release-notes/
### New Debian Changes ###
cups (2.4.14-1) unstable; urgency=medium
* Update to new upstream version 2.4.14.
(Closes: #1106010)
(Closes: #1109471)
* debian/rules: enable tests on riscv64 again (Closes: #1107504)
* drop patch for CVE-2023-32324 (Closes: #1087849)
-- Thorsten Alteholz <debian@xxxxxxxxxxx> Sat, 04 Oct 2025 12:26:19
+0200
### Old Ubuntu Delta ###
cups (2.4.12-0ubuntu3) questing; urgency=medium
* debian/local/apparmor-profile:
- Update for new coreutil paths (LP: #2123870)
- Add rule for accessing /etc/paperspecs (LP: #2125520)
-- Ryan Lee <ryan.lee@xxxxxxxxxxxxx> Mon, 22 Sep 2025 16:44:55 -0700
cups (2.4.12-0ubuntu2) questing; urgency=medium
* SECURITY UPDATE: authorization bypass
- d/p/CVE-2025-58060.patch: only allow basic and kerberos authentication
if it is enabled.
- CVE-2025-58060
* SECURITY UPDATE: remote DoS
- d/p/CVE-2025-58364.patch: fix null dereference in ipp_read_io().
- CVE-2025-58364
-- Eduardo Barretto <eduardo.barretto@xxxxxxxxxxxxx> Fri, 05 Sep 2025
17:13:12 +0200
cups (2.4.12-0ubuntu1) plucky; urgency=medium
* New upstream bug fix release 2.4.12
- Another half year worth of bug fixes ...
- Last 2.4.x upstream release.
* Refreshed patches.
-- Till Kamppeter <till.kamppeter@xxxxxxxxx> Tue, 08 Apr 2025 13:27:28
+0200
cups (2.4.11-0ubuntu2) plucky; urgency=medium
* No-change rebuild for libpaper.
-- Sudip Mukherjee <sudipm.mukherjee@xxxxxxxxx> Sun, 22 Dec 2024
11:02:49 +0000
cups (2.4.11-0ubuntu1) plucky; urgency=medium
* New upstream release 2.4.11
- Includes fix for CVE-2024-47175
- In both plucky and oracular the build test ("make check") fails
for CUPS 2.4.10, cupsd instance on port 8631 not starting up, 2.4.11
fixes this somehow, most probably this is upstream issue #989.
* Drop 0014-CVE-2024-47175-and-further-hardening.patch, included
upstream
* Add the new /usr/lib/systemd/system/system-cups.slice file to
cups-daemon.install
-- Till Kamppeter <till.kamppeter@xxxxxxxxx> Mon, 25 Nov 2024 20:34:33
+0100
cups (2.4.10-2ubuntu1) plucky; urgency=medium
* Merge with Debian unstable (LP: #2089041). Remaining changes:
- Added "--enable-snapped-clients" to the "./configure" options to use
the correct Snap mediation mode for an unsnapped cupsd, like provided
by this package.
- Use also "--with-system-groups='lpadmin root'" in "./configure" command
line.
- In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
to allow cupsd to determine which interfaces a snapped client
is plugging.
- Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
Snap mediation.
- Added fully automatic generation of PPD option setting presets to
be applied depending on the settings of the job IPP attributes
"print-color-mode", "print-quality", and "print-content-optimize".
This allows easy control of any printer with only standard IPP
attributes, as for example from a phone (functionality overtaken
from cups-filters, mot (yet) upstream in CUPS).
- In debian/rules updated "./configure" arguments from "--enable-gnutls" to
"--with-tls=gnutls". Now libcups has support for all hash types again,
especially can provide sha2-256 to PAPPL.
- Use pkgconfig file cups.pc from upstream and not Debian's own file
of CUPS' pre-pkgconfig era. also use
"--with-pkgconfpath=/usr/lib/$(DEB_HOST_MULTIARCH)/pkgconfig" in the
"./configure" command line therefore.
* In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
* CVE-2024-35235.patch: Removed, included upstream. (Closes: #1087849)
-- Alessandro Astone <alessandro.astone@xxxxxxxxxxxxx> Tue, 19 Nov
2024 16:20:03 +0100
** Affects: cups (Ubuntu)
Importance: Undecided
Status: New
** Tags: dcr-merge
** Changed in: cups (Ubuntu)
Milestone: None => ubuntu-25.11
--
You received this bug notification because you are a member of
Debcrafters packages, which is subscribed to cups in Ubuntu.
https://bugs.launchpad.net/bugs/2130070
Title:
Merge cups from Debian Unstable for resolute
Status in cups package in Ubuntu:
New
Bug description:
Scheduled-For: ubuntu-25.11
Ubuntu: 2.4.12-0ubuntu3
Debian Unstable: 2.4.14-1
The current version in Ubuntu went ahead of Debian in the past, so
this package may be diverged from Debian and require more review than
usual to get back to mergeability.
