use poppler for xerox printers

.fmf/version

@@ -1 +0,0 @@
-1

.gitignore

@@ -1 +1,72 @@
-/cups-filters-*.tar.gz
+/cups-filters-1.0.20.tar.xz
+/cups-filters-1.0.22.tar.xz
+/cups-filters-1.0.23.tar.xz
+/cups-filters-1.0.24.tar.xz
+/cups-filters-1.0.25.tar.xz
+/cups-filters-1.0.28.tar.xz
+/cups-filters-1.0.29.tar.xz
+/cups-filters-1.0.30.tar.xz
+/cups-filters-1.0.31.tar.xz
+/cups-filters-1.0.32.tar.xz
+/cups-filters-1.0.33.tar.xz
+/cups-filters-1.0.34.tar.xz
+/cups-filters-1.0.35.tar.xz
+/cups-filters-1.0.36.tar.xz
+/cups-filters-1.0.37.tar.xz
+/cups-filters-1.0.38.tar.xz
+/cups-filters-1.0.39.tar.xz
+/cups-filters-1.0.40.tar.xz
+/cups-filters-1.0.41.tar.xz
+/cups-filters-1.0.42.tar.xz
+/cups-filters-1.0.43.tar.xz
+/cups-filters-1.0.44.tar.xz
+/cups-filters-1.0.45.tar.xz
+/cups-filters-1.0.46.tar.xz
+/cups-filters-1.0.47.tar.xz
+/cups-filters-1.0.48.tar.xz
+/cups-filters-1.0.49.tar.xz
+/cups-filters-1.0.50.tar.xz
+/cups-filters-1.0.51.tar.xz
+/cups-filters-1.0.52.tar.xz
+/cups-filters-1.0.53.tar.xz
+/cups-filters-1.0.54.tar.xz
+/cups-filters-1.0.55.tar.xz
+/cups-filters-1.0.58.tar.xz
+/cups-filters-1.0.59.tar.xz
+/cups-filters-1.0.60.tar.xz
+/cups-filters-1.0.61.tar.xz
+/cups-filters-1.0.65.tar.xz
+/cups-filters-1.0.66.tar.xz
+/cups-filters-1.0.67.tar.xz
+/cups-filters-1.0.68.tar.xz
+/cups-filters-1.0.69.tar.xz
+/cups-filters-1.0.70.tar.xz
+/cups-filters-1.0.71.tar.xz
+/cups-filters-1.0.73.tar.xz
+/cups-filters-1.0.74.tar.xz
+/cups-filters-1.0.75.tar.xz
+/cups-filters-1.0.76.tar.xz
+/cups-filters-1.1.0.tar.xz
+/cups-filters-1.2.0.tar.xz
+/cups-filters-1.3.0.tar.xz
+/cups-filters-1.4.0.tar.xz
+/cups-filters-1.5.0.tar.xz
+/cups-filters-1.6.0.tar.xz
+/cups-filters-1.7.0.tar.xz
+/cups-filters-1.8.0.tar.xz
+/cups-filters-1.8.1.tar.xz
+/cups-filters-1.8.2.tar.xz
+/cups-filters-1.8.3.tar.xz
+/cups-filters-1.9.0.tar.xz
+/cups-filters-1.10.0.tar.xz
+/cups-filters-1.11.2.tar.xz
+/cups-filters-1.11.3.tar.xz
+/cups-filters-1.11.4.tar.xz
+/cups-filters-1.11.5.tar.xz
+/cups-filters-1.11.6.tar.xz
+/cups-filters-1.12.0.tar.xz
+/cups-filters-1.13.0.tar.xz
+/cups-filters-1.13.1.tar.xz
+/cups-filters-1.13.2.tar.xz
+/cups-filters-1.13.3.tar.xz
+/cups-filters-1.13.4.tar.xz

0001-Fix-build-failure-with-GCC-15-and-std-c23.patch

@@ -1,27 +0,0 @@
-From 44f59a1aa74c48515d8feba5a61b7ea3aaa592c4 Mon Sep 17 00:00:00 2001
-From: Zdenek Dohnal <zdohnal@redhat.com>
-Date: Fri, 24 Jan 2025 09:44:58 +0100
-Subject: [PATCH] Fix build failure with GCC 15 and -std=c23
-
-The newest standard has more strict data type checks, function pointers
-in function prototypes have to declare data types of its arguments.
----
- filter/foomatic-rip/process.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/filter/foomatic-rip/process.h b/filter/foomatic-rip/process.h
-index f6e15f65c..54a42923a 100644
---- a/filter/foomatic-rip/process.h
-+++ b/filter/foomatic-rip/process.h
-@@ -18,7 +18,7 @@
- #include <sys/wait.h>
- 
- 
--pid_t start_process(const char *name, int (*proc_func)(), void *user_arg,
-+pid_t start_process(const char *name, int (*proc_func)(FILE*, FILE*, void*), void *user_arg,
- 		    FILE **fdin, FILE **fdout);
- pid_t start_system_process(const char *name, const char *command, FILE **fdin,
- 			   FILE **fdout);
--- 
-2.48.1
-

