From a04566f30c114d826c3b665665849ac3d847bf6a Mon Sep 17 00:00:00 2001
From: =?utf8?q?Arkadiusz=20Mi=C5=9Bkiewicz?= <arekm@maven.pl>
Date: Sat, 14 Feb 2015 18:14:53 +0100
Subject: [PATCH] - up to 2.0.2; some SECURITY fixes

---
 cups-avahi-no-threaded.patch | 79 +++++++++++++++++++-----------------
 cups-systemd-socket.patch    | 53 ++++++++++++------------
 cups.spec                    |  6 ++-
 3 files changed, 74 insertions(+), 64 deletions(-)

diff --git a/cups-avahi-no-threaded.patch b/cups-avahi-no-threaded.patch
index 9f5e35c..0a8ea62 100644
--- a/cups-avahi-no-threaded.patch
+++ b/cups-avahi-no-threaded.patch
@@ -1,6 +1,6 @@
-diff -up cups-2.0rc1/scheduler/avahi.c.avahi-no-threaded cups-2.0rc1/scheduler/avahi.c
---- cups-2.0rc1/scheduler/avahi.c.avahi-no-threaded	2014-09-12 15:45:28.772280006 +0200
-+++ cups-2.0rc1/scheduler/avahi.c	2014-09-12 15:45:28.772280006 +0200
+diff -up cups-2.0.2/scheduler/avahi.c.KUoOri cups-2.0.2/scheduler/avahi.c
+--- cups-2.0.2/scheduler/avahi.c.KUoOri	2015-02-10 13:47:38.620396709 +0100
++++ cups-2.0.2/scheduler/avahi.c	2015-02-10 13:47:38.620396709 +0100
 @@ -0,0 +1,441 @@
 +/*
 + * "$Id$"
@@ -443,9 +443,9 @@ diff -up cups-2.0rc1/scheduler/avahi.c.avahi-no-threaded cups-2.0rc1/scheduler/a
 +/*
 + * End of "$Id$".
 + */
-diff -up cups-2.0rc1/scheduler/avahi.h.avahi-no-threaded cups-2.0rc1/scheduler/avahi.h
---- cups-2.0rc1/scheduler/avahi.h.avahi-no-threaded	2014-09-12 15:45:28.772280006 +0200
-+++ cups-2.0rc1/scheduler/avahi.h	2014-09-12 15:45:28.772280006 +0200
+diff -up cups-2.0.2/scheduler/avahi.h.KUoOri cups-2.0.2/scheduler/avahi.h
+--- cups-2.0.2/scheduler/avahi.h.KUoOri	2015-02-10 13:47:38.620396709 +0100
++++ cups-2.0.2/scheduler/avahi.h	2015-02-10 13:47:38.620396709 +0100
 @@ -0,0 +1,69 @@
 +/*
 + * "$Id$"
@@ -516,9 +516,9 @@ diff -up cups-2.0rc1/scheduler/avahi.h.avahi-no-threaded cups-2.0rc1/scheduler/a
 +/*
 + * End of "$Id$".
 + */
-diff -up cups-2.0rc1/scheduler/cupsd.h.avahi-no-threaded cups-2.0rc1/scheduler/cupsd.h
---- cups-2.0rc1/scheduler/cupsd.h.avahi-no-threaded	2014-03-21 17:42:53.000000000 +0100
-+++ cups-2.0rc1/scheduler/cupsd.h	2014-09-12 15:47:02.886945551 +0200
+diff -up cups-2.0.2/scheduler/cupsd.h.KUoOri cups-2.0.2/scheduler/cupsd.h
+--- cups-2.0.2/scheduler/cupsd.h.KUoOri	2014-03-21 17:42:53.000000000 +0100
++++ cups-2.0.2/scheduler/cupsd.h	2015-02-10 13:47:38.624396652 +0100
 @@ -119,6 +119,7 @@ extern const char *cups_hstrerror(int);
  #include "colorman.h"
  #include "conf.h"
@@ -572,9 +572,9 @@ diff -up cups-2.0rc1/scheduler/cupsd.h.avahi-no-threaded cups-2.0rc1/scheduler/c
  
