cups-browsed 2.1.0 #46
tillkamppeter
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Security bug fix release. Early release of 2.1.0 to fix CVE-2024-47176 and CVE-2024-47850.
New features:
Legacy CUPS browsing is not needed any more and, our implementation accepting any UDP packet on port 631, causes vulnerabilities, and our LDAP support is does not comply with RFC 7612 and is therefore limited. Fixes CVE-2024-47176 and CVE-2024-47850
Bug fixes:
BrowseRemoteProtocolsshould not includecupsprotocolWorks around CVE-2024-47176 and CVE-2024-47850, the fix is the complete removal of legacy CUPS Browsing functionality
If the destination queue is raw, the local queue generated by cups-browsed should also be raw (Pull request Do not generate PPD for remote raw queues #44).
daemon/cups-browsed.service: Addsystem-cups.sliceThe
system-cups.slicefile is not required. Thesystem-cupsslice will be automatically created if the file is missing (cups Pull request #1035, Pull request daemon/cups-browsed.service: add system-cups.slice #35).cups-browsed.c: Remove duplicate#include ...Pull request cups-browsed.c: remove duplicate include #40
This discussion was created from the release cups-browsed 2.1.0.
Beta Was this translation helpful? Give feedback.
All reactions