rebase to 2.2.7

substitute default values for invalid job attributes (upstream issues #5229 and #5186)
2018-04-03 16:38:06 +02:00 · 2018-04-03 16:38:06 +02:00 · bdf6254e5b
commit bdf6254e5b
parent 103d634479
9 changed files with 207 additions and 109 deletions
--- a/.gitignore
+++ b/.gitignore
@ -85,3 +85,4 @@ cups-1.4.4-source.tar.bz2
 /cups-2.2.4-source.tar.gz
 /cups-2.2.5-source.tar.gz
 /cups-2.2.6-source.tar.gz
 /cups-2.2.7-source.tar.gz
--- a/cups-avahi-no-threaded.patch
+++ b/cups-avahi-no-threaded.patch
@ -1,6 +1,6 @@
-diff -up cups-2.2.5/scheduler/avahi.c.avahi-no-threaded cups-2.2.5/scheduler/avahi.c
+diff -up cups-2.2.7/scheduler/avahi.c.avahi-no-threaded cups-2.2.7/scheduler/avahi.c
--- cups-2.2.5/scheduler/avahi.c.avahi-no-threaded	2017-10-17 19:03:00.760881016 +0200
+--- cups-2.2.7/scheduler/avahi.c.avahi-no-threaded	2018-04-03 14:27:17.067410826 +0200
-+++ cups-2.2.5/scheduler/avahi.c	2017-10-17 19:03:00.760881016 +0200
+++ cups-2.2.7/scheduler/avahi.c	2018-04-03 14:27:17.067410826 +0200
@@ -0,0 +1,441 @@
 +/*
 + * "$Id$"
@ -443,9 +443,9 @@ diff -up cups-2.2.5/scheduler/avahi.c.avahi-no-threaded cups-2.2.5/scheduler/ava
 +/*
 + * End of "$Id$".
 + */
-diff -up cups-2.2.5/scheduler/avahi.h.avahi-no-threaded cups-2.2.5/scheduler/avahi.h
+diff -up cups-2.2.7/scheduler/avahi.h.avahi-no-threaded cups-2.2.7/scheduler/avahi.h
--- cups-2.2.5/scheduler/avahi.h.avahi-no-threaded	2017-10-17 19:03:00.760881016 +0200
+--- cups-2.2.7/scheduler/avahi.h.avahi-no-threaded	2018-04-03 14:27:17.067410826 +0200
-+++ cups-2.2.5/scheduler/avahi.h	2017-10-17 19:03:00.760881016 +0200
+++ cups-2.2.7/scheduler/avahi.h	2018-04-03 14:27:17.067410826 +0200
@@ -0,0 +1,69 @@
 +/*
 + * "$Id$"
@ -516,9 +516,9 @@ diff -up cups-2.2.5/scheduler/avahi.h.avahi-no-threaded cups-2.2.5/scheduler/ava
 +/*
 + * End of "$Id$".
 + */
-diff -up cups-2.2.5/scheduler/cupsd.h.avahi-no-threaded cups-2.2.5/scheduler/cupsd.h
+diff -up cups-2.2.7/scheduler/cupsd.h.avahi-no-threaded cups-2.2.7/scheduler/cupsd.h
--- cups-2.2.5/scheduler/cupsd.h.avahi-no-threaded	2017-10-13 20:22:26.000000000 +0200
+--- cups-2.2.7/scheduler/cupsd.h.avahi-no-threaded	2018-03-23 04:48:36.000000000 +0100
-+++ cups-2.2.5/scheduler/cupsd.h	2017-10-17 19:03:00.760881016 +0200
+++ cups-2.2.7/scheduler/cupsd.h	2018-04-03 14:27:17.067410826 +0200
@@ -118,6 +118,7 @@ extern const char *cups_hstrerror(int);
 #include "colorman.h"
 #include "conf.h"
@ -570,9 +570,9 @@ diff -up cups-2.2.5/scheduler/cupsd.h.avahi-no-threaded cups-2.2.5/scheduler/cup
 +extern void     cupsdRemoveTimeout (cupsd_timeout_t *timeout);
 +#endif /* HAVE_AVAHI */
 \ No newline at end of file
-diff -up cups-2.2.5/scheduler/dirsvc.c.avahi-no-threaded cups-2.2.5/scheduler/dirsvc.c
+diff -up cups-2.2.7/scheduler/dirsvc.c.avahi-no-threaded cups-2.2.7/scheduler/dirsvc.c
--- cups-2.2.5/scheduler/dirsvc.c.avahi-no-threaded	2017-10-13 20:22:26.000000000 +0200
+--- cups-2.2.7/scheduler/dirsvc.c.avahi-no-threaded	2018-03-23 04:48:36.000000000 +0100
-+++ cups-2.2.5/scheduler/dirsvc.c	2017-10-17 19:05:35.938592292 +0200
+++ cups-2.2.7/scheduler/dirsvc.c	2018-04-03 14:30:13.099422499 +0200
