As per summary, the new net-print/cups-2.4.2 fixes CVE-2022-26691. It also re-introduce openssl/libressl support.
https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=66e451177a6d28cfa24a3fdcdeaac7e8196c19fc commit 66e451177a6d28cfa24a3fdcdeaac7e8196c19fc Author: Sam James <sam@gentoo.org> AuthorDate: 2022-05-28 04:25:21 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-05-28 04:25:44 +0000 net-print/cups: add 2.4.2 While at it, cleanup a bunch of obsolete seds and such. Checked upstream changes to ensure they really are obsolete. Bug: https://bugs.gentoo.org/847625 Signed-off-by: Sam James <sam@gentoo.org> net-print/cups/Manifest | 1 + net-print/cups/cups-2.4.2.ebuild | 302 +++++++++++++++++++++ net-print/cups/cups-9999.ebuild | 57 ++-- .../files/cups-2.4.2-no-fortify-override.patch | 18 ++ 4 files changed, 346 insertions(+), 32 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=02e55008b4808689eb038d5797c1bddb890a9efb commit 02e55008b4808689eb038d5797c1bddb890a9efb Author: Sam James <sam@gentoo.org> AuthorDate: 2022-05-28 04:54:59 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-05-28 04:56:18 +0000 net-print/cups: add openssl support Bug: https://bugs.gentoo.org/847625 Signed-off-by: Sam James <sam@gentoo.org> .../{cups-2.4.2.ebuild => cups-2.4.2-r1.ebuild} | 28 +++++++++++++++------- net-print/cups/cups-9999.ebuild | 28 +++++++++++++++------- net-print/cups/metadata.xml | 19 ++++++++------- 3 files changed, 51 insertions(+), 24 deletions(-)
Emerge installed 2.4.2-r1 that complains constantly with: Unable to encrypt connection: Unable to create server credentials. /etc/cups/ssl exists and is filled (owner is root:lp with permission 700, inside .crt and .key files. Keys have permission 600, certs have 644.). It worked before even with FQDN in a local network. I also switched LogLevel to debug but that didn't spool out more details. USE is (and was) ssl and openssl. There is no certificate auto generation anymore on that host. Is that related somehow?
Changing USE to not contain openssl fixes the issue and certificates are created again.
(In reply to onkobu from comment #5) > Changing USE to not contain openssl fixes the issue and certificates are > created again. Please file a new bug for this issue.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=e7fda950590c5976421bfc5b5694dcadd1281e90 commit e7fda950590c5976421bfc5b5694dcadd1281e90 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-02-18 08:55:48 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-02-18 08:56:12 +0000 [ GLSA 202402-17 ] CUPS: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/847625 Bug: https://bugs.gentoo.org/907675 Bug: https://bugs.gentoo.org/909018 Bug: https://bugs.gentoo.org/914781 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202402-17.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+)