Bug 49197

Summary: [4.3] Regression: Unknown directive Include on line 630 of /etc/cups/cupsd.conf
Product: UCS Reporter: Arvid Requate <requate>
Component: PrintserverAssignee: Julia Bremer <bremer>
Status: CLOSED FIXED QA Contact: Florian Best <best>
Severity: normal    
Priority: P5 CC: damrose, markus.daehlmann, spener
Version: UCS 4.3   
Target Milestone: UCS 4.3-3-errata   
Hardware: Other   
OS: Linux   
URL: https://github.com/apple/cups/commit/d47f6aec436e0e9df6554436e391471097686ecc
What kind of report is it?: Bug Report What type of bug is this?: 3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?: 3: Will affect average number of installed domains How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.103 Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional): Security
Max CVSS v3 score:
Bug Depends on: 48437    
Bug Blocks:    

Description Arvid Requate univentionstaff 2019-03-29 13:33:07 CET 
We should also fix this for UCS 4.3


+++ This bug was initially created as a clone of Bug #48437 +++

The cupsd.conf UCR template uses an "Include" directive to include cups-access-limit.conf (and cupsd.local.conf if cups/include/local is set).

This Include directive has been removed upstream and the patch has been shipped with the following security updates: 

http://errata.software-univention.de/ucs/4.3/149.html
http://errata.software-univention.de/ucs/4.2/443.html

This was the vulnerability:
 https://security-tracker.debian.org/tracker/CVE-2018-4181

This probably causes a regression for the use cases of Bug #31902 and Bug #19552

Found / reported by: Martin Castillo.
Comment 1 Julia Bremer univentionstaff 2019-04-04 18:13:22 CEST 
Successful build
Package: univention-printserver
Version: 11.0.1-6A~4.3.0.201904041804
Branch: ucs_4.3-0
Scope: errata4.3-3
User: jbremer

1b72f12d9d Bug #49197: Yaml
cf089fa224 Bug #49197: Merge branch 'jbremer/bug49197' into 4.3-3
4bfcedf1e3 Bug #49197: Version bump
4ab10593eb Bug #49197: cupsd.conf is now a multifile to avoid using removed cups include directive
Comment 2 Florian Best univentionstaff 2019-04-05 13:30:18 CEST 
OK: code review
OK: changes work nice and as expected
OK: UCR variable description
OK: UCS manual/documentation changes
OK: YAML (adjusted the description)
Comment 3 Erik Damrose univentionstaff 2019-04-10 14:35:33 CEST 
<http://errata.software-univention.de/ucs/4.3/476.html>