@@ -193,7 +193,7 @@ cupsdStartBrowsing(void)
     cupsdUpdateDNSSDName();
@ -613,21 +613,25 @@ diff -up cups-2.2.5/scheduler/dirsvc.c.avahi-no-threaded cups-2.2.5/scheduler/di
 	  if (!DNSSDClient)
 	  {
-@@ -701,13 +699,7 @@ dnssdDeregisterInstance(
+@@ -701,17 +699,11 @@ dnssdDeregisterInstance(
   *srv = NULL;
 #  else /* HAVE_AVAHI */
 -  if (!from_callback)
 -    avahi_threaded_poll_lock(DNSSDMaster);
 -
   if (*srv)
   {
 -    if (!from_callback)
 -      avahi_threaded_poll_lock(DNSSDMaster);
 -
     avahi_entry_group_free(*srv);
-
+     *srv = NULL;
 -    if (!from_callback)
 -      avahi_threaded_poll_unlock(DNSSDMaster);
   }
 -
 -  if (!from_callback)
 -    avahi_threaded_poll_unlock(DNSSDMaster);
 #  endif /* HAVE_DNSSD */
 }
-@@ -1029,16 +1021,10 @@ dnssdRegisterInstance(
+@@ -1030,16 +1022,10 @@ dnssdRegisterInstance(
   (void)commit;
 #  else /* HAVE_AVAHI */
@ -644,7 +648,7 @@ diff -up cups-2.2.5/scheduler/dirsvc.c.avahi-no-threaded cups-2.2.5/scheduler/di
     cupsdLogMessage(CUPSD_LOG_WARN, "DNS-SD registration of \"%s\" failed: %s",
                     name, dnssdErrorString(avahi_client_errno(DNSSDClient)));
     return (0);
-@@ -1153,9 +1139,6 @@ dnssdRegisterInstance(
+@@ -1154,9 +1140,6 @@ dnssdRegisterInstance(
       cupsdLogMessage(CUPSD_LOG_DEBUG, "DNS-SD commit of \"%s\" failed.",
                       name);
   }
@ -654,7 +658,7 @@ diff -up cups-2.2.5/scheduler/dirsvc.c.avahi-no-threaded cups-2.2.5/scheduler/di
 #  endif /* HAVE_DNSSD */
   if (error)
-@@ -1326,9 +1309,6 @@ dnssdStop(void)
+@@ -1327,9 +1310,6 @@ dnssdStop(void)
   DNSSDMaster = NULL;
 #  else /* HAVE_AVAHI */
@ -664,7 +668,7 @@ diff -up cups-2.2.5/scheduler/dirsvc.c.avahi-no-threaded cups-2.2.5/scheduler/di
   if (DNSSDClient)
   {
     avahi_client_free(DNSSDClient);
-@@ -1337,7 +1317,7 @@ dnssdStop(void)
+@@ -1338,7 +1318,7 @@ dnssdStop(void)
   if (DNSSDMaster)
   {
@ -673,9 +677,9 @@ diff -up cups-2.2.5/scheduler/dirsvc.c.avahi-no-threaded cups-2.2.5/scheduler/di
     DNSSDMaster = NULL;
   }
 #  endif /* HAVE_DNSSD */
-diff -up cups-2.2.5/scheduler/dirsvc.h.avahi-no-threaded cups-2.2.5/scheduler/dirsvc.h
+diff -up cups-2.2.7/scheduler/dirsvc.h.avahi-no-threaded cups-2.2.7/scheduler/dirsvc.h
--- cups-2.2.5/scheduler/dirsvc.h.avahi-no-threaded	2017-10-13 20:22:26.000000000 +0200
+--- cups-2.2.7/scheduler/dirsvc.h.avahi-no-threaded	2018-03-23 04:48:36.000000000 +0100
-+++ cups-2.2.5/scheduler/dirsvc.h	2017-10-17 19:03:00.761881007 +0200
+++ cups-2.2.7/scheduler/dirsvc.h	2018-04-03 14:27:17.068410820 +0200
@@ -49,7 +49,7 @@ VAR cups_array_t	*DNSSDPrinters	VALUE(NU
 VAR DNSServiceRef	DNSSDMaster	VALUE(NULL);
 					/* Master DNS-SD service reference */
@ -685,9 +689,9 @@ diff -up cups-2.2.5/scheduler/dirsvc.h.avahi-no-threaded cups-2.2.5/scheduler/di
 					/* Master polling interface for Avahi */
 VAR AvahiClient		*DNSSDClient	VALUE(NULL);
 					/* Client information */
-diff -up cups-2.2.5/scheduler/main.c.avahi-no-threaded cups-2.2.5/scheduler/main.c
+diff -up cups-2.2.7/scheduler/main.c.avahi-no-threaded cups-2.2.7/scheduler/main.c
