1 |
pva 08/04/01 19:03:34 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: cups-1.2.12-r7.ebuild |
5 |
Log: |
6 |
Fixing multiple security vulnerabilities, bug #214068, thank Robert Buchholz and all other developers working on that bug. |
7 |
(Portage version: 2.1.4.4, RepoMan options: --force) |
8 |
|
9 |
Revision Changes Path |
10 |
1.294 net-print/cups/ChangeLog |
11 |
|
12 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-print/cups/ChangeLog?rev=1.294&view=markup |
13 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-print/cups/ChangeLog?rev=1.294&content-type=text/plain |
14 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-print/cups/ChangeLog?r1=1.293&r2=1.294 |
15 |
|
16 |
Index: ChangeLog |
17 |
=================================================================== |
18 |
RCS file: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v |
19 |
retrieving revision 1.293 |
20 |
retrieving revision 1.294 |
21 |
diff -u -r1.293 -r1.294 |
22 |
--- ChangeLog 23 Mar 2008 11:09:38 -0000 1.293 |
23 |
+++ ChangeLog 1 Apr 2008 19:03:34 -0000 1.294 |
24 |
@@ -1,6 +1,14 @@ |
25 |
# ChangeLog for net-print/cups |
26 |
# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 |
27 |
-# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.293 2008/03/23 11:09:38 dertobi123 Exp $ |
28 |
+# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.294 2008/04/01 19:03:34 pva Exp $ |
29 |
+ |
30 |
+*cups-1.2.12-r7 (01 Apr 2008) |
31 |
+ |
32 |
+ 01 Apr 2008; Peter Volkov <pva@g.o> |
33 |
+ +files/cups-1.2.12-CVE-2008-0053.patch, |
34 |
+ +files/cups-1.2.12-CVE-2008-1373.patch, +cups-1.2.12-r7.ebuild: |
35 |
+ Fixing multiple security vulnerabilities, bug #214068, thank Robert |
36 |
+ Buchholz and all other developers working on that bug. |
37 |
|
38 |
23 Mar 2008; Tobias Scherbaum <dertobi123@g.o> |
39 |
cups-1.2.12-r6.ebuild: |
40 |
|
41 |
|
42 |
|
43 |
1.1 net-print/cups/cups-1.2.12-r7.ebuild |
44 |
|
45 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-print/cups/cups-1.2.12-r7.ebuild?rev=1.1&view=markup |
46 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-print/cups/cups-1.2.12-r7.ebuild?rev=1.1&content-type=text/plain |
47 |
|
48 |
Index: cups-1.2.12-r7.ebuild |
49 |
=================================================================== |
50 |
# Copyright 1999-2008 Gentoo Foundation |
51 |
# Distributed under the terms of the GNU General Public License v2 |
52 |
# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.2.12-r7.ebuild,v 1.1 2008/04/01 19:03:34 pva Exp $ |
53 |
|
54 |
inherit autotools eutils flag-o-matic multilib pam |
55 |
|
56 |
MY_P=${P/_} |
57 |
|
58 |
DESCRIPTION="The Common Unix Printing System" |
59 |
HOMEPAGE="http://www.cups.org/" |
60 |
SRC_URI="mirror://sourceforge/cups/${MY_P}-source.tar.bz2" |
61 |
|
62 |
LICENSE="GPL-2" |
63 |
SLOT="0" |
64 |
KEYWORDS="alpha ~amd64 ~arm hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc ~sparc-fbsd x86 ~x86-fbsd" |
65 |
IUSE="ldap ssl slp pam php samba nls dbus tiff png ppds jpeg X" |
66 |
|
67 |
DEP="pam? ( virtual/pam ) |
68 |
ssl? ( net-libs/gnutls ) |
69 |
slp? ( >=net-libs/openslp-1.0.4 ) |
70 |
ldap? ( net-nds/openldap ) |
71 |
dbus? ( sys-apps/dbus ) |
72 |
png? ( >=media-libs/libpng-1.2.1 ) |
73 |
tiff? ( >=media-libs/tiff-3.5.5 ) |
74 |
jpeg? ( >=media-libs/jpeg-6b ) |
75 |
php? ( dev-lang/php ) |
76 |
app-text/libpaper" |
77 |
DEPEND="${DEP} |
78 |
!<net-print/foomatic-filters-ppds-20070501 |
79 |
!<net-print/hplip-1.7.4a-r1 |
80 |
nls? ( sys-devel/gettext )" |
81 |
RDEPEND="${DEP} |
82 |
nls? ( virtual/libintl ) |
83 |
!virtual/lpr |
84 |
>=app-text/poppler-0.4.3-r1 |
85 |
X? ( x11-misc/xdg-utils )" |
86 |
|
87 |
PDEPEND=" |
88 |
ppds? ( || ( |
89 |
( |
90 |
net-print/foomatic-filters-ppds |
