Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Please unblock package cups. The 1.7.5-8 upload has the following changes: * Add a USB quirk fix for Brother HL-1250 (Closes: #712512) This was reported upstream as https://www.cups.org/str.php?L4519 . It's a routine USB quirk change to accomodate printers with weird USB behaviours. Severity: important * Backport upstream patch to fix random crash in TLS handling. The patch also enables coredumps.(Closes: #760475, #760476) The interesting bug here is #760476 (severity: serious), which was about a crash within the TLS handling. The two upstreams discussed on https://cups.org/str.php?L4484 and AFAIK GnuTLS added a workaround in 3.3.8-3 (already in testing). Mike Sweet also fixed this in CUPS by reworking the file descriptors closing mechanisms. His patch also dropped the core dumps disabling (#760475, severity: important). I'm attaching the full debdiff (including quilt patch refreshments) as well as the two patches in isolation. (Aside to that, I'd be interested by the opinion of the Release Team on the Color Management patch, see https://lists.debian.org/3542659.lWsmeQSxEG@gyllingar ) Cheers, OdyX unblock cups/1.7.5-8
diff -Nru cups-1.7.5/debian/changelog cups-1.7.5/debian/changelog --- cups-1.7.5/debian/changelog 2014-10-23 22:06:22.000000000 +0200 +++ cups-1.7.5/debian/changelog 2014-11-23 13:26:25.000000000 +0100 @@ -1,3 +1,11 @@ +cups (1.7.5-8) unstable; urgency=medium + + * Add a USB quirk fix for Brother HL-1250 (Closes: #712512) + * Backport upstream patch to fix random crash in TLS handling. The patch also + enables coredumps.(Closes: #760475, #760476) + + -- Didier Raboud <o...@debian.org> Sun, 23 Nov 2014 13:26:24 +0100 + cups (1.7.5-7) unstable; urgency=medium * Revert to not socket-activating CUPS (Closes: #747073) diff -Nru cups-1.7.5/debian/patches/brother-hl-1250-quirks.patch cups-1.7.5/debian/patches/brother-hl-1250-quirks.patch --- cups-1.7.5/debian/patches/brother-hl-1250-quirks.patch 1970-01-01 01:00:00.000000000 +0100 +++ cups-1.7.5/debian/patches/brother-hl-1250-quirks.patch 2014-11-23 13:25:22.000000000 +0100 @@ -0,0 +1,18 @@ +Description: Add Brother HL-1250 usb quirks fix +Author: Didier Raboud <o...@debian.org> +Bug-Debian: https://bugs.debian.org/712512 +Bug: https://www.cups.org/str.php?L4519 +Last-Update: 2014-11-04 + +--- a/backend/org.cups.usb-quirks ++++ b/backend/org.cups.usb-quirks +@@ -90,6 +90,9 @@ + # Canon, Inc. MF4150 Printer, https://bugs.launchpad.net/bugs/1160638 + 0x04a9 0x26a3 no-reattach + ++# Brother Industries, Ltd HL-1250 Laser Printer, https://bugs.debian.org/712512 ++0x04f9 0x0007 no-reattach ++ + # Brother Industries, Ltd HL-1430 Laser Printer, https://bugs.launchpad.net/bugs/1038695 + 0x04f9 0x001a no-reattach + diff -Nru cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch --- cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch 2014-10-20 08:54:17.000000000 +0200 +++ cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch 2014-11-23 13:25:59.000000000 +0100 @@ -46,8 +46,8 @@ + int t = -1; /* Timeout */ char *opt; /* Option character */ int fg; /* Run in the foreground */ - int fds; /* Number of ready descriptors */ -@@ -123,6 +124,8 @@ + int close_all = 1, /* Close all file descriptors? */ +@@ -125,6 +126,8 @@ #else time_t netif_time = 0; /* Time since last network update */ #endif /* __APPLE__ */ @@ -56,8 +56,8 @@ #if HAVE_LAUNCHD int launchd_idle_exit; /* Idle exit on select timeout? */ -@@ -288,6 +291,21 @@ - fg = 1; +@@ -304,6 +307,21 @@ + close_all = 0; break; + case 'x' : /* Exit on idle timeout */ @@ -78,7 +78,7 @@ default : /* Unknown option */ _cupsLangPrintf(stderr, _("cupsd: Unknown option \"%c\" - " "aborting."), *opt); -@@ -533,6 +551,13 @@ +@@ -541,6 +559,13 @@ } /* @@ -92,7 +92,7 @@ * Clean out old temp files and printer cache data. */ -@@ -770,6 +795,26 @@ +@@ -778,6 +803,26 @@ if ((timeout = select_timeout(fds)) > 1 && LastEvent) timeout = 1; @@ -119,7 +119,7 @@ #if HAVE_LAUNCHD /* * If no other work is scheduled and we're being controlled by -@@ -883,6 +928,20 @@ +@@ -891,6 +936,20 @@ } #endif /* !