--- cups-2.2.5/scheduler/main.c.avahi-no-threaded	2017-10-17 19:03:00.753881074 +0200
+--- cups-2.2.7/scheduler/main.c.avahi-no-threaded	2018-04-03 14:27:17.057410882 +0200
-+++ cups-2.2.5/scheduler/main.c	2017-10-17 19:03:00.761881007 +0200
+++ cups-2.2.7/scheduler/main.c	2018-04-03 14:27:17.069410814 +0200
@@ -131,7 +131,10 @@ main(int  argc,				/* I - Number of comm
   int			service_idle_exit;
 					/* Idle exit on select timeout? */
@ -763,9 +767,9 @@ diff -up cups-2.2.5/scheduler/main.c.avahi-no-threaded cups-2.2.5/scheduler/main
  /*
   * Check whether we are accepting new connections...
   */
-diff -up cups-2.2.5/scheduler/Makefile.avahi-no-threaded cups-2.2.5/scheduler/Makefile
+diff -up cups-2.2.7/scheduler/Makefile.avahi-no-threaded cups-2.2.7/scheduler/Makefile
--- cups-2.2.5/scheduler/Makefile.avahi-no-threaded	2017-10-13 20:22:26.000000000 +0200
+--- cups-2.2.7/scheduler/Makefile.avahi-no-threaded	2018-03-23 04:48:36.000000000 +0100
-+++ cups-2.2.5/scheduler/Makefile	2017-10-17 19:03:00.762880999 +0200
+++ cups-2.2.7/scheduler/Makefile	2018-04-03 14:27:17.069410814 +0200
@@ -15,6 +15,7 @@ include ../Makedefs
 CUPSDOBJS =	\
@ -784,9 +788,9 @@ diff -up cups-2.2.5/scheduler/Makefile.avahi-no-threaded cups-2.2.5/scheduler/Ma
 LIBOBJS =	\
 		filter.o \
 		mime.o \
-diff -up cups-2.2.5/scheduler/timeout.c.avahi-no-threaded cups-2.2.5/scheduler/timeout.c
+diff -up cups-2.2.7/scheduler/timeout.c.avahi-no-threaded cups-2.2.7/scheduler/timeout.c
--- cups-2.2.5/scheduler/timeout.c.avahi-no-threaded	2017-10-17 19:03:00.762880999 +0200
+--- cups-2.2.7/scheduler/timeout.c.avahi-no-threaded	2018-04-03 14:27:17.069410814 +0200
-+++ cups-2.2.5/scheduler/timeout.c	2017-10-17 19:03:00.762880999 +0200
+++ cups-2.2.7/scheduler/timeout.c	2018-04-03 14:27:17.069410814 +0200
@@ -0,0 +1,235 @@
 +/*
 + * "$Id$"
--- a/cups-dbus_crash.patch
+++ b/cups-dbus_crash.patch
@ -1,28 +0,0 @@
 diff --git a/scheduler/ipp.c b/scheduler/ipp.c
 index 02dc392..9aa8b80 100644
 --- a/scheduler/ipp.c
 +++ b/scheduler/ipp.c
@@ -1636,6 +1636,14 @@ add_job(cupsd_client_t  *con,		/* I - Client connection */
     return (NULL);
   }
 +  if (attr && !ippValidateAttribute(attr))
 +  {
 +    send_ipp_status(con, IPP_ATTRIBUTES, _("Bad requesting-user-name value: %s"), cupsLastErrorString());
 +    if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)
 +      attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;
 +    return (NULL);
 +  }
 +
 #ifdef WITH_LSPP
   if (is_lspp_config())
   {
@@ -1736,6 +1744,8 @@ add_job(cupsd_client_t  *con,		/* I - Client connection */
   }
 #endif /* WITH_LSPP */
 +
 +
   if ((job = cupsdAddJob(priority, printer->name)) == NULL)
   {
     send_ipp_status(con, IPP_INTERNAL_ERROR,
--- a/cups-moved-logs.patch
+++ b/cups-moved-logs.patch
@ -1,21 +0,0 @@
 diff -up cups-2.2.6/scheduler/log.c.moved-logs cups-2.2.6/scheduler/log.c
 --- cups-2.2.6/scheduler/log.c.moved-logs	2018-02-06 14:24:32.857387592 +0100
 +++ cups-2.2.6/scheduler/log.c	2018-02-06 14:24:32.917387049 +0100
@@ -979,7 +979,7 @@ cupsdLogPage(cupsd_job_t *job,		/* I - J
   *bufptr = '\0';