  /*
   * End of "$Id: cupsd.h 11717 2014-03-21 16:42:53Z msweet $".
-diff -up cups-2.0rc1/scheduler/dirsvc.c.avahi-no-threaded cups-2.0rc1/scheduler/dirsvc.c
---- cups-2.0rc1/scheduler/dirsvc.c.avahi-no-threaded	2014-05-09 22:57:11.000000000 +0200
-+++ cups-2.0rc1/scheduler/dirsvc.c	2014-09-12 15:45:28.773279992 +0200
+diff -up cups-2.0.2/scheduler/dirsvc.c.KUoOri cups-2.0.2/scheduler/dirsvc.c
+--- cups-2.0.2/scheduler/dirsvc.c.KUoOri	2015-01-30 17:16:12.000000000 +0100
++++ cups-2.0.2/scheduler/dirsvc.c	2015-02-10 13:50:47.131728120 +0100
 @@ -195,7 +195,7 @@ cupsdStartBrowsing(void)
      cupsdUpdateDNSSDName();
  
@@ -656,23 +656,28 @@ diff -up cups-2.0rc1/scheduler/dirsvc.c.avahi-no-threaded cups-2.0rc1/scheduler/
  #  endif /* HAVE_DNSSD */
  
    if (error)
-@@ -1296,12 +1279,10 @@ dnssdStop(void)
+@@ -1296,9 +1279,6 @@ dnssdStop(void)
    DNSSDMaster = NULL;
  
  #  else /* HAVE_AVAHI */
--  avahi_threaded_poll_stop(DNSSDMaster);
+-  if (DNSSDMaster)
+-    avahi_threaded_poll_stop(DNSSDMaster);
 -
-   avahi_client_free(DNSSDClient);
-   DNSSDClient = NULL;
+   if (DNSSDClient)
+   {
+     avahi_client_free(DNSSDClient);
+@@ -1307,7 +1287,7 @@ dnssdStop(void)
  
--  avahi_threaded_poll_free(DNSSDMaster);
-+  avahi_cups_poll_free(DNSSDMaster);
-   DNSSDMaster = NULL;
+   if (DNSSDMaster)
+   {
+-    avahi_threaded_poll_free(DNSSDMaster);
++    avahi_cups_poll_free(DNSSDMaster);
+     DNSSDMaster = NULL;
+   }
  #  endif /* HAVE_DNSSD */
- 
-diff -up cups-2.0rc1/scheduler/dirsvc.h.avahi-no-threaded cups-2.0rc1/scheduler/dirsvc.h
---- cups-2.0rc1/scheduler/dirsvc.h.avahi-no-threaded	2013-05-29 13:51:34.000000000 +0200
-+++ cups-2.0rc1/scheduler/dirsvc.h	2014-09-12 15:45:28.773279992 +0200
+diff -up cups-2.0.2/scheduler/dirsvc.h.KUoOri cups-2.0.2/scheduler/dirsvc.h
+--- cups-2.0.2/scheduler/dirsvc.h.KUoOri	2013-05-29 13:51:34.000000000 +0200
++++ cups-2.0.2/scheduler/dirsvc.h	2015-02-10 13:47:38.640396426 +0100
 @@ -51,7 +51,7 @@ VAR cups_array_t	*DNSSDPrinters	VALUE(NU
  VAR DNSServiceRef	DNSSDMaster	VALUE(NULL);
  					/* Master DNS-SD service reference */
@@ -682,10 +687,10 @@ diff -up cups-2.0rc1/scheduler/dirsvc.h.avahi-no-threaded cups-2.0rc1/scheduler/
  					/* Master polling interface for Avahi */
  VAR AvahiClient		*DNSSDClient	VALUE(NULL);
  					/* Client information */
-diff -up cups-2.0rc1/scheduler/main.c.avahi-no-threaded cups-2.0rc1/scheduler/main.c
---- cups-2.0rc1/scheduler/main.c.avahi-no-threaded	2014-09-12 15:45:28.736280516 +0200
-+++ cups-2.0rc1/scheduler/main.c	2014-09-12 15:47:43.433370643 +0200
-@@ -127,6 +127,10 @@ main(int  argc,				/* I - Number of comm
+diff -up cups-2.0.2/scheduler/main.c.KUoOri cups-2.0.2/scheduler/main.c
+--- cups-2.0.2/scheduler/main.c.KUoOri	2015-02-10 13:40:24.295545063 +0100
++++ cups-2.0.2/scheduler/main.c	2015-02-10 13:47:38.641396412 +0100
+@@ -129,6 +129,10 @@ main(int  argc,				/* I - Number of comm
    int			service_idle_exit;
  					/* Idle exit on select timeout? */
  #endif /* HAVE_LAUNCHD || HAVE_SYSTEMD */
@@ -696,7 +701,7 @@ diff -up cups-2.0rc1/scheduler/main.c.avahi-no-threaded cups-2.0rc1/scheduler/ma
  
