Ubuntu
cups package

  1. Bug #1505328
  2. Comment #15

Comment 15 for bug 1505328

Revision history for this message
Marc Deslauriers (mdeslaur) wrote : Re: Cups SSL is vulernable to POODLE

This part of the patch is wrong:

@@ -895,18 +922,6 @@ _cupsSetDefaults(void)
       * Look for ~/.cups/client.conf...
       */

- snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home);
- fp = cupsFileOpen(filename, "r");
- }
- else
- fp = NULL;
-
- if (!fp)
- {
- /*
- * Look for CUPS_SERVERROOT/client.conf...
- */
-
       snprintf(filename, sizeof(filename), "%s/client.conf",
                cg->cups_serverroot);
       fp = cupsFileOpen(filename, "r");

It is removing the section that reads ~/.cups/client.conf instead of removing the section that reads CUPS_SERVERROOT/client.conf that got moved higher up in the code.