0001-rastertopclx.c-Fix-infinite-loop-caused-by-crafted-f.patch

@@ -1,79 +0,0 @@
-From 0fe46c511e81062575b05936f804eb18c9f0a011 Mon Sep 17 00:00:00 2001
-From: Zdenek Dohnal <zdohnal@redhat.com>
-Date: Wed, 12 Nov 2025 15:47:24 +0100
-Subject: [PATCH] rastertopclx.c: Fix infinite loop caused by crafted file
-
-Infinite loop happened because of crafted input raster file, which led
-into heap buffer overflow of `CompressBuf` array.
-
-Based on comments there should be always some `count` when compressing
-the data, and processing of crafted file ended with offset and count
-being 0.
-
-Fixes CVE-2025-64524
----
- filter/rastertopclx.c | 25 +++++++++++++++++++++++--
- 1 file changed, 23 insertions(+), 2 deletions(-)
-
-diff --git a/filter/rastertopclx.c b/filter/rastertopclx.c
-index ded86f114..39cb378bf 100644
---- a/filter/rastertopclx.c
-+++ b/filter/rastertopclx.c
-@@ -825,10 +825,10 @@ StartPage(cf_filter_data_t      *data,	// I - filter data
-   }
- 
-   if (header->cupsCompression)
--    CompBuffer = malloc(DotBufferSize * 4);
-+    CompBuffer = calloc(DotBufferSize * 4, sizeof(unsigned char));
- 
-   if (header->cupsCompression >= 3)
--    SeedBuffer = malloc(DotBufferSize);
-+    SeedBuffer = calloc(DotBufferSize, sizeof(unsigned char));
- 
-   SeedInvalid = 1;
- 
-@@ -1159,6 +1159,13 @@ CompressData(unsigned char *line,	// I - Data to compress
-               seed ++;
-               count ++;
-             }
-+
-+	    //
-+	    // Bail out if we don't have count to compress
-+	    //
-+
-+	    if (count == 0)
-+	      break;
- 	  }
- 
- 	  //
-@@ -1252,6 +1259,13 @@ CompressData(unsigned char *line,	// I - Data to compress
- 
-             count = line_ptr - start;
- 
-+	    //
-+	    // Bail out if we don't have count to compress
-+	    //
-+
-+	    if (count == 0)
-+	      break;
-+
- #if 0
-             fprintf(stderr,
- 		    "DEBUG: offset=%d, count=%d, comp_ptr=%p(%d of %d)...\n",
-@@ -1424,6 +1438,13 @@ CompressData(unsigned char *line,	// I - Data to compress
- 
-             count = (line_ptr - start) / 3;
- 
-+	    //
-+	    // Bail out if we don't have count to compress
-+	    //
-+
-+	    if (count == 0)
-+	      break;
-+
- 	    //
- 	    // Place mode 10 compression data in the buffer; each sequence
- 	    // starts with a command byte that looks like:
--- 
-2.51.1
-

ci.fmf

@@ -1 +0,0 @@
-resultsdb-testcase: separate

cups-filters-apremotequeueid.patch

@@ -0,0 +1,42 @@
+diff -up cups-filters-1.13.4/utils/cups-browsed.c.apremotequeueid cups-filters-1.13.4/utils/cups-browsed.c
+--- cups-filters-1.13.4/utils/cups-browsed.c.apremotequeueid	2017-02-24 12:14:22.099865138 +0100
++++ cups-filters-1.13.4/utils/cups-browsed.c	2017-02-24 12:18:44.039943820 +0100
+@@ -1,4 +1,4 @@
+-/***
++ /***
+   This file is part of cups-filters.
+ 
+   This file is free software; you can redistribute it and/or modify it
+@@ -3491,7 +3491,8 @@ gboolean handle_cups_queues(gpointer unu
+   cups_job_t *jobs;
+   ipp_t *request;
+   time_t current_time = time(NULL);
+-  int i, new_cupsfilter_line_inserted, cont_line_read, want_raw;
++  int i, new_cupsfilter_line_inserted, ap_remote_queue_id_line_inserted,
++    cont_line_read, want_raw;  
+   char *disabled_str, *ptr, *prefix;
+   const char *loadedppd = NULL;
+   int pass_through_ppd;
+@@ -3813,6 +3814,7 @@ gboolean handle_cups_queues(gpointer unu
+ 		      " and inhibiting client-side filtering of the job" : ""),
+ 		     buf);
+ 	new_cupsfilter_line_inserted = 0;
++	ap_remote_queue_id_line_inserted = 0;
+ 	cont_line_read = 0;
+ 	while (cupsFileGets(in, line, sizeof(line))) {
+ 	  if (pass_through_ppd == 1 &&
+@@ -3896,6 +3898,14 @@ gboolean handle_cups_queues(gpointer unu
+ 	      cupsFilePrintf(out, "%s\n", line);
+ 	  } else if (cont_line_read == 0 || strncmp(line, "*End", 4)) {
+ 	    cont_line_read = 0;
++	    /* Write an "APRemoteQueueID" line to make this queue marked
++	       as remote printer by CUPS */
++	    if (strncmp(line, "*%", 2) &&
++		strncmp(line, "*PPD-Adobe:", 11) &&
++		ap_remote_queue_id_line_inserted == 0) {
++	      ap_remote_queue_id_line_inserted = 1;
++	      cupsFilePrintf(out, "*APRemoteQueueID: \"\"\n");
++	    }
+ 	    /* Simply write out the line as we read it */
+ 	    cupsFilePrintf(out, "%s\n", line);
+ 	  }