__APPLE__ */ diff -Nru cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch --- cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch 2014-10-23 21:50:26.000000000 +0200 +++ cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch 2014-11-23 13:25:22.000000000 +0100 @@ -33,7 +33,7 @@ /* Time after which an idle cupsd will exit */ --- a/scheduler/main.c +++ b/scheduler/main.c -@@ -1728,6 +1728,15 @@ +@@ -1736,6 +1736,15 @@ # endif /* HAVE_SSL */ } diff -Nru cups-1.7.5/debian/patches/cupsd-idleexittimeout-upstart.patch cups-1.7.5/debian/patches/cupsd-idleexittimeout-upstart.patch --- cups-1.7.5/debian/patches/cupsd-idleexittimeout-upstart.patch 2014-10-20 08:54:17.000000000 +0200 +++ cups-1.7.5/debian/patches/cupsd-idleexittimeout-upstart.patch 2014-11-23 13:25:22.000000000 +0100 @@ -4,7 +4,7 @@ Bug: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/1276713 --- a/scheduler/main.c +++ b/scheduler/main.c -@@ -1827,6 +1827,13 @@ +@@ -1835,6 +1835,13 @@ if (_httpAddrPort(&(lis->address)) == 443) lis->encryption = HTTP_ENCRYPT_ALWAYS; # endif /* HAVE_SSL */ diff -Nru cups-1.7.5/debian/patches/cupsd-upstart-support.patch cups-1.7.5/debian/patches/cupsd-upstart-support.patch --- cups-1.7.5/debian/patches/cupsd-upstart-support.patch 2014-10-20 08:54:17.000000000 +0200 +++ cups-1.7.5/debian/patches/cupsd-upstart-support.patch 2014-11-23 13:25:22.000000000 +0100 @@ -24,7 +24,7 @@ static void parent_handler(int sig); static void process_children(void); static void sigchld_handler(int sig); -@@ -326,6 +327,14 @@ +@@ -342,6 +343,14 @@ usage(1); } @@ -39,7 +39,7 @@ if (!ConfigurationFile) cupsdSetString(&ConfigurationFile, CUPS_SERVERROOT "/cupsd.conf"); -@@ -594,6 +603,11 @@ +@@ -602,6 +611,11 @@ #endif /* HAVE_SYSTEMD */ /* @@ -51,7 +51,7 @@ * Startup the server... */ -@@ -792,6 +806,13 @@ +@@ -800,6 +814,13 @@ #endif /* HAVE_SYSTEMD */ /* @@ -65,7 +65,7 @@ * Startup the server... */ -@@ -1673,6 +1694,94 @@ +@@ -1681,6 +1702,94 @@ } #endif /* HAVE_SYSTEMD */ diff -Nru cups-1.7.5/debian/patches/pidfile.patch cups-1.7.5/debian/patches/pidfile.patch --- cups-1.7.5/debian/patches/pidfile.patch 2014-10-20 08:54:17.000000000 +0200 +++ cups-1.7.5/debian/patches/pidfile.patch 2014-11-23 13:25:22.000000000 +0100 @@ -54,7 +54,7 @@ /* -@@ -688,6 +690,11 @@ +@@ -696,6 +698,11 @@ cupsdStartSystemMonitor(); #endif /* __APPLE__ */ @@ -66,7 +66,7 @@ /* * Send server-started event... */ -@@ -1234,10 +1241,41 @@ +@@ -1242,10 +1249,41 @@ cupsdStopSelect(); diff -Nru cups-1.7.5/debian/patches/series cups-1.7.5/debian/patches/series --- cups-1.7.5/debian/patches/series 2014-10-23 18:11:13.000000000 +0200 +++ cups-1.7.5/debian/patches/series 2014-11-23 13:25:22.000000000 +0100 @@ -3,6 +3,7 @@ str2913-limit-Get-Jobs-replies-to-500-jobs.patch str4461-restore-access-to-logfiles.patch str4475-fix-the-spinner-imager-on-restart.patch +str4484-fix-random-crash-in-scheduler.patch str4500-cupsGetPPD3-Only-use-symlink-if-file-is-readable-STR.patch # patches sent upstream @@ -13,6 +14,7 @@ cupsd-idleexittimeout.patch cups-no-gcrypt.patch canon-mx3x0-quirks.patch +brother-hl-1250-quirks.patch # patches which should