  
  #ifdef HAVE_GETEUID
-@@ -569,6 +573,14 @@ main(int  argc,				/* I - Number of comm
+@@ -577,6 +581,14 @@ main(int  argc,				/* I - Number of comm
  
    httpInitialize();
  
@@ -711,7 +716,7 @@ diff -up cups-2.0rc1/scheduler/main.c.avahi-no-threaded cups-2.0rc1/scheduler/ma
    cupsdStartServer();
  
   /*
-@@ -871,6 +883,16 @@ main(int  argc,				/* I - Number of comm
+@@ -883,6 +895,16 @@ main(int  argc,				/* I - Number of comm
      }
  #endif /* __APPLE__ */
  
@@ -728,7 +733,7 @@ diff -up cups-2.0rc1/scheduler/main.c.avahi-no-threaded cups-2.0rc1/scheduler/ma
  #ifndef __APPLE__
     /*
      * Update the network interfaces once a minute...
-@@ -1562,6 +1584,10 @@ select_timeout(int fds)			/* I - Number
+@@ -1574,6 +1596,10 @@ select_timeout(int fds)			/* I - Number
    cupsd_job_t		*job;		/* Job information */
    cupsd_subscription_t	*sub;		/* Subscription information */
    const char		*why;		/* Debugging aid */
@@ -739,7 +744,7 @@ diff -up cups-2.0rc1/scheduler/main.c.avahi-no-threaded cups-2.0rc1/scheduler/ma
  
  
    cupsdLogMessage(CUPSD_LOG_DEBUG2, "select_timeout: JobHistoryUpdate=%ld",
-@@ -1607,6 +1633,19 @@ select_timeout(int fds)			/* I - Number
+@@ -1619,6 +1645,19 @@ select_timeout(int fds)			/* I - Number
    }
  #endif /* __APPLE__ */
  
@@ -759,9 +764,9 @@ diff -up cups-2.0rc1/scheduler/main.c.avahi-no-threaded cups-2.0rc1/scheduler/ma
   /*
    * Check whether we are accepting new connections...
    */
-diff -up cups-2.0rc1/scheduler/Makefile.avahi-no-threaded cups-2.0rc1/scheduler/Makefile
---- cups-2.0rc1/scheduler/Makefile.avahi-no-threaded	2014-08-29 13:27:18.000000000 +0200
-+++ cups-2.0rc1/scheduler/Makefile	2014-09-12 15:48:35.367634265 +0200
+diff -up cups-2.0.2/scheduler/Makefile.KUoOri cups-2.0.2/scheduler/Makefile
+--- cups-2.0.2/scheduler/Makefile.KUoOri	2014-10-21 13:55:01.000000000 +0200
++++ cups-2.0.2/scheduler/Makefile	2015-02-10 13:47:38.646396341 +0100
 @@ -17,6 +17,7 @@ include ../Makedefs
  