cups-filters-timeouts.patch

@@ -0,0 +1,137 @@
+diff -up cups-filters-1.13.4/utils/cups-browsed.c.httptimeouts cups-filters-1.13.4/utils/cups-browsed.c
+--- cups-filters-1.13.4/utils/cups-browsed.c.httptimeouts	2018-03-05 20:09:53.596815387 +0100
++++ cups-filters-1.13.4/utils/cups-browsed.c	2018-03-05 20:27:17.625885188 +0100
+@@ -351,6 +351,8 @@ static size_t NumBrowsePoll = 0;
+ static guint update_netifs_sourceid = 0;
+ static char local_server_str[1024];
+ static char *DomainSocket = NULL;
++static unsigned int HttpLocalTimeout = 5;
++static unsigned int HttpRemoteTimeout = 10;
+ static ip_based_uris_t IPBasedDeviceURIs = IP_BASED_URIS_NO;
+ static unsigned int CreateRemoteRawPrinterQueues = 0;
+ static unsigned int CreateRemoteCUPSPrinterQueues = 1;
+@@ -587,6 +589,7 @@ httpConnectEncryptShortTimeout(const cha
+ int
+ http_timeout_cb(http_t *http, void *user_data)
+ {
++  debug_printf("HTTP timeout! (consider increasing HttpLocalTimeout/HttpRemoteTimeout value)\n");
+   return 0;
+ }
+ 
+@@ -599,7 +602,7 @@ http_connect_local (void)
+ 						cupsEncryption());
+   }
+   if (local_conn)
+-    httpSetTimeout(local_conn, 3, http_timeout_cb, NULL);
++    httpSetTimeout(local_conn, HttpLocalTimeout, http_timeout_cb, NULL);
+   else
+     debug_printf("cups-browsed: Failed creating http connection to local CUPS daemon: %s:%d\n", cupsServer(), ippPort());
+ 
+@@ -2631,7 +2634,7 @@ on_printer_state_changed (CupsNotifier *
+ 		       p->port);
+ 	  if (http) {
+ 	    /* Check whether the printer is idle, processing, or disabled */
+-	    httpSetTimeout(http, 2, http_timeout_cb, NULL);
++	    httpSetTimeout(http, HttpRemoteTimeout, http_timeout_cb, NULL);
+ 	    request = ippNewRequest(CUPS_GET_PRINTERS);
+ 	    ippAddStrings(request, IPP_TAG_OPERATION, IPP_TAG_KEYWORD,
+ 			  "requested-attributes",
+@@ -3690,7 +3693,7 @@ gboolean handle_cups_queues(gpointer unu
+ 	p->timeout = current_time + TIMEOUT_RETRY;
+ 	break;
+       }
+-      httpSetTimeout(http, 3, http_timeout_cb, NULL);
++      httpSetTimeout(http, HttpLocalTimeout, http_timeout_cb, NULL);
+ 
+       /* Do not auto-save option settings due to the print queue creation
+ 	 process */
+@@ -3743,7 +3746,7 @@ gboolean handle_cups_queues(gpointer unu
+ 	    p->no_autosave = 0;
+ 	    break;
+ 	  }
+-	  httpSetTimeout(remote_http, 3, http_timeout_cb, NULL);
++	  httpSetTimeout(remote_http, HttpRemoteTimeout, http_timeout_cb, NULL);
+ 	  if ((loadedppd = cupsGetPPD2(remote_http, p->name)) == NULL &&
+ 	      CreateRemoteRawPrinterQueues == 0) {
+ 	    debug_printf("Unable to load PPD file for %s from the server %s:%d!\n",
+@@ -5772,7 +5775,7 @@ browse_poll_cancel_subscription (browsep
+     return;
+   }
+ 
+-  httpSetTimeout(conn, 3, http_timeout_cb, NULL);
++  httpSetTimeout(conn, HttpRemoteTimeout, http_timeout_cb, NULL);
+ 
+   debug_printf ("cups-browsed [BrowsePoll %s:%d]: IPP-Cancel-Subscription\n",
+ 		context->server, context->port);
+@@ -5914,7 +5917,7 @@ browse_poll (gpointer data)
+     goto fail;
+   }
+ 
+-  httpSetTimeout(conn, 3, http_timeout_cb, NULL);
++  httpSetTimeout(conn, HttpRemoteTimeout, http_timeout_cb, NULL);
+ 
+   if (context->can_subscribe) {
+     if (context->subscription_id == -1) {
+@@ -6430,6 +6433,19 @@ read_configuration (const char *filename
+     } else if (!strcasecmp(line, "DomainSocket") && value) {
+       if (value[0] != '\0')
+ 	DomainSocket = strdup(value);
++    } else if ((!strcasecmp(line, "HttpLocalTimeout") || !strcasecmp(line, "HttpRemoteTimeout")) && value) {
++      int t = atoi(value);
++      if (t >= 0) {
++	if (!strcasecmp(line, "HttpLocalTimeout"))
++	  HttpLocalTimeout = t;
++	else if (!strcasecmp(line, "HttpRemoteTimeout"))
++	  HttpRemoteTimeout = t;
++
++	debug_printf("Set %s to %d sec.\n",
++		     line, t);
++      } else
++	debug_printf("Invalid %s value: %d\n",
++		     line, t);
+     } else if (!strcasecmp(line, "IPBasedDeviceURIs") && value) {
+       if (!strcasecmp(value, "IPv4") || !strcasecmp(value, "IPv4Only"))
+ 	IPBasedDeviceURIs = IP_BASED_URIS_IPV4_ONLY;
+diff -up cups-filters-1.13.4/utils/cups-browsed.conf.5.httptimeouts cups-filters-1.13.4/utils/cups-browsed.conf.5
+--- cups-filters-1.13.4/utils/cups-browsed.conf.5.httptimeouts	2018-03-05 20:10:00.042761769 +0100
++++ cups-filters-1.13.4/utils/cups-browsed.conf.5	2018-03-05 20:13:23.417070065 +0100
+@@ -416,6 +416,19 @@ or "Off" lets cups-browsed not use CUPS'
+ 
+ .fam T
+ .fi
++Set HTTP timeout (in seconds) for requests sent to local/remote
++resources Note that too short timeouts can make services getting
++missed when they are present and operations be unneccesarily
++repeated and too long timeouts can make operations take too long
++when the server does not respond.
++.PP
++.nf
++.fam C
++        HttpLocalTimeout 5
++        HttpRemoteTimeout 10
++
++.fam T
++.fi
+ The interval between browsing/broadcasting cycles, local and/or
+ remote, can be adjusted with the BrowseInterval directive.
+ .PP
+diff -up cups-filters-1.13.4/utils/cups-browsed.conf.in.httptimeouts cups-filters-1.13.4/utils/cups-browsed.conf.in
+--- cups-filters-1.13.4/utils/cups-browsed.conf.in.httptimeouts	2018-03-05 20:10:05.452716768 +0100
++++ cups-filters-1.13.4/utils/cups-browsed.conf.in	2018-03-05 20:11:51.917831172 +0100
+@@ -301,6 +301,16 @@ BrowseRemoteProtocols @BROWSEREMOTEPROTO
+ # DomainSocket Off
+ 
+ 
++# Set HTTP timeout (in seconds) for requests sent to local/remote
++# resources Note that too short timeouts can make services getting
++# missed when they are present and operations be unneccesarily
++# repeated and too long timeouts can make operations take too long
++# when the server does not respond.
++
++# HttpLocalTimeout 5
++# HttpRemoteTimeout 10
++
++
+ # Set IPBasedDeviceURIs to "Yes" if cups-browsed should create its
+ # local queues with device URIs with the IP addresses instead of the
+ # host names of the remote servers. This mode is there for any

