7.34. cups

Updated cups packages that fix several bugs and add two enhancements are now available for Red Hat Enterprise Linux 6.
The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems.

Bug Fixes

Incorrect reference for PageLogFormat in HTML documentation has been corrected, and PageLogFormat documentation is now accessible.
Documentation for the operation of the CUPS Line Printer Daemon back-end "sanitize_title" option has been amended and now describes the option clearly.
BZ#1145064, BZ#1178370
Due to a problem with HTTP multipart handling in the CUPS scheduler, some browsers did not work as expected when attempting to add a printer using the web interface. A change from a later version has been backported enabling adding printers in all browsers without problems.
It was not possible to disable Secure Sockets Layer (SSLv3) and keep other secure protocols enabled in CUPS. This left CUPS users vulnerable to the POODLE attack (CVE-2014-3566), and needing to deploy the stunnel utility for mitigation. This update disables SSLv3 support by default. For users who need to continue using SSLv3, an SSLOptions configuration directive has been added to the cupsd.conf file for the cupsd service and to the client.conf file for the client programs.
When the BrowsePoll configuration directive was used and the remote server configured for polling forbade access, the cups-polld process retried accessing immediately in a busy loop. The process consumed all processor time and increased network traffic. With this update, a mandatory delay of ten seconds has been introduced to prevent that. Affected users should also fix their configuration by removing the BrowsePoll line for the server, or adjusting the server to allow remote queries.
The CUPS scheduler incorrectly assumed the print queue still existed when there were only implicit classes with all members deleted due to being unresponsive. When sending a job using separate Create-Job and Send-Document requests to an implicit class whose members were being deleted, the CUPS scheduler terminated unexpectedly with a NULL dereference. The scheduler has been amended to respond with an error instead of crashing in this case.
A missing NULL check in job processing code caused the CUPS scheduler to terminate unexpectedly when a job with more than one file aborted due to a filter failure. This update adds the check to prevent the CUPS scheduler from crashing in the described situation.
The ErrorPolicy configuration directive was not validated on startup, and an unintended default error policy could be used without a warning. The directive is now validated on startup and reset to the default if the configured value is incorrect. The intended policy is used, or a warning message is logged.
Due to an incomplete fix in a prior update, some environment variables were not correctly set on startup, which led to SELinux denials. The remainder of the original fix has been added, and the variables are now set correctly on startup.


It is now possible to direct jobs to a single printer with failover to other printers instead of using load balancing among printers that is built into CUPS. Jobs can be directed to the first working printer of a set, the preferred printer, with other printers used only if the preferred one is unavailable.
Description of the ErrorPolicy directive with supported values has been added to the cupsd.conf(5) man page. The ErrorPolicy directive defines the default policy used when a back end is unable to send a print job to the printer.
Users of CUPS are advised to upgrade to these updated packages, which fix these bugs and add these enhancements. After installing this update, the cupsd service will be restarted automatically.