go upstream color-management-extension.patch diff -Nru cups-1.7.5/debian/patches/str4484-fix-random-crash-in-scheduler.patch cups-1.7.5/debian/patches/str4484-fix-random-crash-in-scheduler.patch --- cups-1.7.5/debian/patches/str4484-fix-random-crash-in-scheduler.patch 1970-01-01 01:00:00.000000000 +0100 +++ cups-1.7.5/debian/patches/str4484-fix-random-crash-in-scheduler.patch 2014-11-23 13:25:22.000000000 +0100 @@ -0,0 +1,219 @@ +Description: Backport upstream fix to fix a random crash in the scheduler when not using systemd +Bug-Debian: https://bugs.debian.org/760476 +Bug: https://cups.org/str.php?L4484 +Last-Update: 2014-11-23 +--- a/scheduler/main.c ++++ b/scheduler/main.c +@@ -100,6 +100,8 @@ + int i; /* Looping var */ + char *opt; /* Option character */ + int fg; /* Run in the foreground */ ++ int close_all = 1, /* Close all file descriptors? */ ++ disconnect = 1; /* Disconnect from controlling terminal? */ + int fds; /* Number of ready descriptors */ + cupsd_client_t *con; /* Current client */ + cupsd_job_t *job; /* Current job */ +@@ -152,6 +154,8 @@ + { + Launchd = 1; + fg = 1; ++ close_all = 0; ++ disconnect = 0; + } + #endif /* HAVE_LAUNCHD */ + +@@ -163,6 +167,7 @@ + case 'C' : /* Run as child with config file */ + run_as_child = 1; + fg = -1; ++ close_all = 0; + + case 'c' : /* Configuration file */ + i ++; +@@ -218,10 +223,13 @@ + + case 'f' : /* Run in foreground... */ + fg = 1; ++ disconnect = 0; ++ close_all = 0; + break; + + case 'F' : /* Run in foreground, but disconnect from terminal... */ + fg = -1; ++ close_all = 0; + break; + + case 'h' : /* Show usage/help */ +@@ -232,10 +240,14 @@ + #ifdef HAVE_LAUNCHD + Launchd = 1; + fg = 1; ++ close_all = 0; ++ disconnect = 0; + #else + _cupsLangPuts(stderr, _("cupsd: launchd(8) support not compiled " + "in, running in normal mode.")); + fg = 0; ++ disconnect = 1; ++ close_all = 1; + #endif /* HAVE_LAUNCHD */ + break; + +@@ -244,6 +256,8 @@ + "use only!\n", stderr); + stop_scheduler = 1; + fg = 1; ++ disconnect = 0; ++ close_all = 0; + break; + + case 'P' : /* Disable security profiles */ +@@ -286,6 +300,8 @@ + case 't' : /* Test the cupsd.conf file... */ + TestConfigFile = 1; + fg = 1; ++ disconnect = 0; ++ close_all = 0; + break; + + default : /* Unknown option */ +@@ -333,8 +349,57 @@ + free(filename); + } + ++ if (disconnect) ++ { ++ /* ++ * Make sure we aren't tying up any filesystems... ++ */ ++ ++ chdir("/"); ++ ++ /* ++ * Disconnect from the controlling terminal... ++ */ ++ ++ setsid(); ++ } ++ ++ if (close_all) ++ { ++ /* ++ * Close all open files... ++ */ ++ ++ getrlimit(RLIMIT_NOFILE, &limit); ++ ++ for (i = 0; i < (int)limit.rlim_cur && i < 1024; i ++) ++ close(i); ++ ++ /* ++ * Redirect stdin/out/err to /dev/null... ++ */ ++ ++ if ((i = open("/dev/null", O_RDONLY)) != 0) ++ { ++ dup2(i, 0); ++ close(i); ++ } ++ ++ if ((i = open("/dev/null", O_WRONLY)) != 1) ++ { ++ dup2(i, 1); ++ close(i); ++ } ++ ++ if ((i = open("/dev/null", O_WRONLY)) != 2) ++ { ++ dup2(i, 2); ++ close(i); ++ } ++ } ++ + /* +- * If the user hasn't specified "-f", run in the background... ++ * Run in the background as needed... + */ + + if (!fg) +@@ -409,74 +474,17 @@ + #endif /* __OpenBSD__ && OpenBSD < 201211 */ + + /* +- * Since CoreFoundation and DBUS both create fork-unsafe data on execution of +- * a program, and since this kind of really unfriendly behavior seems to be +- * more common these days in system libraries, we need to re-execute the +- * background cupsd with the "-C" option to avoid problems. Unfortunately, +- * we also have to assume that argv[0] contains the name of the cupsd +- * executable - there is no portable way to get the real pathname... ++ * Since many system libraries create fork-unsafe data on execution of a ++ * program, we need to re-execute the background cupsd with the "-C" and "-s" ++ * options to avoid problems. Unfortunately, we also have to assume that ++ * argv[0] contains the name of the cupsd executable - there is no portable ++ * way to get the real pathname... + */ + +- execlp(argv[0], argv[0], "-C", ConfigurationFile, (char *)0); ++ execlp(argv[0], argv[0], "-C", ConfigurationFile, "-s", CupsFilesFile, (char *)0); + exit(errno); + } + +- if (fg < 1) +- { +- /* +- * Make sure we aren't tying up any filesystems... +- */ +- +- chdir("/"); +- +-#ifndef DEBUG +- /* +- * Disable core dumps... +- */ +- +- getrlimit(RLIMIT_CORE, &limit); +- limit.rlim_cur = 0; +- setrlimit(RLIMIT_CORE, &limit); +- +- /* +- * Disconnect from the controlling terminal... +- */ +- +- setsid(); +- +- /* +- * Close all open files... +- */ +- +- getrlimit(RLIMIT_NOFILE, &limit); +- +- for (i = 0; i < limit.rlim_cur && i < 1024; i ++) +- close(i); +- +- /* +- * Redirect stdin/out/err to /dev/null... +- */ +- +- if ((i = open("/dev/null", O_RDONLY)) != 0) +- { +- dup2(i, 0); +- close(i); +- } +- +- if ((i = open("/dev/null", O_WRONLY)) != 1) +- { +- dup2(i, 1); +- close(i); +- } +- +- if ((i = open("/dev/null", O_WRONLY)) != 2) +- { +- dup2(i, 2); +- close(i); +- } +-#endif /* DEBUG */ +- } +- + /* + * Set the timezone info... + */ diff -Nru cups-1.7.5/debian/patches/systemd-optional-socket-activation.patch cups-1.7.5/debian/patches/systemd-optional-socket-activation.patch --- cups-1.7.5/debian/patches/systemd-optional-socket-activation.patch 2014-10-23 21:27:19.000000000 +0200 +++ cups-1.7.5/debian/patches/systemd-optional-socket-activation.patch 2014-11-23 13:25:22.000000000 +0100 @@ -250,7 +250,7 @@ static void parent_handler(int sig); static void process_children(void); static void sigchld_handler(int sig); -@@ -578,6 +585,14 @@ +@@ -586,6 +593,14 @@ } #endif /* HAVE_LAUNCHD */ @@ -265,7 +265,7 @@ /* * Startup the server... */ -@@ -766,6 +781,16 @@ +@@ -774,6 +789,16 @@ } #endif /* HAVE_LAUNCHD */ @@ -282,7 +282,7 @@ /* * Startup the server... */ -@@ -1549,6 +1574,104 @@ +@@ -1557,6 +1582,104 @@ } #endif /* HAVE_LAUNCHD */
Description: Backport upstream fix to fix a random crash in the scheduler when not using systemd Bug-Debian: https://bugs.debian.org/760476 Bug: https://cups.org/str.php?L4484 Last-Update: 2014-11-23 --- a/scheduler/main.c +++ b/scheduler/main.c @@ -100,6 +100,8 @@ int i; /* Looping var */ char *opt; /* Option character */ int fg; /* Run in the foreground */ + int close_all = 1, /* Close all file descriptors? */ + disconnect = 1; /* Disconnect from controlling terminal? */ int fds; /* Number of ready descriptors */ cupsd_client_t *con; /* Current client */ cupsd_job_t *job; /* Current job */ @@ -152,6 +154,8 @@ { Launchd = 1; fg = 1; + close_all = 0; + disconnect = 0; } #endif /* HAVE_LAUNCHD */ @@ -163,6 +167,7 @@ case 'C' : /* Run as child with config file */ run_as_child = 1; fg = -1; + close_all = 0; case 'c' : /* Configuration file */ i ++; @@ -218,10 +223,13 @@ case 'f' : /* Run in foreground... */ fg = 1; + disconnect = 0; + close_all = 0; break; case 'F' : /* Run in foreground, but disconnect from terminal... */ fg = -1; + close_all = 0; break; case 'h' : /* Show usage/help */ @@ -232,10 +240,14 @@ #ifdef HAVE_LAUNCHD Launchd = 1; fg = 1; + close_all = 0; + disconnect = 0; #else _cupsLangPuts(stderr, _("cupsd: launchd(8) support not compiled " "in, running in normal mode.")); fg = 0; + disconnect = 1; + close_all = 1; #endif /* HAVE_LAUNCHD */ break; @@ -244,6 +256,8 @@ "use only!