91 |
net-print/foomatic-db-ppds |
92 |
) |
93 |
net-print/foomatic-filters-ppds |
94 |
net-print/foomatic-db-ppds |
95 |
net-print/hplip |
96 |
media-gfx/gimp-print |
97 |
net-print/foo2zjs |
98 |
net-print/cups-pdf |
99 |
) ) |
100 |
samba? ( >=net-fs/samba-3.0.8 ) |
101 |
virtual/ghostscript" |
102 |
PROVIDE="virtual/lpr" |
103 |
|
104 |
# upstream includes an interactive test which is a nono for gentoo. |
105 |
# therefore, since the printing herd has bigger fish to fry, for now, |
106 |
# we just leave it out, even if FEATURES=test |
107 |
RESTRICT="test" |
108 |
|
109 |
S=${WORKDIR}/${MY_P} |
110 |
|
111 |
pkg_setup() { |
112 |
if use x86 && [ -d "/usr/lib64" ] |
113 |
then |
114 |
eerror "You are running an x86 system, but /usr/lib64 exists, cups will install all library objects into this directory!" |
115 |
eerror "You should remove /usr/lib64, but before you do, you should check for existing objects, and re-compile all affected packages." |
116 |
eerror "You can use qfile (emerge portage-utils to install qfile) to get a list of the affected ebuilds:" |
117 |
eerror "# qfile -qC /usr/lib64" |
118 |
die "lib64 on x86 detected" |
119 |
fi |
120 |
|
121 |
enewgroup lp |
122 |
enewuser lp -1 -1 -1 lp |
123 |
|
124 |
enewgroup lpadmin 106 |
125 |
} |
126 |
|
127 |
src_unpack() { |
128 |
unpack ${A} |
129 |
cd "${S}" |
130 |
|
131 |
# CVE-2007-4351 security patch, bug #196736 |
132 |
epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2007-4351.patch |
133 |
# CVE-2007-5849 security patch, bug #201570 |
134 |
epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2007-5849.patch |
135 |
# CVE-2008-0047 security patch, bug #212364 |
136 |
epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-0047.patch |
137 |
# CVE-2008-0882 security patch, bug #211449 |
138 |
epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-0882.patch |
139 |
# CVE-2008-1373 security patch, bug #214068 |
140 |
epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-1373.patch |
141 |
# CVE-2008-0053 security patch, bug #214068 |
142 |
epatch "${FILESDIR}"/${PN}-1.2.12-CVE-2008-0053.patch |
143 |
|
144 |
# cups does not use autotools "the usual way" and ship a static config.h.in |
145 |
eaclocal |
146 |
eautoconf |
147 |
} |
148 |
|
149 |
src_compile() { |
150 |
export DSOFLAGS="${LDFLAGS}" |
151 |
|
152 |
if use ldap; then |
153 |
append-flags -DLDAP_DEPRECATED |
154 |
fi |
155 |
|
156 |
econf \ |
157 |
--with-cups-user=lp \ |
158 |
--with-cups-group=lp \ |
159 |
--with-system-groups=lpadmin \ |
160 |
--localstatedir=/var \ |
161 |
--with-docdir=/usr/share/cups/html \ |
162 |
$(use_enable pam) \ |
163 |
$(use_enable ssl) \ |
164 |
--enable-gnutls \ |
165 |
$(use_enable slp) \ |
166 |
$(use_enable nls) \ |
167 |
$(use_enable dbus) \ |
168 |
$(use_enable png) \ |
169 |
$(use_enable jpeg) \ |
170 |
$(use_enable tiff) \ |
171 |
$(use_with php) \ |
172 |
$(use_enable ldap) \ |
173 |
--enable-libpaper \ |
174 |
--enable-threads \ |
175 |
--enable-static \ |
176 |
--disable-pdftops \ |
177 |
|| die "econf failed" |
178 |
|
179 |
# Install in /usr/libexec always, instead of using /usr/lib/cups, as that |
180 |
# makes more sense when facing multilib support. |
181 |
sed -i -e 's:SERVERBIN.*:SERVERBIN = $(BUILDROOT)/usr/libexec/cups:' Makedefs |
182 |
sed -i -e 's:#define CUPS_SERVERBIN.*:#define CUPS_SERVERBIN "/usr/libexec/cups":' config.h |
183 |
sed -i -e 's:cups_serverbin=.*:cups_serverbin=/usr/libexec/cups:' cups-config |
184 |
|
185 |
emake || die "emake failed" |
186 |
} |
187 |
|
188 |
src_install() { |
189 |
emake BUILDROOT="${D}" install || die "emake install failed" |
190 |
dodoc {CHANGES{,-1.{0,1}},CREDITS,LICENSE,README}.txt |
191 |
|
192 |
# clean out cups init scripts |
193 |
