From 285b84a7cd79f4d777a5b9c0d6c9e60c328d2b9d Mon Sep 17 00:00:00 2001 From: Jiri Popelka Date: Tue, 11 Mar 2014 13:10:24 +0100 Subject: [PATCH 1/7] Don't ship pdftoopvp (#1027557) and urftopdf (#1002947). --- cups-filters-pdftoopvp.patch | 160 +++++++++++++++++++++++++++++++++++ cups-filters-urftopdf.patch | 37 ++++++++ cups-filters.spec | 14 ++- 3 files changed, 209 insertions(+), 2 deletions(-) create mode 100644 cups-filters-pdftoopvp.patch create mode 100644 cups-filters-urftopdf.patch diff --git a/cups-filters-pdftoopvp.patch b/cups-filters-pdftoopvp.patch new file mode 100644 index 0000000..9144d50 --- /dev/null +++ b/cups-filters-pdftoopvp.patch @@ -0,0 +1,160 @@ +diff -up cups-filters-1.0.41/Makefile.am.pdftoopvp cups-filters-1.0.41/Makefile.am +--- cups-filters-1.0.41/Makefile.am.pdftoopvp 2014-03-11 13:15:07.367197743 +0100 ++++ cups-filters-1.0.41/Makefile.am 2014-03-11 13:15:07.372197679 +0100 +@@ -307,10 +307,7 @@ EXTRA_DIST += \ + # PDF to OPVP + # =========== + pkgfilterdir = $(CUPS_SERVERBIN)/filter +-pkgfilter_PROGRAMS = pdftoopvp +- +-pkgfontconfigdir = $(sysconfdir)/$(FONTDIR) +-pkgfontconfig_DATA = filter/pdftoopvp/99pdftoopvp.conf ++pkgfilter_PROGRAMS = + + pdftoopvp_SOURCES = \ + filter/pdftoopvp/oprs/OPRS.cxx \ +@@ -353,8 +350,6 @@ pdftoopvp_LDADD = \ + $(POPPLER_LIBS) \ + $(DLOPEN_LIBS) + +-EXTRA_DIST += $(pkgfontconfig_DATA) +- + # ========== + # PDF to PDF + # ========== +diff -up cups-filters-1.0.41/Makefile.in.pdftoopvp cups-filters-1.0.41/Makefile.in +--- cups-filters-1.0.41/Makefile.in.pdftoopvp 2014-03-11 13:15:07.369197717 +0100 ++++ cups-filters-1.0.41/Makefile.in 2014-03-11 13:16:50.989858630 +0100 +@@ -89,7 +89,7 @@ check_PROGRAMS = test1284$(EXEEXT) testc + TESTS = testdither$(EXEEXT) test_analyze$(EXEEXT) test_pdf$(EXEEXT) \ + test_ps$(EXEEXT) test_pdf1$(EXEEXT) test_pdf2$(EXEEXT) + bin_PROGRAMS = ttfread$(EXEEXT) +-pkgfilter_PROGRAMS = pdftoopvp$(EXEEXT) pdftopdf$(EXEEXT) \ ++pkgfilter_PROGRAMS = pdftopdf$(EXEEXT) \ + bannertopdf$(EXEEXT) commandtoescpx$(EXEEXT) \ + commandtopclx$(EXEEXT) gstoraster$(EXEEXT) pdftoijs$(EXEEXT) \ + pdftoippprinter$(EXEEXT) pdftops$(EXEEXT) pdftoraster$(EXEEXT) \ +@@ -164,7 +164,6 @@ am__installdirs = "$(DESTDIR)$(libdir)" + "$(DESTDIR)$(pkgcupsserverrootdir)" \ + "$(DESTDIR)$(pkgdriverdir)" \ + "$(DESTDIR)$(pkgfiltersincludedir)" \ +- "$(DESTDIR)$(pkgfontconfigdir)" \ + "$(DESTDIR)$(pkgfontembedincludedir)" \ + "$(DESTDIR)$(pkgmimedir)" "$(DESTDIR)$(pkgppdcdir)" \ + "$(DESTDIR)$(ppddir)" +@@ -514,7 +513,7 @@ MANS = $(man_MANS) + DATA = $(doc_DATA) $(pkgbanner_DATA) $(pkgcharset_DATA) \ + $(pkgconf_DATA) $(pkgcupsdata_DATA) $(pkgcupsserverroot_DATA) \ + $(pkgdriver_DATA) $(pkgfiltersinclude_DATA) \ +- $(pkgfontconfig_DATA) $(pkgfontembedinclude_DATA) \ ++ $(pkgfontembedinclude_DATA) \ + $(pkgmime_DATA) $(pkgppdc_DATA) $(ppd_DATA) + am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) \ + $(LISP)config.h.in +@@ -929,7 +928,7 @@ EXTRA_DIST = $(doc_DATA) autogen.sh libc + cupsfilters/image.pgm cupsfilters/image.ppm \ + $(pkgcupsdata_DATA) $(pkgdriver_DATA) $(pkgppdc_DATA) \ + $(pkgmime_DATA) $(pkgfontembedinclude_DATA) fontembed/README \ +- $(pkgfontconfig_DATA) $(pkgfilter_SCRIPTS) filter/test.sh \ ++ $(pkgfilter_SCRIPTS) filter/test.sh \ + utils/cups-browsed.in $(man_MANS) $(ppd_DATA) scripting/perl \ + scripting/php/README scripting/php/phpcups.php + +@@ -1186,8 +1185,6 @@ test_ps_LDADD = libfontembed.la + # PDF to OPVP + # =========== + pkgfilterdir = $(CUPS_SERVERBIN)/filter +-pkgfontconfigdir = $(sysconfdir)/$(FONTDIR) +-pkgfontconfig_DATA = filter/pdftoopvp/99pdftoopvp.conf + pdftoopvp_SOURCES = \ + filter/pdftoopvp/oprs/OPRS.cxx \ + filter/pdftoopvp/oprs/OPRS.h \ +@@ -3715,43 +3712,6 @@ uninstall-pkgfiltersincludeDATA: + @list='$(pkgfiltersinclude_DATA)'; test -n "$(pkgfiltersincludedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + dir='$(DESTDIR)$(pkgfiltersincludedir)'; $(am__uninstall_files_from_dir) +-install-pkgfontconfigDATA: $(pkgfontconfig_DATA) +- @$(NORMAL_INSTALL) +- @list='$(pkgfontconfig_DATA)'; test -n "$(pkgfontconfigdir)" || list=; \ +- if test -n "$$list"; then \ +- echo " $(MKDIR_P) '$(DESTDIR)$(pkgfontconfigdir)'"; \ +- $(MKDIR_P) "$(DESTDIR)$(pkgfontconfigdir)" || exit 1; \ +- fi; \ +- for p in $$list; do \ +- if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ +- echo "$$d$$p"; \ +- done | $(am__base_list) | \ +- while read files; do \ +- echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pkgfontconfigdir)'"; \ +- $(INSTALL_DATA) $$files "$(DESTDIR)$(pkgfontconfigdir)" || exit $$?; \ +- done +- +-uninstall-pkgfontconfigDATA: +- @$(NORMAL_UNINSTALL) +- @list='$(pkgfontconfig_DATA)'; test -n "$(pkgfontconfigdir)" || list=; \ +- files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ +- dir='$(DESTDIR)$(pkgfontconfigdir)'; $(am__uninstall_files_from_dir) +-install-pkgfontembedincludeDATA: $(pkgfontembedinclude_DATA) +- @$(NORMAL_INSTALL) +- @list='$(pkgfontembedinclude_DATA)'; test -n "$(pkgfontembedincludedir)" || list=; \ +- if test -n "$$list"; then \ +- echo " $(MKDIR_P) '$(DESTDIR)$(pkgfontembedincludedir)'"; \ +- $(MKDIR_P) "$(DESTDIR)$(pkgfontembedincludedir)" || exit 1; \ +- fi; \ +- for p in $$list; do \ +- if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ +- echo "$$d$$p"; \ +- done | $(am__base_list) | \ +- while read files; do \ +- echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pkgfontembedincludedir)'"; \ +- $(INSTALL_DATA) $$files "$(DESTDIR)$(pkgfontembedincludedir)" || exit $$?; \ +- done +- + uninstall-pkgfontembedincludeDATA: + @$(NORMAL_UNINSTALL) + @list='$(pkgfontembedinclude_DATA)'; test -n "$(pkgfontembedincludedir)" || list=; \ +@@ -4241,7 +4201,7 @@ all-am: Makefile $(LTLIBRARIES) $(PROGRA + install-binPROGRAMS: install-libLTLIBRARIES + + installdirs: +- for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(phpextensiondir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(pkgbackenddir)" "$(DESTDIR)$(pkgfilterdir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(initrcdir)" "$(DESTDIR)$(pkgfilterdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(docdir)" "$(DESTDIR)$(pkgbannerdir)" "$(DESTDIR)$(pkgcharsetdir)" "$(DESTDIR)$(pkgconfdir)" "$(DESTDIR)$(pkgcupsdatadir)" "$(DESTDIR)$(pkgcupsserverrootdir)" "$(DESTDIR)$(pkgdriverdir)" "$(DESTDIR)$(pkgfiltersincludedir)" "$(DESTDIR)$(pkgfontconfigdir)" "$(DESTDIR)$(pkgfontembedincludedir)" "$(DESTDIR)$(pkgmimedir)" "$(DESTDIR)$(pkgppdcdir)" "$(DESTDIR)$(ppddir)"; do \ ++ for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(phpextensiondir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(pkgbackenddir)" "$(DESTDIR)$(pkgfilterdir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(initrcdir)" "$(DESTDIR)$(pkgfilterdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(docdir)" "$(DESTDIR)$(pkgbannerdir)" "$(DESTDIR)$(pkgcharsetdir)" "$(DESTDIR)$(pkgconfdir)" "$(DESTDIR)$(pkgcupsdatadir)" "$(DESTDIR)$(pkgcupsserverrootdir)" "$(DESTDIR)$(pkgdriverdir)" "$(DESTDIR)$(pkgfiltersincludedir)" "$(DESTDIR)$(pkgfontembedincludedir)" "$(DESTDIR)$(pkgmimedir)" "$(DESTDIR)$(pkgppdcdir)" "$(DESTDIR)$(ppddir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done + install: install-am +@@ -4309,7 +4269,7 @@ install-data-am: install-docDATA install + install-pkgconfDATA install-pkgcupsdataDATA \ + install-pkgcupsserverrootDATA install-pkgdriverDATA \ + install-pkgfilterPROGRAMS install-pkgfilterSCRIPTS \ +- install-pkgfiltersincludeDATA install-pkgfontconfigDATA \ ++ install-pkgfiltersincludeDATA \ + install-pkgfontembedincludeDATA install-pkgmimeDATA \ + install-pkgppdcDATA install-ppdDATA + @$(NORMAL_INSTALL) +@@ -4368,7 +4328,7 @@ uninstall-am: uninstall-binPROGRAMS unin + uninstall-pkgconfDATA uninstall-pkgcupsdataDATA \ + uninstall-pkgcupsserverrootDATA uninstall-pkgdriverDATA \ + uninstall-pkgfilterPROGRAMS uninstall-pkgfilterSCRIPTS \ +- uninstall-pkgfiltersincludeDATA uninstall-pkgfontconfigDATA \ ++ uninstall-pkgfiltersincludeDATA \ + uninstall-pkgfontembedincludeDATA uninstall-pkgmimeDATA \ + uninstall-pkgppdcDATA uninstall-ppdDATA uninstall-sbinPROGRAMS + @$(NORMAL_INSTALL) +@@ -4399,7 +4359,7 @@ uninstall-man: uninstall-man5 uninstall- + install-pkgconfDATA install-pkgcupsdataDATA \ + install-pkgcupsserverrootDATA install-pkgdriverDATA \ + install-pkgfilterPROGRAMS install-pkgfilterSCRIPTS \ +- install-pkgfiltersincludeDATA install-pkgfontconfigDATA \ ++ install-pkgfiltersincludeDATA \ + install-pkgfontembedincludeDATA install-pkgmimeDATA \ + install-pkgppdcDATA install-ppdDATA install-ps install-ps-am \ + install-sbinPROGRAMS install-strip installcheck \ +@@ -4415,7 +4375,7 @@ uninstall-man: uninstall-man5 uninstall- + uninstall-pkgconfDATA uninstall-pkgcupsdataDATA \ + uninstall-pkgcupsserverrootDATA uninstall-pkgdriverDATA \ + uninstall-pkgfilterPROGRAMS uninstall-pkgfilterSCRIPTS \ +- uninstall-pkgfiltersincludeDATA uninstall-pkgfontconfigDATA \ ++ uninstall-pkgfiltersincludeDATA \ + uninstall-pkgfontembedincludeDATA uninstall-pkgmimeDATA \ + uninstall-pkgppdcDATA uninstall-ppdDATA uninstall-sbinPROGRAMS + diff --git a/cups-filters-urftopdf.patch b/cups-filters-urftopdf.patch new file mode 100644 index 0000000..efafe15 --- /dev/null +++ b/cups-filters-urftopdf.patch @@ -0,0 +1,37 @@ +diff -up cups-filters-1.0.41/Makefile.am.urftopdf cups-filters-1.0.41/Makefile.am +--- cups-filters-1.0.41/Makefile.am.urftopdf 2014-03-11 13:13:48.012222641 +0100 ++++ cups-filters-1.0.41/Makefile.am 2014-03-11 13:13:48.020222538 +0100 +@@ -410,8 +410,8 @@ pkgfilter_PROGRAMS += \ + pdftoraster \ + rastertoescpx \ + rastertopclx \ +- texttopdf \ +- urftopdf ++ texttopdf ++ + if ENABLE_IMAGEFILTERS + pkgfilter_PROGRAMS += \ + imagetopdf \ +diff -up cups-filters-1.0.41/Makefile.in.urftopdf cups-filters-1.0.41/Makefile.in +--- cups-filters-1.0.41/Makefile.in.urftopdf 2014-03-11 13:13:48.022222512 +0100 ++++ cups-filters-1.0.41/Makefile.in 2014-03-11 13:14:45.729477255 +0100 +@@ -94,7 +94,7 @@ pkgfilter_PROGRAMS = pdftoopvp$(EXEEXT) + commandtopclx$(EXEEXT) gstoraster$(EXEEXT) pdftoijs$(EXEEXT) \ + pdftoippprinter$(EXEEXT) pdftops$(EXEEXT) pdftoraster$(EXEEXT) \ + rastertoescpx$(EXEEXT) rastertopclx$(EXEEXT) \ +- texttopdf$(EXEEXT) urftopdf$(EXEEXT) $(am__EXEEXT_1) ++ texttopdf$(EXEEXT) $(am__EXEEXT_1) + @ENABLE_IMAGEFILTERS_TRUE@am__append_1 = \ + @ENABLE_IMAGEFILTERS_TRUE@ imagetopdf \ + @ENABLE_IMAGEFILTERS_TRUE@ imagetoraster +diff -up cups-filters-1.0.41/mime/cupsfilters.convs.urftopdf cups-filters-1.0.41/mime/cupsfilters.convs +--- cups-filters-1.0.41/mime/cupsfilters.convs.urftopdf 2014-03-11 13:13:48.017222576 +0100 ++++ cups-filters-1.0.41/mime/cupsfilters.convs 2014-03-11 13:13:48.023222499 +0100 +@@ -68,7 +68,6 @@ image/x-xpixmap application/vnd.cups-pd + image/x-xwindowdump application/vnd.cups-pdf 65 imagetopdf + image/x-sun-raster application/vnd.cups-pdf 65 imagetopdf + application/vnd.cups-pdf-banner application/pdf 32 bannertopdf +-image/urf application/pdf 0 urftopdf + + ######################################################################## + # diff --git a/cups-filters.spec b/cups-filters.spec index a52e90d..b552d16 100644 --- a/cups-filters.spec +++ b/cups-filters.spec @@ -4,7 +4,7 @@ Summary: OpenPrinting CUPS filters and backends Name: cups-filters Version: 1.0.41 -Release: 4%{?dist} +Release: 5%{?dist} # For a breakdown of the licensing, see COPYING file # GPLv2: filters: commandto*, imagetoraster, pdftops, rasterto*, @@ -25,6 +25,8 @@ Patch1: cups-filters-pdf-landscape.patch Patch2: cups-filters-dbus.patch Patch3: cups-filters-memory-leaks.patch Patch4: cups-filters-filter-costs.patch +Patch5: cups-filters-urftopdf.patch +Patch6: cups-filters-pdftoopvp.patch Requires: cups-filters-libs%{?_isa} = %{version}-%{release} @@ -121,6 +123,12 @@ This is the development package for OpenPrinting CUPS filters and backends. # doesn't go via pstotiff (bug #1008166). %patch4 -p1 -b .filter-costs +# Don't ship urftopdf for now (bug #1002947). +%patch5 -p1 -b .urftopdf + +# Don't ship pdftoopvp for now (bug #1027557). +%patch6 -p1 -b .pdftoopvp + %build # work-around Rpath ./autogen.sh @@ -201,7 +209,6 @@ fi %files %doc __doc/README __doc/AUTHORS __doc/NEWS %config(noreplace) %{_sysconfdir}/cups/cups-browsed.conf -%config(noreplace) %{_sysconfdir}/fonts/conf.d/99pdftoopvp.conf %attr(0755,root,root) %{_cups_serverbin}/filter/* %attr(0755,root,root) %{_cups_serverbin}/backend/parallel # Serial backend needs to run as root (bug #212577#c4). @@ -235,6 +242,9 @@ fi %{_libdir}/libfontembed.so %changelog +* Tue Mar 11 2014 Jiri Popelka - 1.0.41-5 +- Don't ship pdftoopvp (#1027557) and urftopdf (#1002947). + * Tue Nov 19 2013 Tim Waugh - 1.0.41-4 - Adjust filter costs so application/vnd.adobe-read-postscript input doesn't go via pstotiff (bug #1008166). From