\n", stderr); stop_scheduler = 1; fg = 1; + disconnect = 0; + close_all = 0; break; case 'P' : /* Disable security profiles */ @@ -286,6 +300,8 @@ case 't' : /* Test the cupsd.conf file... */ TestConfigFile = 1; fg = 1; + disconnect = 0; + close_all = 0; break; default : /* Unknown option */ @@ -333,8 +349,57 @@ free(filename); } + if (disconnect) + { + /* + * Make sure we aren't tying up any filesystems... + */ + + chdir("/"); + + /* + * Disconnect from the controlling terminal... + */ + + setsid(); + } + + if (close_all) + { + /* + * Close all open files... + */ + + getrlimit(RLIMIT_NOFILE, &limit); + + for (i = 0; i < (int)limit.rlim_cur && i < 1024; i ++) + close(i); + + /* + * Redirect stdin/out/err to /dev/null... + */ + + if ((i = open("/dev/null", O_RDONLY)) != 0) + { + dup2(i, 0); + close(i); + } + + if ((i = open("/dev/null", O_WRONLY)) != 1) + { + dup2(i, 1); + close(i); + } + + if ((i = open("/dev/null", O_WRONLY)) != 2) + { + dup2(i, 2); + close(i); + } + } + /* - * If the user hasn't specified "-f", run in the background... + * Run in the background as needed... */ if (!fg) @@ -409,74 +474,17 @@ #endif /* __OpenBSD__ && OpenBSD < 201211 */ /* - * Since CoreFoundation and DBUS both create fork-unsafe data on execution of - * a program, and since this kind of really unfriendly behavior seems to be - * more common these days in system libraries, we need to re-execute the - * background cupsd with the "-C" option to avoid problems. Unfortunately, - * we also have to assume that argv[0] contains the name of the cupsd - * executable - there is no portable way to get the real pathname... + * Since many system libraries create fork-unsafe data on execution of a + * program, we need to re-execute the background cupsd with the "-C" and "-s" + * options to avoid problems. Unfortunately, we also have to assume that + * argv[0] contains the name of the cupsd executable - there is no portable + * way to get the real pathname... */ - execlp(argv[0], argv[0], "-C", ConfigurationFile, (char *)0); + execlp(argv[0], argv[0], "-C", ConfigurationFile, "-s", CupsFilesFile, (char *)0); exit(errno); } - if (fg < 1) - { - /* - * Make sure we aren't tying up any filesystems... - */ - - chdir("/"); - -#ifndef DEBUG - /* - * Disable core dumps... - */ - - getrlimit(RLIMIT_CORE, &limit); - limit.rlim_cur = 0; - setrlimit(RLIMIT_CORE, &limit); - - /* - * Disconnect from the controlling terminal... - */ - - setsid(); - - /* - * Close all open files... - */ - - getrlimit(RLIMIT_NOFILE, &limit); - - for (i = 0; i < limit.rlim_cur && i < 1024; i ++) - close(i); - - /* - * Redirect stdin/out/err to /dev/null... - */ - - if ((i = open("/dev/null", O_RDONLY)) != 0) - { - dup2(i, 0); - close(i); - } - - if ((i = open("/dev/null", O_WRONLY)) != 1) - { - dup2(i, 1); - close(i); - } - - if ((i = open("/dev/null", O_WRONLY)) != 2) - { - dup2(i, 2); - close(i); - } -#endif /* DEBUG */ - } - /* * Set the timezone info... */
Description: Add Brother HL-1250 usb quirks fix Author: Didier Raboud <o...@debian.org> Bug-Debian: https://bugs.debian.org/712512 Bug: https://www.cups.org/str.php?L4519 Last-Update: 2014-11-04 --- a/backend/org.cups.usb-quirks +++ b/backend/org.cups.usb-quirks @@ -90,6 +90,9 @@ # Canon, Inc. MF4150 Printer, https://bugs.launchpad.net/bugs/1160638 0x04a9 0x26a3 no-reattach +# Brother Industries, Ltd HL-1250 Laser Printer, https://bugs.debian.org/712512 +0x04f9 0x0007 no-reattach + # Brother Industries, Ltd HL-1430 Laser Printer, https://bugs.launchpad.net/bugs/1038695 0x04f9 0x001a no-reattach