  CUPSDOBJS =	\
@@ -780,9 +785,9 @@ diff -up cups-2.0rc1/scheduler/Makefile.avahi-no-threaded cups-2.0rc1/scheduler/
  LIBOBJS =	\
  		filter.o \
  		mime.o \
-diff -up cups-2.0rc1/scheduler/timeout.c.avahi-no-threaded cups-2.0rc1/scheduler/timeout.c
---- cups-2.0rc1/scheduler/timeout.c.avahi-no-threaded	2014-09-12 15:45:28.775279963 +0200
-+++ cups-2.0rc1/scheduler/timeout.c	2014-09-12 15:45:28.775279963 +0200
+diff -up cups-2.0.2/scheduler/timeout.c.KUoOri cups-2.0.2/scheduler/timeout.c
+--- cups-2.0.2/scheduler/timeout.c.KUoOri	2015-02-10 13:47:38.646396341 +0100
++++ cups-2.0.2/scheduler/timeout.c	2015-02-10 13:47:38.646396341 +0100
 @@ -0,0 +1,235 @@
 +/*
 + * "$Id$"
diff --git a/cups-systemd-socket.patch b/cups-systemd-socket.patch
index 7f1b0b2..6d8d60a 100644
--- a/cups-systemd-socket.patch
+++ b/cups-systemd-socket.patch
@@ -1,34 +1,38 @@
-diff -up cups-2.0.1/cups/usersys.c.systemd-socket cups-2.0.1/cups/usersys.c
---- cups-2.0.1/cups/usersys.c.systemd-socket	2014-10-20 20:24:56.000000000 +0200
-+++ cups-2.0.1/cups/usersys.c	2014-11-15 15:19:11.108125832 +0100
-@@ -1078,7 +1078,7 @@ cups_read_client_conf(
+diff -up cups-2.0.2/cups/usersys.c.ustTJg cups-2.0.2/cups/usersys.c
+--- cups-2.0.2/cups/usersys.c.ustTJg	2015-02-10 13:40:24.294545077 +0100
++++ cups-2.0.2/cups/usersys.c	2015-02-10 13:46:56.763989233 +0100
+@@ -1017,7 +1017,7 @@ cups_finalize_client_conf(
      struct stat	sockinfo;		/* Domain socket information */
  
      if (!stat(CUPS_DEFAULT_DOMAINSOCKET, &sockinfo) &&
 -	(sockinfo.st_mode & S_IRWXO) == S_IRWXO)
 +	(sockinfo.st_mode & (S_IROTH | S_IWOTH)) == (S_IROTH | S_IWOTH))
-       cups_server = CUPS_DEFAULT_DOMAINSOCKET;
+       cups_set_server_name(cc, CUPS_DEFAULT_DOMAINSOCKET);
      else
  #endif /* CUPS_DEFAULT_DOMAINSOCKET */
-diff -up cups-2.0.1/scheduler/main.c.systemd-socket cups-2.0.1/scheduler/main.c
---- cups-2.0.1/scheduler/main.c.systemd-socket	2014-11-15 15:19:11.057126510 +0100
-+++ cups-2.0.1/scheduler/main.c	2014-11-15 15:19:11.108125832 +0100
-@@ -661,6 +661,12 @@ main(int  argc,				/* I - Number of comm
+diff -up cups-2.0.2/scheduler/main.c.ustTJg cups-2.0.2/scheduler/main.c
+--- cups-2.0.2/scheduler/main.c.ustTJg	2015-02-10 13:40:24.121547526 +0100
++++ cups-2.0.2/scheduler/main.c	2015-02-10 13:40:24.295545063 +0100
+@@ -658,8 +658,15 @@ main(int  argc,				/* I - Number of comm
+ 
+ #if defined(HAVE_LAUNCHD) || defined(HAVE_SYSTEMD)
+   if (OnDemand)
++  {
      cupsdAddEvent(CUPSD_EVENT_SERVER_STARTED, NULL, NULL, "Scheduler started on demand.");
-   else
+-  else
++# ifdef HAVE_SYSTEMD
++    sd_notifyf(0, "READY=1\n"
++               "STATUS=Scheduler is running...\n"
++               "MAINPID=%lu",
++               (unsigned long) getpid());
++# endif /* HAVE_SYSTEMD */
++  } else
  #endif /* HAVE_LAUNCHD || HAVE_SYSTEMD */
-+#ifdef HAVE_SYSTEMD
-+  sd_notifyf(0, "READY=1\n"
-+             "STATUS=Scheduler is running...\n"
-+             "MAINPID=%lu",
-+             (unsigned long) getpid());
-+#endif /* HAVE_SYSTEMD */
    if (fg)
      cupsdAddEvent(CUPSD_EVENT_SERVER_STARTED, NULL, NULL, "Scheduler started in foreground.");
-   else
-diff -up cups-2.0.1/scheduler/org.cups.cupsd.path.in.systemd-socket cups-2.0.1/scheduler/org.cups.cupsd.path.in
---- cups-2.0.1/scheduler/org.cups.cupsd.path.in.systemd-socket	2014-03-21 15:50:24.000000000 +0100
-+++ cups-2.0.1/scheduler/org.cups.cupsd.path.in	2014-11-15 15:19:11.108125832 +0100
+diff -up cups-2.0.2/scheduler/org.cups.cupsd.path.in.ustTJg cups-2.0.2/scheduler/org.cups.cupsd.path.in
+--- cups-2.0.2/scheduler/org.cups.cupsd.path.in.ustTJg	2014-03-21 15:50:24.000000000 +0100
++++ cups-2.0.2/scheduler/org.cups.cupsd.path.in	2015-02-10 13:40:24.295545063 +0100
 @@ -2,7 +2,7 @@
  Description=CUPS Scheduler
  