cups-filters-xerox.patch

@@ -0,0 +1,11 @@
+diff -up cups-filters-1.13.4/filter/pdftops.c.xerox cups-filters-1.13.4/filter/pdftops.c
+--- cups-filters-1.13.4/filter/pdftops.c.xerox	2018-05-03 12:10:32.961381421 +0200
++++ cups-filters-1.13.4/filter/pdftops.c	2018-05-03 12:20:22.096532993 +0200
+@@ -469,6 +469,7 @@ main(int  argc,				/* I - Number of comm
+     if (make_model[0] &&
+ 	(!strncasecmp(make_model, "Brother", 7) ||
+ 	 !strncasecmp(make_model, "Dell", 4) ||
++	 !strncasecmp(make_model, "Xerox", 5) ||
+ 	 strcasestr(make_model, "Minolta") ||
+ 	 (!strncasecmp(make_model, "Apple", 5) &&
+ 	  (ptr = strcasestr(make_model, "LaserWriter")) &&

foomatic-ripdie-error.patch

@@ -1,13 +0,0 @@
-diff --git a/filter/foomatic-rip/util.c b/filter/foomatic-rip/util.c
-index 508bc09..ad79fbf 100644
---- a/filter/foomatic-rip/util.c
-+++ b/filter/foomatic-rip/util.c
-@@ -76,7 +76,7 @@ rip_die(int status,
- {
-   va_list ap;
- 
--  _log("Process is dying with \"");
-+  _log("ERROR: Process is dying with \"");
-   va_start(ap, msg);
-   _logv(msg, ap);
-   va_end(ap);