rm -rf "${D}"/etc/{init.d/cups,rc*,pam.d/cups} |
194 |
# install our init scripts |
195 |
newinitd "${FILESDIR}"/cupsd.init cupsd |
196 |
# install our pam script |
197 |
pamd_mimic_system cups auth account |
198 |
|
199 |
# correct path |
200 |
sed -i -e "s:server = .*:server = /usr/libexec/cups/daemon/cups-lpd:" "${D}"/etc/xinetd.d/cups-lpd |
201 |
# it is safer to disable this by default, bug 137130 |
202 |
grep -w 'disable' "${D}"/etc/xinetd.d/cups-lpd || \ |
203 |
sed -i -e "s:}:\tdisable = yes\n}:" "${D}"/etc/xinetd.d/cups-lpd |
204 |
|
205 |
# install pdftops filter |
206 |
exeinto /usr/libexec/cups/filter/ |
207 |
newexe "${FILESDIR}"/pdftops-1.20.gentoo pdftops |
208 |
|
209 |
# only for gs-esp this is correct, see bug 163897 |
210 |
if has_version app-text/ghostscript-gpl || has_version app-text/ghostscript-gnu; then |
211 |
sed -i -e "s:#application/vnd.cups-postscript:application/vnd.cups-postscript:" "${D}"/etc/cups/mime.convs |
212 |
fi |
213 |
|
214 |
keepdir /usr/share/cups/profiles /usr/libexec/cups/driver /var/log/cups \ |
215 |
/var/run/cups/certs /var/cache/cups /var/spool/cups/tmp /etc/cups/ssl |
216 |
|
217 |
# .desktop handling. X useflag. xdg-open from freedesktop is preferred |
218 |
if use X; then |
219 |
sed -i -e "s:htmlview:xdg-open:" "${D}"/usr/share/applications/cups.desktop |
220 |
else |
221 |
rm -r "${D}"/usr/share/applications |
222 |
fi |
223 |
|
224 |
# Fix a symlink collision, see bug #172341 |
225 |
dodir /usr/share/ppd |
226 |
dosym /usr/share/ppd /usr/share/cups/model/foomatic-ppds |
227 |
} |
228 |
|
229 |
pkg_preinst() { |
230 |
# cleanups |
231 |
[ -n "${PN}" ] && rm -fR "${ROOT}"/usr/share/doc/${PN}-* |
232 |
} |
233 |
|
234 |
pkg_postinst() { |
235 |
echo |
236 |
elog "Remote printing: change " |
237 |
elog "Listen localhost:631" |
238 |
elog "to" |
239 |
elog "Listen *:631" |
240 |
elog "in /etc/cups/cupsd.conf" |
241 |
echo |
242 |
elog "For more information about installing a printer take a look at:" |
243 |
elog "http://www.gentoo.org/doc/en/printing-howto.xml." |
244 |
echo |
245 |
|
246 |
local good_gs=false |
247 |
for x in app-text/ghostscript-gpl app-text/ghostscript-gnu app-text/ghostscript-esp; do |
248 |
if has_version ${x} && built_with_use ${x} cups; then |
249 |
good_gs=true |
250 |
break |
251 |
fi |
252 |
done; |
253 |
if ! ${good_gs}; then |
254 |
ewarn |
255 |
ewarn "You need to emerge ghostscript with the \"cups\" USE flag turned on" |
256 |
fi |
257 |
if has_version =net-print/cups-1.1*; then |
258 |
ewarn |
259 |
ewarn "The configuration changed with cups-1.2, you may want to save the old" |
260 |
ewarn "one and start from scratch:" |
261 |
ewarn "# mv /etc/cups /etc/cups.orig; emerge -va1 cups" |
262 |
ewarn |
263 |
ewarn "You need to rebuild kdelibs for kdeprinter to work with cups-1.2" |
264 |
fi |
265 |
if [ -e "${ROOT}"/usr/lib/cups ]; then |
266 |
ewarn |
267 |
ewarn "/usr/lib/cups exists - You need to remerge every ebuild that" |
268 |
ewarn "installed into /usr/lib/cups and /etc/cups, qfile is in portage-utils:" |
269 |
ewarn "# FEATURES=-collision-protect emerge -va1 \$(qfile -qC /usr/lib/cups /etc/cups | sed \"s:net-print/cups$::\")" |
270 |
ewarn |
271 |
ewarn "FEATURES=-collision-protect is needed to overwrite the compatibility" |
272 |
ewarn "symlinks installed by this package, it wont be needed on later merges." |
273 |
ewarn "You should also run revdep-rebuild" |
274 |
|
275 |
# place symlinks to make the update smoothless |
276 |
for i in "${ROOT}"/usr/lib/cups/{backend,filter}/*; do |
277 |
if [ "${i/\*}" == "${i}" ] && ! [ -e ${i/lib/libexec} ]; then |
278 |
ln -s ${i} ${i/lib/libexec} |
279 |
fi |
280 |
done |
281 |
fi |
282 |
} |
283 |
|
284 |
|
285 |
|
286 |
-- |
287 |
gentoo-commits@l.g.o mailing list |