If this package should not be considered for merges or syncs in the
future, you may wish to consider adding it to the `sync-blocklist` at:
https://code.launchpad.net/~ubuntu-archive/+git/sync-blocklist
A new release of cups is available for merging from Debian Unstable.
If it turns out this needs a sync rather than a merge, please change
the tagging from ['dcr-merge'] to ['dcr-sync'], and (optionally)
update the title as desired.
If this merge pulls in a new upstream version, also consider adding an
entry to the resolute Release Notes:
https://discourse.ubuntu.com/t/resolute-raccoon-release-notes/
### New Debian Changes ###
cups (2.4.14-1) unstable; urgency=medium
* Update to new upstream version 2.4.14.
(Closes: #1106010)
(Closes: #1109471)
* debian/rules: enable tests on riscv64 again (Closes: #1107504)
* drop patch for CVE-2023-32324 (Closes: #1087849)
-- Thorsten Alteholz <debian@xxxxxxxxxxx> Sat, 04 Oct 2025 12:26:19
+0200
### Old Ubuntu Delta ###
cups (2.4.12-0ubuntu3) questing; urgency=medium
* debian/local/apparmor-profile:
- Update for new coreutil paths (LP: #2123870)
- Add rule for accessing /etc/paperspecs (LP: #2125520)
-- Ryan Lee <ryan.lee@xxxxxxxxxxxxx> Mon, 22 Sep 2025 16:44:55 -0700
cups (2.4.12-0ubuntu2) questing; urgency=medium
* SECURITY UPDATE: authorization bypass
- d/p/CVE-2025-58060.patch: only allow basic and kerberos authentication
if it is enabled.
- CVE-2025-58060
* SECURITY UPDATE: remote DoS
- d/p/CVE-2025-58364.patch: fix null dereference in ipp_read_io().
- CVE-2025-58364
-- Eduardo Barretto <eduardo.barretto@xxxxxxxxxxxxx> Fri, 05 Sep
2025 17:13:12 +0200
cups (2.4.12-0ubuntu1) plucky; urgency=medium
* New upstream bug fix release 2.4.12
- Another half year worth of bug fixes ...
- Last 2.4.x upstream release.
* Refreshed patches.
-- Till Kamppeter <till.kamppeter@xxxxxxxxx> Tue, 08 Apr 2025
13:27:28 +0200
cups (2.4.11-0ubuntu2) plucky; urgency=medium
* No-change rebuild for libpaper.
-- Sudip Mukherjee <sudipm.mukherjee@xxxxxxxxx> Sun, 22 Dec 2024
11:02:49 +0000
cups (2.4.11-0ubuntu1) plucky; urgency=medium
* New upstream release 2.4.11
- Includes fix for CVE-2024-47175
- In both plucky and oracular the build test ("make check") fails
for CUPS 2.4.10, cupsd instance on port 8631 not starting up, 2.4.11
fixes this somehow, most probably this is upstream issue #989.
* Drop 0014-CVE-2024-47175-and-further-hardening.patch, included
upstream
* Add the new /usr/lib/systemd/system/system-cups.slice file to
cups-daemon.install
-- Till Kamppeter <till.kamppeter@xxxxxxxxx> Mon, 25 Nov 2024
20:34:33 +0100
cups (2.4.10-2ubuntu1) plucky; urgency=medium
* Merge with Debian unstable (LP: #2089041). Remaining changes:
- Added "--enable-snapped-clients" to the "./configure" options to use
the correct Snap mediation mode for an unsnapped cupsd, like provided
by this package.
- Use also "--with-system-groups='lpadmin root'" in "./configure" command
line.
- In the AppArmor profile allow CUPS to access (/var)/run/snapd.socket
to allow cupsd to determine which interfaces a snapped client
is plugging.
- Build-depend on libapparmor-dev, libsnapd-glib-dev, needed for
Snap mediation.
- Added fully automatic generation of PPD option setting presets to
be applied depending on the settings of the job IPP attributes
"print-color-mode", "print-quality", and "print-content-optimize".
This allows easy control of any printer with only standard IPP
attributes, as for example from a phone (functionality overtaken
from cups-filters, mot (yet) upstream in CUPS).
- In debian/rules updated "./configure" arguments from "--enable-gnutls" to
"--with-tls=gnutls". Now libcups has support for all hash types again,
especially can provide sha2-256 to PAPPL.
- Use pkgconfig file cups.pc from upstream and not Debian's own file
of CUPS' pre-pkgconfig era. also use
"--with-pkgconfpath=/usr/lib/$(DEB_HOST_MULTIARCH)/pkgconfig" in the
"./configure" command line therefore.
* In libcupsimage2 recommend libcupsfilters2 instead of libcupsfilters1.
* CVE-2024-35235.patch: Removed, included upstream. (Closes: #1087849)
-- Alessandro Astone <alessandro.astone@xxxxxxxxxxxxx> Tue, 19 Nov
2024 16:20:03 +0100
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2130070/+subscriptions