 #ifdef HAVE_SYSTEMD_SD_JOURNAL_H
 -  if (!strcmp(ErrorLog, "syslog"))
 +  if (!strcmp(PageLog, "syslog"))
   {
     static const char * const job_states[] =
     {					/* job-state strings */
@@ -1176,7 +1176,7 @@ cupsdLogRequest(cupsd_client_t *con,	/*
   }
 #ifdef HAVE_SYSTEMD_SD_JOURNAL_H
 -  if (!strcmp(ErrorLog, "syslog"))
 +  if (!strcmp(AccessLog, "syslog"))
   {
     sd_journal_print(LOG_INFO, "REQUEST %s - %s \"%s %s HTTP/%d.%d\" %d " CUPS_LLFMT " %s %s", con->http->hostname, con->username[0] != '\0' ? con->username : "-", states[con->operation], _httpEncodeURI(temp, con->uri, sizeof(temp)), con->http->version / 100, con->http->version % 100, code, CUPS_LLCAST con->bytes, con->request ? ippOpString(con->request->request.op.operation_id) : "-", con->response ? ippErrorString(con->response->request.status.status_code) : "-");
     return (1);
--- a/cups-str3382.patch
+++ b/cups-str3382.patch
@ -1,7 +1,7 @@
-diff -up cups-2.0rc1/cups/tempfile.c.str3382 cups-2.0rc1/cups/tempfile.c
+diff -up cups-2.2.7/cups/tempfile.c.str3382 cups-2.2.7/cups/tempfile.c
--- cups-2.0rc1/cups/tempfile.c.str3382	2014-07-31 02:58:00.000000000 +0200
+--- cups-2.2.7/cups/tempfile.c.str3382	2018-03-23 04:48:36.000000000 +0100
-+++ cups-2.0rc1/cups/tempfile.c	2014-09-12 14:06:42.560887827 +0200
+++ cups-2.2.7/cups/tempfile.c	2018-04-03 14:21:54.567221492 +0200
-@@ -27,6 +27,7 @@
+@@ -25,6 +25,7 @@
 #  include <io.h>
 #else
 #  include <unistd.h>
@ -10,7 +10,7 @@ diff -up cups-2.0rc1/cups/tempfile.c.str3382 cups-2.0rc1/cups/tempfile.c
@@ -48,7 +49,7 @@ cupsTempFd(char *filename,		/* I - Point
-   char		tmppath[1024];		/* Windows temporary directory */
+ #ifdef WIN32
   DWORD		curtime;		/* Current time */
 #else
 -  struct timeval curtime;		/* Current time */
@ -18,7 +18,7 @@ diff -up cups-2.0rc1/cups/tempfile.c.str3382 cups-2.0rc1/cups/tempfile.c
 #endif /* WIN32 */
-@@ -98,32 +99,24 @@ cupsTempFd(char *filename,		/* I - Point
+@@ -114,32 +115,24 @@ cupsTempFd(char *filename,		/* I - Point
     */
     snprintf(filename, (size_t)len - 1, "%s/%05lx%08lx", tmpdir, GetCurrentProcessId(), curtime);
--- a/cups-substitute-bad-attrs.patch
+++ b/cups-substitute-bad-attrs.patch
@ -0,0 +1,141 @@
 diff -up cups-2.2.7/scheduler/ipp.c.substitute-bad-attrs cups-2.2.7/scheduler/ipp.c
 --- cups-2.2.7/scheduler/ipp.c.substitute-bad-attrs	2018-04-03 15:55:45.974344993 +0200
 +++ cups-2.2.7/scheduler/ipp.c	2018-04-03 16:15:06.723859881 +0200
@@ -164,6 +164,7 @@ cupsdProcessIPPRequest(
   ipp_attribute_t	*uri = NULL;	/* Printer or job URI attribute */
   ipp_attribute_t	*username;	/* requesting-user-name attr */
   int			sub_id;		/* Subscription ID */
 +  int			valid = 1;	/* Valid request? */
   cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdProcessIPPRequest(%p[%d]): operation_id=%04x(%s)", con, con->number, con->request->request.op.operation_id, ippOpString(con->request->request.op.operation_id));
@@ -423,20 +424,55 @@ cupsdProcessIPPRequest(
       else
       {
        /*
 -	* OK, all the checks pass so far; make sure requesting-user-name is
 -	* not "root" from a remote host...