foomaticrip-reject-unknown-values.patch

@@ -1,188 +0,0 @@
-From 41c5f2f6139e4d3693c2483ee4281202a80ae451 Mon Sep 17 00:00:00 2001
-From: zdohnal <zdohnal@redhat.com>
-Date: Tue, 22 Jul 2025 15:12:19 +0200
-Subject: [PATCH] Introduce foomatic-hash and reject unauthorized values in
- foomatic-rip (#648)
-
-The change provides a way for users to have control over what values are
-allowed for the foomatic-rip-related PPD keywords FoomaticRIPCommandLine,
-FoomaticRIPCommandLinePDF, and FoomaticRIPOptionSetting. Since the
-values can be later used when constructing a shell command, the filter
-foomatic-rip was a target of several exploits (caused by issues at
-different places in CUPS or in different projects of the printing stack) to
-do arbitrary code execution when the filter is used.
-
-By default the filter is run by user lp, so the issue is mitigated, but
-this PR gives admin complete control over what can be run in
-foomatic-rip and reject anything injected into system via different
-ways.
-
-First, the new tool - foomatic-hash - can be called on a PPD file or
-directory with drivers/PPDs, with scan output and file with hexadecimal
-representation of hashed values. Once the scan output is reviewed by
-admin, admin can decide to put the resulting hashes into
-/etc/foomatic/hashes.d and allow them for the filter.
----
- Makefile.am                           |  44 ++-
- README.md                             |  23 ++
- configure.ac                          |   2 +-
- filter/foomatic-rip/foomatic-hash.1   |  66 ++++
- filter/foomatic-rip/foomatic-hash.c   | 549 ++++++++++++++++++++++++++
- filter/foomatic-rip/foomatic-rip.1.in |  16 +
- filter/foomatic-rip/foomaticrip.c     |  75 ----
- filter/foomatic-rip/foomaticrip.h     |  40 --
- filter/foomatic-rip/options.c         |  67 ++++
- filter/foomatic-rip/process.c         |   9 +
- filter/foomatic-rip/process.h         |   3 +
- filter/foomatic-rip/util.c            | 341 +++++++++++++++-
- filter/foomatic-rip/util.h            |  67 ++++
- 13 files changed, 1178 insertions(+), 124 deletions(-)
- create mode 100644 filter/foomatic-rip/foomatic-hash.1
- create mode 100644 filter/foomatic-rip/foomatic-hash.c
-
-diff --git a/filter/foomatic-rip/foomatic-rip.1.in b/filter/foomatic-rip/foomatic-rip.1.in
-index 9685a95f5..3dff5215f 100644
---- a/filter/foomatic-rip/foomatic-rip.1.in
-+++ b/filter/foomatic-rip/foomatic-rip.1.in
-@@ -193,6 +193,15 @@ friends. Several PPD files use shell constructs that require a more
- modern shell like \fBbash\fR, \fBzsh\fR, or \fBksh\fR.
- 
- 
-+.SH PPD OPTION VALUE RESTRICTIONS AND EXCEPTIONS
-+
-+The values of PPD options \fBFoomaticRIPCommandLine\fR, \fBFoomaticRIPCommandLinePDF\fR and \fBFoomaticRIPOptionSetting\fR
-+are rejected in the default configuration because of security implications. Users can use the tool \fBfoomatic-hash(1)\fR, which provides
-+values of affected PPD options from found drivers and hashes of those values in hexadecimal format. User is expected to review the found values,
-+and if there is nothing suspicious in the output, copy the file with hashes into into the directory \fB@sysconfdir@/foomatic/hashes.d\fR
-+to allow the exceptions for found values.
-+
-+
- .SH FILES
- .PD 0
- .TP 0
-@@ -209,6 +218,13 @@ The PPD files of the currently defined printers
- 
- Configuration file for foomatic-rip
- 
-+.TP 0
-+@sysconfdir@/foomatic/hashes.d
-+.TP 0
-+@datadir@/foomatic/hashes.d
-+
-+Directories with hashes of allowed values
-+
- .PD 0
- 
- .\".SH SEE ALSO
-diff --git a/filter/foomatic-rip/options.c b/filter/foomatic-rip/options.c
