30 Mar 2010CUPS 1.4.3

CUPS 1.4.3 is now available for download from:

http://www.cups.org/software.html

The new release fixes two security-related bugs along with several CUPS API, PPD compiler, status reporting, and web interface issues. Changes include:

• SECURITY: The scheduler could try responding on a closed client connection, leading to a crash (Issue #3200)
• SECURITY: The lppasswd program allowed the localization files to be overridden when running in setuid mode (Issue #3482)
• Localization updates (Issue #3352, Issue #3409, Issue #3422, Issue #3452, Issue #3473, Issue #3502)
• Documentation updates (Issue #3451, Issue #3504)
• The IPP backend now sets the printer-state-message to “Ready to print.” at the end of a successful job (Issue #3460)
• The PPD compiler did not correctly add the manufacturer to the output filename when using the “-m” option (Issue #3469)
• The IPP backend did not handle authentication properly for the Get- Printer-Attributes operation (STR 3458)
• Getting SNMP values larger than 127 bytes did not work.
• IPP conformance: Get-Jobs has a default value for requested-attributes (Issue #3383)
• cupsPrintFiles() did not report all errors (Issue #3449)
• cupsAddDest() could read freed memory (Issue #3448)
• The DBUS notifier did not build (Issue #3447)
• The scheduler would crash when an active printer was deleted.
• The snmp backend did not work with some printers (Issue #3413)
• The web interface did not show the conflicting values when setting options (Issue #3440)
• Setting options in the web interface did not always work (Issue #3439)
• The scheduler did not use the Get-Job-Attributes policy for a printer (Issue #3431)
• The scheduler added two job-name attributes to each job object (Issue #3428)
• CSS files would not print (Issue #3442)
• The scheduler did not clean out completed jobs when PreserveJobHistory was turned off (Issue #3425)
• The web interface did not show completed jobs for a printer (Issue #3436)
• Authenticated printing did not always work when printing directly to a remote server (Issue #3435)
• The USB backend did not work on Solaris (Issue #3423)
• cupstestppd didn’t catch problems with JobPatchFile definitions (Issue #3421)
• The socket backend could crash if a SNMP string had a negative length.
• Fixed some termination issues with the USB backend on Mac OS X.
• The side-channel APIs did not handle interrupts properly.
• The network backends incorrectly cleared the media-empty-warning state.
• The web interface did not allow users to successfully add serial printers (Issue #3391)
• cupsTempFd() did not work in some situations (Issue #3382)
• Some C API headers were missing C++ wrapper logic.
• The PPD compiler did not localize single-language PPD options properly (Issue #3386)
• Modifying a printer from the web interface sometimes caused the wrong driver to be selected (Issue #3418)
• The scheduler did not handle out-of-memory conditions properly when loading a job (Issue #3407)
• When adding printers from the web interface, the dynamic updates of the device list made it hard to pick a device (Issue #3406)
• Fixed a typo in the web interface admin page template (STR 3403)
• The web interface did not preserve the “printer is shared” state when modifying a printer (Issue #3390)
• The PPD compiler incorrectly inserted translations of empty strings (Issue #3411)
• The scheduler did not reset the SIGPIPE handler of child processes (Issue #3399)
• cupsGetNamedDest() incorrectly returned the default printer if the named printer did not exist (Issue #3397)
• Fixed a GNU TLS error handling bug (Issue #3381)

Enjoy!