f813aa745770b4505bc57670cc8a17cfe196f5a9 Mon Sep 17 00:00:00 2001 From: Jiri Popelka Date: Wed, 2 Apr 2014 10:03:19 +0200 Subject: [PATCH 2/7] Remote command injection in cups-browsed (bug #1083327). --- cups-filters-bug1083327.patch | 79 +++++++++++++++++++++++++++++++++++ cups-filters.spec | 9 +++- 2 files changed, 87 insertions(+), 1 deletion(-) create mode 100644 cups-filters-bug1083327.patch diff --git a/cups-filters-bug1083327.patch b/cups-filters-bug1083327.patch new file mode 100644 index 0000000..62e3b4a --- /dev/null +++ b/cups-filters-bug1083327.patch @@ -0,0 +1,79 @@ +From 1e2b77cd1661f2fb2565e21a558295e631763baa Mon Sep 17 00:00:00 2001 +From: Jiri Popelka +Date: Wed, 2 Apr 2014 09:57:32 +0200 +Subject: [PATCH] cups-browsed: SECURITY FIX to prevent arbitrary code + injection (RHBZ#1083327) + +into the System V interface scripts generated for +queues for discovered native IPP printers by a malicious IPP +print service with forged make/model and/or PDL string. +--- + utils/cups-browsed.c | 31 +++++++++++++++++++++++++++---- + 1 file changed, 27 insertions(+), 4 deletions(-) + +diff --git a/utils/cups-browsed.c b/utils/cups-browsed.c +index c312804..ec64a4d 100644 +--- a/utils/cups-browsed.c ++++ b/utils/cups-browsed.c +@@ -563,7 +563,28 @@ create_local_queue (const char *name, + return NULL; + } + +-char *generate_queue_name(const char *str_orig) ++/* ++ * Remove all illegal characters and replace each group of such characters ++ * by a single dash ++ * ++ * mode = 0: Only allow letters, numbers, and dashes, for turning make/model ++ * info into a valid print queue name or inro a string which can ++ * be supplied as option value in a filter command line without ++ * need of quoting ++ * mode = 1: Allow also '/', '.', ',', '_', for cleaning up MIME type ++ * strings (here available Page Description Languages, PDLs) to ++ * supply them on a filter command line without quoting ++ * ++ * Especially this prevents from arbitrary code execution by interface scripts ++ * generated for print queues to native IPP printers when a malicious IPP ++ * print service with forged PDL and/or make/model info gets broadcasted into ++ * the local network. ++ */ ++ ++char * /* O - Cleaned string */ ++remove_bad_chars(const char *str_orig, /* I - Original string */ ++ int mode) /* I - 0: Make/Model, queue name */ ++ /* 1: MIME types/PDLs */ + { + int i, j; + int havedash = 0; +@@ -576,7 +597,9 @@ char *generate_queue_name(const char *str_orig) + for (i = 0, j = 0; i < strlen(str); i++, j++) { + if (((str[i] >= 'A') && (str[i] <= 'Z')) || + ((str[i] >= 'a') && (str[i] <= 'z')) || +- ((str[i] >= '0') && (str[i] <= '9'))) { ++ ((str[i] >= '0') && (str[i] <= '9')) || ++ (mode == 1 && (str[i] == '/' || str[i] == '_' || ++ str[i] == '.' || str[i] == ','))) { + /* Letter or number, keep it */ + havedash = 0; + } else { +@@ -950,7 +973,7 @@ void generate_local_queue(const char *host, + if (entry) { + avahi_string_list_get_pair(entry, &key, &value, NULL); + if (key && value && !strcmp(key, *f) && strlen(value) >= 3) { +- remote_queue = generate_queue_name(value); ++ remote_queue = remove_bad_chars(value, 0); + break; + } + } +@@ -959,7 +982,7 @@ void generate_local_queue(const