-index bad833bc1..032fe9ec3 100644
---- a/filter/foomatic-rip/options.c
-+++ b/filter/foomatic-rip/options.c
-@@ -102,6 +102,42 @@ get_icc_profile_for_qualifier(const char **qualifier)
- }
- 
- 
-+//
-+// 'is_allowed_value' - Check if the option value is allowed.
-+//
-+
-+int					 // O - Boolean value - true 1 / false 0
-+is_allowed_value(cups_array_t *ar,       // I - Array of already known hashes from system
-+		 char	      *value,    // I - Scanned value from PPD file
-+		 size_t       value_len) // I - Value length
-+{
-+  char hash_string[65];			 // Help array to store hexadecimal hashed string
-+
-+  //
-+  // Empty string is allowed...
-+  //
-+
-+  if (!value_len)
-+    return (1);
-+
-+  //
-+  // Hash the value and get hexadecimal string for it...
-+  //
-+
-+  if (hash_data((unsigned char*)value, value_len, hash_string, sizeof(hash_string)))
-+    return (0);
-+
-+  //
-+  // Check if the found hexadecimal hashed string is in the array -> allowed on the system...
-+  //
-+
-+  if (cupsArrayFind(ar, hash_string))
-+    return (1);
-+
-+  return (0);
-+}
-+
-+
- // a selector is a general tri-dotted specification.
- // The 2nd and 3rd elements of the qualifier are optionally modified by
- // cupsICCQualifier2 and cupsICCQualifier3:
-@@ -1866,12 +1902,19 @@ read_ppd_file(const char *filename)
-   option_t *opt, *current_opt = NULL;
-   param_t *param;
-   icc_mapping_entry_t *entry;
-+  cups_array_t *known_hashes = NULL;
- 
-   fh = fopen(filename, "r");
-   if (!fh)
-     rip_die(EXIT_PRNERR_NORETRY_BAD_SETTINGS, "Unable to open PPD file %s\n", filename);
-   _log("Parsing PPD file ...\n");
- 
-+  if (load_system_hashes(&known_hashes))
-+  {
-+    fclose(fh);
-+    rip_die(EXIT_PRNERR_NORETRY, "Not enough memory for array allocation\n.");
-+  }
-+
-   dstrassure(value, 256);
- 
-   qualifier_data = list_create();
-@@ -1955,10 +1998,26 @@ read_ppd_file(const char *filename)
-     }
-     else if (strcmp(key, "FoomaticRIPCommandLine") == 0)
-     {
-+      if (!is_allowed_value(known_hashes, value->data, strlen(value->data)))
-+      {
-+        cupsArrayDelete(known_hashes);
-+        fclose(fh);
-+
-+        rip_die(EXIT_PRNERR_NOTALLOWED, "ERROR: The value of the key %s is not among the allowed values - see foomatic-rip man page for more instructions.\n", key);
-+      }
-+
-       unhtmlify(cmd, 4096, value->data);
-     }
-     else if (strcmp(key, "FoomaticRIPCommandLinePDF") == 0)
-     {
-+      if (!is_allowed_value(known_hashes, value->data, strlen(value->data)))
-+      {
-+        cupsArrayDelete(known_hashes);
-+        fclose(fh);
-+
-+        rip_die(EXIT_PRNERR_NOTALLOWED, "ERROR: The value of the key %s is not among the allowed values - see foomatic-rip man page for more instructions.\n", key);
-+      }
-+
-       unhtmlify(cmd_pdf, 4096, value->data);
-     }
-     else if (!strcmp(key, "cupsFilter"))
-@@ -2097,6 +2156,14 @@ read_ppd_file(const char *filename)
-     }
-     else if (!strcmp(key, "FoomaticRIPOptionSetting"))
-     {
-+      if (!is_allowed_value(known_hashes, value->data, strlen(value->data)))
-+      {
-+        cupsArrayDelete(known_hashes);
-+        fclose(fh);
-+
-+        rip_die(EXIT_PRNERR_NOTALLOWED, "ERROR: The value of the key %s is not among the allowed values - see foomatic-rip man page for more instructions.\n", key);
-+      }
-+
-       // "*FoomaticRIPOptionSetting <option>[=<choice>]: <code>
-       // For boolean options <choice> is not given
-       option_set_choice(assure_option(name),
--- 
-2.50.1
-