 +	* OK, all the checks pass so far; validate "requesting-user-name"
 +	* attribute value...
 	*/
 -        if ((username = ippFindAttribute(con->request, "requesting-user-name",
 -	                                 IPP_TAG_NAME)) != NULL)
 -	{
 -	 /*
 -	  * Check for root user...
 -	  */
 -
 -	  if (!strcmp(username->values[0].string.text, "root") &&
 -	      _cups_strcasecmp(con->http->hostname, "localhost") &&
 -	      strcmp(con->username, "root"))
 +        if ((username = ippFindAttribute(con->request, "requesting-user-name", IPP_TAG_ZERO)) != NULL)
 +        {
 +         /*
 +          * Validate "requesting-user-name"...
 +          */
 +
 +          if (username->group_tag != IPP_TAG_OPERATION && StrictConformance)
 +          {
 +	    cupsdAddEvent(CUPSD_EVENT_SERVER_AUDIT, NULL, NULL, "%04X %s \"requesting-user-name\" attribute in wrong group.", IPP_STATUS_ERROR_BAD_REQUEST, con->http->hostname);
 +	    send_ipp_status(con, IPP_STATUS_ERROR_BAD_REQUEST, _("\"requesting-user-name\" attribute in wrong group."));
 +	    valid = 0;
 +          }
 +          else if (username->value_tag != IPP_TAG_NAME && username->value_tag != IPP_TAG_NAMELANG)
 +          {
 +	    cupsdAddEvent(CUPSD_EVENT_SERVER_AUDIT, NULL, NULL, "%04X %s \"requesting-user-name\" attribute with wrong syntax.", IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, con->http->hostname);
 +	    send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("\"requesting-user-name\" attribute with wrong syntax."));
 +	    if ((attr = ippCopyAttribute(con->response, username, 0)) != NULL)
 +	      attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;
 +	    valid = 0;
 +          }
 +          else if (!ippValidateAttribute(username))
 +          {
 +	    cupsdAddEvent(CUPSD_EVENT_SERVER_AUDIT, NULL, NULL, "%04X %s \"requesting-user-name\" attribute with bad value.", IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, con->http->hostname);
 +
 +            if (StrictConformance)
 +            {
 +             /*
 +              * Throw an error...
 +              */
 +
 +	      send_ipp_status(con, IPP_STATUS_ERROR_ATTRIBUTES_OR_VALUES, _("\"requesting-user-name\" attribute with wrong syntax."));
 +              if ((attr = ippCopyAttribute(con->response, username, 0)) != NULL)
 +                attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;
 +	      valid = 0;
 +	    }
 +	    else
 +	    {
 +	     /*
 +	      * Map bad "requesting-user-name" to 'anonymous'...
 +	      */
 +
 +              ippSetString(con->request, &username, 0, "anonymous");
 +	    }
 +          }
 +          else if (!strcmp(username->values[0].string.text, "root") && _cups_strcasecmp(con->http->hostname, "localhost") && strcmp(con->username, "root"))
 	  {
 	   /*
 	    * Remote unauthenticated user masquerading as local root...
