Description Lars Wendler (Polynomial-C) (RETIRED) 2019-08-16 17:57:24 UTC

CUPS 2.2.12 is now available and includes security, compatibility, and general bug fixes. Changes include:

    CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows (rdar://51685251)
    The cupsctl command now prevents setting "cups-files.conf" directives
    (Issue #5530)
    Updated the systemd service file for cupsd (Issue #5551)
    The cupsCheckDestSupported function did not check octetString values
    correctly (Issue #5557)
    The scheduler did not encode octetString values like "job-password" correctly
    for the print filters (Issue #5558)
    Restored minimal support for the Emulators keyword in PPD files to allow
    old Samsung printer drivers to continue to work (Issue #5562)
    Timed out job submission now yields an error (Issue #5570)
    The footer in the web interface covered some content on small displays
    (Issue #5574)
    The libusb-based USB backend now enforces read limits, improving print speed
    in many cases (Issue #5583)
    Fixed some compatibility issues with old releases of CUPS (Issue #5587)
    Fixed a bug in the scheduler job cleanup code (Issue #5588)
    "make" failed with GZIP options (Issue #5595)
    Added FIPS-140 workarounds for GNU TLS (Issue #5601, Issue #5622)
    The scheduler no longer provides a default value for the description
    (Issue #5603)
    The lpadmin command did not always update the PPD file for changes to the
    cupsIPPSupplies and cupsSNMPSupplies keywords (Issue #5610)
    The scheduler now uses both the group's membership list as well as the
    various OS-specific membership functions to determine whether a user belongs
    to a named group (Issue #5613)
    Added USB quirks rule for HP LaserJet 1015 (Issue #5617)
    Fixed some PPD parser issues (Issue #5623, Issue #5624)
    The IPP parser no longer allows invalid member attributes in collections
    (Issue #5630)
    Fixed IPP buffer overflow (rdar://50035411)
    Fixed memory disclosure issue in the scheduler (rdar://51373853)
    Fixed DoS issues in the scheduler (rdar://51373929)
    The scheduler would restart continuously when idle and printers were not
    shared (rdar://52561199)
    Fixed a command ordering issue in the Zebra ZPL driver.
    Fixed a memory leak in ppdOpen.