gating.yaml

@@ -1,28 +0,0 @@
---- !Policy
-product_versions:
-  - fedora-*
-decision_context: bodhi_update_push_testing
-subject_type: koji_build
-rules:
-  - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
-  - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/cups-tier1-public.functional}
-#Rawhide
---- !Policy
-product_versions:
-  - fedora-*
-decision_context: bodhi_update_push_stable
-subject_type: koji_build
-rules:
-  - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
-  - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/cups-tier1-public.functional} 
-
-#gating rhel
---- !Policy
-product_versions:
-  - rhel-*
-decision_context: osci_compose_gate
-rules:
-  - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-public.functional}
-  - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional}
-  - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/cups-tier1-public.functional}
-  - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/cups-tier1-internal.functional}

lftocrlf

@@ -1,124 +0,0 @@
-#!/bin/bash
-## Copyright (C) 2003-2006 Red Hat, Inc.
-## Copyright (C) 2003-2006 Tim Waugh <twaugh@redhat.com>
-## Changed on 2007/05/17, Opher Shachar, LADPC Ltd.
-##     Added support for page-ranges option.
-##     Added page accounting.
-
-## This program is free software; you can redistribute it and/or
-## modify it under the terms of the GNU General Public License
-## as published by the Free Software Foundation; either version 2
-## of the License, or (at your option) any later version.
-
-## This program is distributed in the hope that it will be useful,
-## but WITHOUT ANY WARRANTY; without even the implied warranty of
-## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-## GNU General Public License for more details.
-
-## You should have received a copy of the GNU General Public License
-## along with this program; if not, write to the Free Software
-## Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
-
-if [ $# == 0 ]; then
-  echo >&2 "ERROR: $0 job-id user title copies options [file]"
-  exit 1
-fi
-
-# Extract the papersize
-SENDFF=`grep '^\*DefaultSendFF' "$PPD" | cut -d\  -f2`
-COPIES=1
-if [ $# -ge 4 ]; then
-  COPIES="$4"
-fi
-
-if [ $# -lt 6 ]; then
-  unset TMPFILE
-  trap -- 'rm -f "$TMPFILE"' EXIT
-  TMPFILE=$(mktemp ${TMPDIR:-/tmp}/lftocrlf.XXXXXX)
-  cat > "$TMPFILE"
-else
-  TMPFILE="$6"
-fi
-
-PR=${5#*page-ranges=}
-# Do options specify page-ranges?
-if [[ "$PR" != "$5" ]]; then
-  PR=${PR%% *}
-else
-  #unset PR
-  PR=1-999999
-fi
-
-if [[ "$PR" ]]; then
-  TMPFILE2=$(mktemp ${TMPDIR:-/tmp}/lftocrlf2.XXXXXX)
-  pagenum=0
-  EOF=
-  { 
-  while [[ "$PR" ]]; do
-    pl=${PR%%,*}		;# take first subrange
-    PR=${PR#$pl};PR=${PR#,}	;# remove from range list
-    pu=${pl#*-}			;# extract upper and lower
-    pl=${pl%-*}			;# pages of subrange
-    # Allows interpreting 0-5,3-10 as 1-5,6-10 rejects 5-1 or 1-
-    (( pagenum >= pl )) && pl=$(( pagenum + 1 ))
-    (( pl > pu )) && continue
-    
-    # Loop reading pages until at or over lower page of subrange.
-    while read -d `echo -ne '\f'` -r; do
-      (( pagenum++ ))
-      (( pagenum == pl )) && break
-    done
-    # Did we reach lower page of subrange or EOF?
-    if (( pagenum < pl )); then
-      [[ ! "$REPLY" ]] && break		;# empty last page - we're done.
-      (( pagenum++ ))
-      EOF=y
-    fi
-    # Output page and report to page log
-    if (( pagenum == pl )); then
-      echo -n "${REPLY}" >>"$TMPFILE2"
-      # If EOF then page has no final FF
-      [[ ! "$EOF" ]] && echo -ne '\f' >>"$TMPFILE2"
-      echo "PAGE: $pagenum $COPIES" >&2
-    fi
-    [[ "$EOF" ]] && break
-    # Is the current subrange a single page?
-    (( pagenum == pu )) && continue
-    while read -d `echo -ne '\f'` -r; do
-      (( pagenum++ ))
-      echo -ne "${REPLY}\f" >>"$TMPFILE2"
-      echo "PAGE: $pagenum $COPIES" >&2
-      (( pagenum == pu )) && break
-    done
-    # Could be that we reached EOF before page boundry
-    if (( pagenum < pu )); then
-      if [[ "$REPLY" ]]; then
-        (( pagenum++ ))
-        echo -n "${REPLY}" >>"$TMPFILE2"
-        echo "PAGE: $pagenum $COPIES" >&2
-      fi
-      break
-    fi
-  done
-  } <"$TMPFILE"
-else
-  TMPFILE2="$TMPFILE"
-  pc=$(grep -co `echo -ne '\f'` "$TMPFILE2")
-  pc=$(( pc * $COPIES ))
-  echo "PAGE: $pc" >&2
-fi
-
-while [ "$COPIES" -gt 0 ]; do
-  # Just translate LF->CRLF at the moment, until the PPD has options added.
-  sed -e 's/$/'`echo -ne '\r'`'/g' "$TMPFILE2"
-
-  if [ "$SENDFF" == "True" ]
-    then
-    echo -ne \\014
-  fi
-
-  COPIES=$(($COPIES - 1))
-done
-# Cleanup
-[[ "$TMPFILE" != "$TMPFILE2" ]] && rm -f "$TMPFILE2"
-exit 0