char *host, + if (entry) { + avahi_string_list_get_pair(entry, &key, &value, NULL); + if (key && value && !strcmp(key, "pdl") && strlen(value) >= 3) { +- pdl = strdup(value); ++ pdl = remove_bad_chars(value, 1); + } + } + } +-- +1.9.0 + diff --git a/cups-filters.spec b/cups-filters.spec index b552d16..998e862 100644 --- a/cups-filters.spec +++ b/cups-filters.spec @@ -4,7 +4,7 @@ Summary: OpenPrinting CUPS filters and backends Name: cups-filters Version: 1.0.41 -Release: 5%{?dist} +Release: 6%{?dist} # For a breakdown of the licensing, see COPYING file # GPLv2: filters: commandto*, imagetoraster, pdftops, rasterto*, @@ -27,6 +27,7 @@ Patch3: cups-filters-memory-leaks.patch Patch4: cups-filters-filter-costs.patch Patch5: cups-filters-urftopdf.patch Patch6: cups-filters-pdftoopvp.patch +Patch7: cups-filters-bug1083327.patch Requires: cups-filters-libs%{?_isa} = %{version}-%{release} @@ -129,6 +130,9 @@ This is the development package for OpenPrinting CUPS filters and backends. # Don't ship pdftoopvp for now (bug #1027557). %patch6 -p1 -b .pdftoopvp +# Remote command injection in cups-browsed (bug #1083327). +%patch7 -p1 -b .bug1083327 + %build # work-around Rpath ./autogen.sh @@ -242,6 +246,9 @@ fi %{_libdir}/libfontembed.so %changelog +* Wed Apr 02 2014 Jiri Popelka - 1.0.41-6 +- Remote command injection in cups-browsed (bug #1083327). + * Tue Mar 11 2014 Jiri Popelka - 1.0.41-5 - Don't ship pdftoopvp (#1027557) and urftopdf (#1002947). From 251ba775754e27173595173c8f488d69130a4518 Mon Sep 17 00:00:00 2001 From: Jiri Popelka Date: Mon, 28 Apr 2014 12:36:39 +0200 Subject: [PATCH 3/7] 1.0.53 (#1091569) --- .gitignore | 1 + cups-filters-bug1083327.patch | 79 --------------- cups-filters-dbus.patch | 58 ----------- cups-filters-filter-costs.patch | 12 --- cups-filters-memory-leaks.patch | 36 ------- cups-filters-pdf-landscape.patch | 49 ---------- cups-filters-pdftoopvp.patch | 160 ------------------------------- cups-filters-urftopdf.patch | 37 ------- cups-filters.spec | 80 +++++++--------- sources | 2 +- 10 files changed, 38 insertions(+), 476 deletions(-) delete mode 100644 cups-filters-bug1083327.patch delete mode 100644 cups-filters-dbus.patch delete mode 100644 cups-filters-filter-costs.patch delete mode 100644 cups-filters-memory-leaks.patch delete mode 100644 cups-filters-pdf-landscape.patch delete mode 100644 cups-filters-pdftoopvp.patch delete mode 100644 cups-filters-urftopdf.patch diff --git a/.gitignore b/.gitignore index 84c9cb1..6fa4d34 100644 --- a/.gitignore +++ b/.gitignore @@ -17,3 +17,4 @@ /cups-filters-1.0.39.tar.xz /cups-filters-1.0.40.tar.xz /cups-filters-1.0.41.tar.xz +/cups-filters-1.0.53.tar.xz diff --git a/cups-filters-bug1083327.patch b/cups-filters-bug1083327.patch deleted file mode 100644 index 62e3b4a..0000000 --- a/cups-filters-bug1083327.