v2.4.11

CUPS 2.4.11 brings several bug fixes regarding IPP response validation, processing PPD values, Web UI support (checkbox support, modifying printers) and others fixes.

Detailed list of changes is available in CHANGES.md

Enjoy!

v2.4.10

CUPS 2.4.10 brings two fixes:

• Fixed error handling when reading a mixed 1setOf attribute.
• Fixed scheduler start if there is only domain socket to listen on (Issue #985)

which the latter is fix for regression after fix for CVE-2024-35235 in scenarios where is no other listeners in cupsd.conf than domain socket created on demand by systemd, launchd or upstart.

Enjoy!

v2.4.9

CUPS 2.4.9 brings security fix for CVE-2024-35235 and several bug fixes regarding CUPS Web User Interface, PPD generation and HTTP protocol implementation.

Detailed list of changes is available in CHANGES.md.

Enjoy!

v2.4.8

CUPS 2.4.8 brings many bug fixes which aggregated over the last half a year. It brings the important fix for race conditions and errors which can happen when installing permanent IPP Everywhere printer, support for PAM modules password-auth and system-auth and new option for lpstat which can show only the successful jobs.

Detailed list of changes is available in CHANGES.md.

Enjoy!

v2.4.7

CUPS 2.4.7 is released to ship the fix for CVE-2023-4504 and several other changes, among them it is adding OpenSSL support for cupsHashData function and bug fixes.

Detailed list:

• CVE-2023-4504 - Fixed Heap-based buffer overflow when reading Postscript
  in PPD files
• Added OpenSSL support for cupsHashData (Issue #762)
• Fixed delays in lpd backend (Issue #741)
• Fixed extensive logging in scheduler (Issue #604)
• Fixed hanging of lpstat on IBM AIX (Issue #773)
• Fixed hanging of lpstat on Solaris (Issue #156)
• Fixed printing to stderr if we can't open cups-files.conf (Issue #777)
• Fixed purging job files via cancel -x (Issue #742)
• Fixed RFC 1179 port reserving behavior in LPD backend (Issue #743)
• Fixed a bug in the PPD command interpretation code (Issue #768)

Enjoy the new release!

v2.4.6

CUPS 2.4.6 is released to ship the fix for the latest CVE - CVE-2023-34241 - and two other bug fixes.

Detailed list:

• Fix linking error on old MacOS (Issue #715)
• Fix printing multiple files on specific printers (Issue #643)
• Fix use-after-free when logging warnings in case of failures in cupsdAcceptClient() (fixes CVE-2023-34241)

v2.4.5

CUPS 2.4.5 is a hotfix release for a bug which corrupted locally saved certificates, which broke secured printing via TLS after the first print job.

We're sorry for the inconvenience and enjoy the hotfix!

v2.4.4

CUPS 2.4.4 release is created as a hotfix for segfault in cupsGetNamedDest(), when caller tries to find the default destination and the default destination is not set on the machine.

I'm sorry for inconvenience and enjoy the hotfix!

v2.4.3

CUPS 2.4.3 brings fix for CVE-2023-32324, several improvements and many bug fixes. CUPS now implements fallback for printers with broken firmware, which is not capable of answering to IPP request get-printer-attributes with all, media-col-database - this enables driverless support for bunch of printers which don't follow IPP Everywhere standard. Aside from the CVE fix the most important fixes are around color settings, printer application support fixes and OpenSSL support.