lftocrlf.ppd

@@ -1,47 +0,0 @@
-*PPD-Adobe: "4.3"
-*%
-*% Text-only printer definition
-*%
-*FormatVersion:	"4.3"
-*FileVersion:	"1.1"
-*LanguageVersion: English
-*LanguageEncoding: ISOLatin1
-*PCFileName:	"LFTOCRLF.PPD"
-*Manufacturer:	"Generic"
-*Product:	"(Generic)"
-*cupsVersion:   1.0
-*cupsManualCopies: True
-*cupsModelNumber:  2
-*cupsFilter:    "text/plain 0 lftocrlf"
-*ModelName:     "Generic LF-to-CRLF printer"
-*ShortNickName: "Generic LF-to-CRLF printer"
-*NickName:      "Generic LF-to-CRLF printer"
-*PSVersion:	"(2017.000) 0"
-*LanguageLevel:	"2"
-*ColorDevice:	False
-*DefaultColorSpace: Gray
-*FileSystem:	False
-*Throughput:	"8"
-*LandscapeOrientation: Plus90
-*VariablePaperSize: False
-*TTRasterizer:	Type42
-*DefaultImageableArea: Letter
-*ImageableArea Letter/US Letter:	"18 36 594 756"
-*DefaultPaperDimension: Letter
-*PaperDimension Letter/Letter:		"612 792"
-*OpenUI *PageSize/Media Size: PickOne
-*OrderDependency: 10 AnySetup *PageSize
-*DefaultPageSize: Letter
-*PageSize Letter/Letter:	"<</PageSize[612 792]/ImagingBBox null>>setpagedevice"
-*CloseUI: *PageSize
-*OpenUI *PageRegion: PickOne
-*OrderDependency: 10 AnySetup *PageRegion
-*DefaultPageRegion: Letter
-*PageRegion Letter/Letter:	"<</PageSize[612 792]/ImagingBBox null>>setpagedevice"
-*CloseUI: *PageRegion
-
-*OpenUI *SendFF: Boolean
-*DefaultSendFF: False
-*SendFF True/True:        ""
-*SendFF False/False:   ""
-*CloseUI: *SendFF

plans.fmf

@@ -1,59 +0,0 @@
-/tier1-internal:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/cups-filters.git
-      name: /plans/tier1/internal
-
-/tier1-public:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/cups-filters.git
-      name: /plans/tier1/public
-
-/tier2-tier3-internal:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/cups-filters.git
-      name: /plans/tier2-tier3/internal
-
-/tier2-tier3-public:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/cups-filters.git
-      name: /plans/tier2-tier3/public
-
-/others-internal:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/cups-filters.git
-      name: /plans/others/internal
-
-/others-public:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/cups-filters.git
-      name: /plans/others/public
-
-/multihost:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/cups-filters.git
-      name: /plans/multihost/multihost
-
-/fips-internal:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/cups-filters.git
-      name: /plans/others/fips
-
-/cups-tier1-internal:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/cups.git
-      name: /plans/tier1/internal
-
-/cups-tier1-public:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/cups.git
-      name: /plans/tier1/public

sources

@@ -1 +1 @@
-SHA512 (cups-filters-2.0.1.tar.gz) = b5d7b8f5a89a6a6bba0e861dd3c3263195be75996d22129d123f325f6bff74fbabf22f2ee2d953908ffb8294d825af5568af6695896c76ef4082ae98cd19c42c
+SHA512 (cups-filters-1.13.4.tar.xz) = 848451193c9f0b0f397bc2c8efafab20112525eb2357892b5c46a4900d3d7e4ef52e537353c04779de2d17c8918cb1fe653e3c8db81f6ef246deca7e4241ce3b