On Fri, Nov 12, 2010 at 14:16:13 +0100, Moritz Muehlenhoff wrote:
> Please unblock package cups. It fixes CVE-2010-2941.
>
> unblock cups/1.4.4-7
>
diff -u cups-1.4.4/debian/cups.preinst cups-1.4.4/debian/cups.preinst
--- cups-1.4.4/debian/cups.preinst
+++ cups-1.4.4/debian/cups.preinst
@@ -76,10 +60,10 @@
rm -f /usr/share/ppd/1-local-admin /usr/share/ppd/2-third-party
fi
- # blacklist was installed for some weeks (intra-squeeze and karmic),
- # remove it again (now USB backend works with both)
- if dpkg --compare-versions "$2" lt-nl '1.4.1-4'; then
- rm -f /etc/modprobe.d/blacklist-cups.conf
+ # On Ubuntu, replace the obsolete init script (replaced by an upstart job)
+ if [ "`lsb_release -is 2>/dev/null`" = "Ubuntu" ] && [ ! -L /etc/init.d/cups ] && dpkg --compare-versions "$2" le-nl "1.4.4-6"; then
+ rm_conffile cups /etc/init.d/cups
+ update-rc.d cups remove
fi
;;
Running lsb_release in preinst seems both wrong (lsb_release isn't
Essential) and unnecessary (you know at build time whether you're
building for ubuntu, so don't need a runtime check). Can this be fixed
please?
Cheers,
Julien
Attachment:
signature.asc
Description: Digital signature