@@ -38,9 +42,9 @@ diff -up cups-2.0.1/scheduler/org.cups.cupsd.path.in.systemd-socket cups-2.0.1/s
  
  [Install]
  WantedBy=multi-user.target
-diff -up cups-2.0.1/scheduler/org.cups.cupsd.service.in.systemd-socket cups-2.0.1/scheduler/org.cups.cupsd.service.in
---- cups-2.0.1/scheduler/org.cups.cupsd.service.in.systemd-socket	2014-11-15 15:19:11.109125818 +0100
-+++ cups-2.0.1/scheduler/org.cups.cupsd.service.in	2014-11-15 15:19:56.480528155 +0100
+diff -up cups-2.0.2/scheduler/org.cups.cupsd.service.in.ustTJg cups-2.0.2/scheduler/org.cups.cupsd.service.in
+--- cups-2.0.2/scheduler/org.cups.cupsd.service.in.ustTJg	2014-10-21 13:55:01.000000000 +0200
++++ cups-2.0.2/scheduler/org.cups.cupsd.service.in	2015-02-10 13:40:24.296545049 +0100
 @@ -1,10 +1,11 @@
  [Unit]
  Description=CUPS Scheduler
@@ -48,9 +52,8 @@ diff -up cups-2.0.1/scheduler/org.cups.cupsd.service.in.systemd-socket cups-2.0.
 +After=network.target
  
  [Service]
--ExecStart=@sbindir@/cupsd -l
+ ExecStart=@sbindir@/cupsd -l
 -Type=simple
-+ExecStart=@sbindir@/cupsd -f
 +Type=notify
  
  [Install]
diff --git a/cups.spec b/cups.spec
index ff989ee..758229a 100644
--- a/cups.spec
+++ b/cups.spec
@@ -10,13 +10,13 @@
 Summary(pl.UTF-8):	OgÃ³lny system druku dla Uniksa
 Summary(pt_BR.UTF-8):	Sistema Unix de ImpressÃ£o
 Name:		cups
-Version:	2.0.1
+Version:	2.0.2
 Release:	1
 Epoch:		1
 License:	LGPL v2 (libraries), GPL v2 (the rest)
 Group:		Applications/Printing
 Source0:	http://www.cups.org/software/%{version}/%{name}-%{version}-source.tar.bz2
-# Source0-md5:	7f7c33071035fb20d0879929a42da711
+# Source0-md5:	6e0ea72dbafcf5baaa1cf4178e71096d
 Source1:	%{name}.init
 Source2:	%{name}.pamd
 Source3:	%{name}.logrotate
@@ -458,6 +458,7 @@ fi
 %{_ulibdir}/cups/cgi-bin/*.png
 %{_ulibdir}/cups/cgi-bin/*.txt
 %lang(es) %{_ulibdir}/cups/cgi-bin/es
+%lang(ja) %{_ulibdir}/cups/cgi-bin/ja
 
 %dir %{_ulibdir}/cups/daemon
 %attr(755,root,root) %{_ulibdir}/cups/daemon/cups-deviced
@@ -511,6 +512,7 @@ fi
 %dir %{_datadir}/cups/templates
 %{_datadir}/cups/templates/*.tmpl
 %lang(es) %{_datadir}/cups/templates/es
+%lang(ja) %{_datadir}/cups/templates/ja
 %{_mandir}/man1/cups.1*
 %{_mandir}/man1/cupstestppd.1*
 %{_mandir}/man1/cupstestdsc.1*
-- 
2.44.0