@@ -452,6 +488,8 @@ cupsdProcessIPPRequest(
 	else
 	  sub_id = 0;
 +        if (valid)
 +        {
        /*
         * Then try processing the operation...
 	*/
@@ -655,6 +693,7 @@ cupsdProcessIPPRequest(
 			      ippOpString(
 			          con->request->request.op.operation_id));
 	      break;
 +        }
 	}
       }
     }
@@ -1615,27 +1654,34 @@ add_job(cupsd_client_t  *con,		/* I - Cl
                     _("Bad job-name value: Wrong type or count."));
     if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)
       attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;
 -    return (NULL);
 +
 +    if (StrictConformance)
 +      return (NULL);
 +
 +    /* Don't use invalid attribute */
 +    ippDeleteAttribute(con->request, attr);
 +
 +    ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "job-name", NULL, "Untitled");
   }
   else if (!ippValidateAttribute(attr))
   {
     send_ipp_status(con, IPP_ATTRIBUTES, _("Bad job-name value: %s"),
                     cupsLastErrorString());
 +
     if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)
       attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;
 -    return (NULL);
 -  }
 -  attr = ippFindAttribute(con->request, "requesting-user-name", IPP_TAG_NAME);
 +    if (StrictConformance)
 +      return (NULL);
 -  if (attr && !ippValidateAttribute(attr))
 -  {
 -    send_ipp_status(con, IPP_ATTRIBUTES, _("Bad requesting-user-name value: %s"), cupsLastErrorString());
 -    if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)
 -      attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;
 -    return (NULL);
 +    /* Don't use invalid attribute */
 +    ippDeleteAttribute(con->request, attr);
 +
 +    ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "job-name", NULL, "Untitled");
   }
 +  attr = ippFindAttribute(con->request, "requesting-user-name", IPP_TAG_NAME);
 +
 #ifdef WITH_LSPP
   if (is_lspp_config())
   {
--- a/cups-systemd-socket.patch
+++ b/cups-systemd-socket.patch
@ -1,6 +1,6 @@
-diff -up cups-2.2.5/scheduler/main.c.systemd-socket cups-2.2.5/scheduler/main.c
+diff -up cups-2.2.7/scheduler/main.c.systemd-socket cups-2.2.7/scheduler/main.c
--- cups-2.2.5/scheduler/main.c.systemd-socket	2017-10-17 18:59:53.732431498 +0200
+--- cups-2.2.7/scheduler/main.c.systemd-socket	2018-04-03 14:23:12.128786025 +0200
-+++ cups-2.2.5/scheduler/main.c	2017-10-17 19:02:13.132275861 +0200
+++ cups-2.2.7/scheduler/main.c	2018-04-03 14:23:12.148785913 +0200
@@ -691,8 +691,16 @@ main(int  argc,				/* I - Number of comm
 #ifdef HAVE_ONDEMAND
@ -19,9 +19,9 @@ diff -up cups-2.2.5/scheduler/main.c.systemd-socket cups-2.2.5/scheduler/main.c
 #endif /* HAVE_ONDEMAND */
   if (fg)
     cupsdAddEvent(CUPSD_EVENT_SERVER_STARTED, NULL, NULL, "Scheduler started in foreground.");
-diff -up cups-2.2.5/scheduler/org.cups.cupsd.path.in.systemd-socket cups-2.2.5/scheduler/org.cups.cupsd.path.in
+diff -up cups-2.2.7/scheduler/org.cups.cupsd.path.in.systemd-socket cups-2.2.7/scheduler/org.cups.cupsd.path.in
--- cups-2.2.5/scheduler/org.cups.cupsd.path.in.systemd-socket	2017-10-13 20:22:26.000000000 +0200
+--- cups-2.2.7/scheduler/org.cups.cupsd.path.in.systemd-socket	2018-03-23 04:48:36.000000000 +0100
-+++ cups-2.2.5/scheduler/org.cups.cupsd.path.in	2017-10-17 18:59:53.732431498 +0200
+++ cups-2.2.7/scheduler/org.cups.cupsd.path.in	2018-04-03 14:23:12.148785913 +0200
@@ -3,7 +3,7 @@ Description=CUPS Scheduler
 PartOf=org.cups.cupsd.service
@ -31,9 +31,9 @@ diff -up cups-2.2.5/scheduler/org.cups.cupsd.path.in.systemd-socket cups-2.2.5/s
 [Install]
 WantedBy=multi-user.target
-diff -up cups-2.2.5/scheduler/org.cups.cupsd.service.in.systemd-socket cups-2.2.5/scheduler/org.cups.cupsd.service.in
+diff -up cups-2.2.7/scheduler/org.cups.cupsd.service.in.systemd-socket cups-2.2.7/scheduler/org.cups.cupsd.service.in
--- cups-2.2.5/scheduler/org.cups.cupsd.service.in.systemd-socket	2017-10-13 20:22:26.000000000 +0200
+--- cups-2.2.7/scheduler/org.cups.cupsd.service.in.systemd-socket	2018-04-03 14:23:12.148785913 +0200
-+++ cups-2.2.5/scheduler/org.cups.cupsd.service.in	2017-10-17 18:59:53.732431498 +0200
+++ cups-2.2.7/scheduler/org.cups.cupsd.service.in	2018-04-03 14:25:16.312088802 +0200
@@ -1,10 +1,11 @@
 [Unit]
 Description=CUPS Scheduler
@ -44,6 +44,6 @@ diff -up cups-2.2.5/scheduler/org.cups.cupsd.service.in.systemd-socket cups-2.2.