Detailed list of changes:

• Added a title with device uri for found network printers (Issues #402, #393)
• Added new media sizes defined by IANA (Issues #501)
• Added quirk for GoDEX label printers (Issue #440)
• Fixed --enable-libtool-unsupported (Issue #394)
• Fixed configuration on RISC-V machines (Issue #404)
• Fixed the device_uri invalid pointer for driverless printers with .local
  hostname (Issue #419)
• Fixed an OpenSSL crash bug (Issue #409)
• Fixed a potential SNMP OID value overflow issue (Issue #431)
• Fixed an OpenSSL certificate loading issue (Issue #465)
• Fixed Brazilian Portuguese translations (Issue #288)
• Fixed cupsd default keychain location when building with OpenSSL
  (Issue #529)
• Fixed default color settings for CMYK printers as well (Issue #500)
• Fixed duplicate PPD2IPP media-type names (Issue #688)
• Fixed possible heap buffer overflow in _cups_strlcpy() (fixes CVE-2023-32324)
• Fixed InputSlot heuristic for photo sizes smaller than 5x7" if there is no
  media-source in the request (Issue #569)
• Fixed invalid memory access during generating IPP Everywhere queue
  (Issue #466)
• Fixed lprm if no destination is provided (Issue #457)
• Fixed memory leaks in create_local_bg_thread() (Issue #466)
• Fixed media size tolerance in ippeveprinter (Issue #487)
• Fixed passing command name without path into ippeveprinter (Issue #629)
• Fixed saving strings file path in printers.conf (Issue #710)
• Fixed TLS certificate generation bugs (Issue #652)
• ippDeleteValues would not delete the last value (Issue #556)
• Ignore some of IPP defaults if the application sends its PPD alternative
  (Issue #484)
• Make Letter the default size in ippevepcl (Issue #543)
• Now accessing Admin page in Web UI requires authentication (Issue #518)
• Now look for default printer on network if needed (Issue #452)
• Now we poll media-col-database separately if we fail at first (Issue #599)
• Now report fax attributes and values as needed (Issue #459)
• Now localize HTTP responses using the Content-Language value (Issue #426)
• Raised file size limit for importing PPD via Web UI (Issue #433)
• Raised maximum listen backlog size to INT MAX (Issue #626)
• Update print-color-mode if the printer is modified via ColorModel PPD option
  (Issue #451)
• Use localhost when printing via printer application (Issue #353)
• Write defaults into /etc/cups/lpoptions if we're root (Issue #456)

Enjoy! :)

v2.4.2

CUPS 2.4.2 brings the fix for CVE-2022-26691, together with LibreSSL/OpenSSL and minimal AIX support. There are lots of bug fixes as well, feel free to check the list of changes:

• Fixed certificate strings comparison for Local authorization (CVE-2022-26691)
• The cupsFileOpen function no longer opens files for append in read-write
  mode (Issue #291)
• The cupsd daemon removed processing temporary queue (Issue #364)
• Fixed delay in IPP backend if GNUTLS is used and endpoint doesn't confirm
  closing the connection (Issue #365)
• Fixed conditional jump based on uninitialized value in cups/ppd.c (Issue #329)
• Fixed CSS related issues in CUPS Web UI (Issue #344)
• Fixed copyright in CUPS Web UI trailer template (Issue #346)
• mDNS hostname in device uri is not resolved when installaling a permanent
  IPP Everywhere queue (Issues #340, #343)
• The lpstat command now reports when the scheduler is not running
  (Issue #352)
• Updated the man pages concerning the -h option (Issue #357)
• Re-added LibreSSL/OpenSSL support (Issue #362)
• Updated the Solaris smf service file (Issue #368)
• Fixed a regression in lpoptions option support (Issue #370)
• The scheduler now regenerates the PPD cache information after changing the
  "cupsd.conf" file (Issue #371)
• Updated the scheduler to set "auth-info-required" to "username,password" if a
  backend reports it needs authentication info but doesn't set a method for
  authentication (Issue #373)
• Updated the configure script to look for the OpenSSL library the old way if
  pkg-config is not available (Issue #375)
• Fixed the prototype for the httpWriteResponse function (Issue #380)
• Brought back minimal AIX support (Issue #389)
• cupsGetResponse did not always set the last error.
• Fixed a number of old references to the Apple CUPS web page.
• Restored the default/generic printer icon file for the web interface.
• Removed old stylesheet classes that are no longer used by the web
  interface.

Enjoy the new CUPS release!