 ExecStart=@sbindir@/cupsd -l
 -Type=simple
 +Type=notify
 Restart=always
 [Install]
 Also=org.cups.cupsd.socket org.cups.cupsd.path
--- a/cups.spec
+++ b/cups.spec
@ -14,8 +14,8 @@
 Summary: CUPS printing system
 Name: cups
 Epoch: 1
-Version: 2.2.6
+Version: 2.2.7
-Release: 13%{?dist}
+Release: 1%{?dist}
 License: GPLv2
 Url: http://www.cups.org/
 Source0: https://github.com/apple/cups/releases/download/v%{VERSION}/cups-%{VERSION}-source.tar.gz
@ -61,8 +61,7 @@ Patch35: cups-ipp-multifile.patch
 Patch36: cups-web-devices-timeout.patch
 Patch37: cups-synconclose.patch
 Patch38: cups-ypbind.patch
-Patch39: cups-moved-logs.patch
+Patch39: cups-substitute-bad-attrs.patch
 Patch40: cups-dbus_crash.patch
 Patch100: cups-lspp.patch
@ -264,10 +263,8 @@ Sends IPP requests to the specified URI and tests and/or displays the results.
 %patch100 -p1 -b .lspp
 %endif
-# Move log files into journal (bug #1519331)
+# substitute default values for invalid job attributes (upstream issues #5229 and #5186)
-%patch39 -p1 -b .moved-logs
+%patch39 -p1 -b .substitute-bad-attrs
 %patch40 -p1 -b .dbus_notify
 sed -i -e '1iMaxLogSize 0' conf/cupsd.conf.in
@ -659,6 +656,10 @@ rm -f %{cups_serverbin}/backend/smb
 %{_mandir}/man5/ipptoolfile.5.gz
 %changelog
 * Tue Apr 03 2018 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.2.7-1
 - rebase to 2.2.7 
 - substitute default values for invalid job attributes (upstream issues #5229 and #5186)
 * Thu Mar 29 2018 Pavel Zhukov <pzhukov@redhat.com> - 1:2.2.6-13
 - Use dbus fix instead of general attr delete (upstream)
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (cups-2.2.6-source.tar.gz) = 52aa26acf5d38de5a4867c70f5b3006cb84fe5b362876c2f907872107bbac3d95fb249389546745249ad24d032963ac2d70f98a0884427a974c5bc4edc199c45
+SHA512 (cups-2.2.7-source.tar.gz) = 780a6a484f38967ff678456ec7b532aa8445a9562663e4e4f6f7a24aac6ec9e8eae36459ee3c025dff053d59ad1d9ecfb823e8a832bae9d384db3d1a10d8860e
`@ -1 +1 @@`
	`SHA512 (cups-2.2.6-source.tar.gz) = 52aa26acf5d38de5a4867c70f5b3006cb84fe5b362876c2f907872107bbac3d95fb249389546745249ad24d032963ac2d70f98a0884427a974c5bc4edc199c45`	`SHA512 (cups-2.2.7-source.tar.gz) = 780a6a484f38967ff678456ec7b532aa8445a9562663e4e4f6f7a24aac6ec9e8eae36459ee3c025dff053d59ad1d9ecfb823e8a832bae9d384db3d1a10d8860e`