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 1e2b77cd1661f2fb2565e21a558295e631763baa Mon Sep 17 00:00:00 2001 -From: Jiri Popelka -Date: Wed, 2 Apr 2014 09:57:32 +0200 -Subject: [PATCH] cups-browsed: SECURITY FIX to prevent arbitrary code - injection (RHBZ#1083327) - -into the System V interface scripts generated for -queues for discovered native IPP printers by a malicious IPP -print service with forged make/model and/or PDL string. ---- - utils/cups-browsed.c | 31 +++++++++++++++++++++++++++---- - 1 file changed, 27 insertions(+), 4 deletions(-) - -diff --git a/utils/cups-browsed.c b/utils/cups-browsed.c -index c312804..ec64a4d 100644 ---- a/utils/cups-browsed.c -+++ b/utils/cups-browsed.c -@@ -563,7 +563,28 @@ create_local_queue (const char *name, - return NULL; - } - --char *generate_queue_name(const char *str_orig) -+/* -+ * Remove all illegal characters and replace each group of such characters -+ * by a single dash -+ * -+ * mode = 0: Only allow letters, numbers, and dashes, for turning make/model -+ * info into a valid print queue name or inro a string which can -+ * be supplied as option value in a filter command line without -+ * need of quoting -+ * mode = 1: Allow also '/', '.', ',', '_', for cleaning up MIME type -+ * strings (here available Page Description Languages, PDLs) to -+ * supply them on a filter command line without quoting -+ * -+ * Especially this prevents from arbitrary code execution by interface scripts -+ * generated for print queues to native IPP printers when a malicious IPP -+ * print service with forged PDL and/or make/model info gets broadcasted into -+ * the local network. -+ */ -+ -+char * /* O - Cleaned string */ -+remove_bad_chars(const char *str_orig, /* I - Original string */ -+ int mode) /* I - 0: Make/Model, queue name */ -+ /* 1: MIME types/PDLs */ - { - int i, j; - int havedash = 0; -@@ -576,7 +597,9 @@ char *generate_queue_name(const char *str_orig) - for (i = 0, j = 0; i < strlen(str); i++, j++) { - if (((str[i] >= 'A') && (str[i] <= 'Z')) || - ((str[i] >= 'a') && (str[i] <= 'z')) || -- ((str[i] >= '0') && (str[i] <= '9'))) { -+ ((str[i] >= '0') && (str[i] <= '9')) || -+ (mode == 1 && (str[i] == '/' || str[i] == '_' || -+ str[i] == '.' || str[i] == ','))) { - /* Letter or number, keep it */ - havedash = 0; - } else { -@@ -950,7 +973,7 @@ void generate_local_queue(const char *host, - if (entry) { - avahi_string_list_get_pair(entry, &key, &value, NULL); - if (key && value && !strcmp(key, *f) && strlen(value) >= 3) { -- remote_queue = generate_queue_name(value); -+ remote_queue = remove_bad_chars(value, 0); - break; - } - } -@@ -959,7 +982,7 @@ void generate_local_queue(const char *host, - if (entry) { - avahi_string_list_get_pair(entry, &key, &value, NULL); - if (key && value && !strcmp(key, "pdl") && strlen(value) >= 3) { -- pdl = strdup(value); -+ pdl = remove_bad_chars(value, 1); - } - } - } --- -1.9.0 - diff --git a/cups-filters-dbus.patch b/cups-filters-dbus.patch deleted file mode 100644 index 626d3e8..0000000 --- a/cups-filters-dbus.patch +++ /dev/null @@ -1,58 +0,0 @@ -diff -up cups-filters-1.0.41/Makefile.am.dbus cups-filters-1.0.41/Makefile.am ---- cups-filters-1.0.41/Makefile.am.dbus 2013-10-25 14:12:56.000000000 +0100 -+++ cups-filters-1.0.41/Makefile.am 2013-11-06 17:16:58.504234619 +0000 -@@ -474,9 +474,11 @@ gstoraster_SOURCES = \ - cupsfilters/raster.h - gstoraster_CFLAGS = \ - $(CUPS_CFLAGS) \ -+ $(DBUS_CFLAGS) \ - -I$(srcdir)/cupsfilters/ - gstoraster_LDADD = \ - $(CUPS_LIBS) \ -+ $(DBUS_LIBS) \ - libcupsfilters.la - - imagetopdf_SOURCES = \ -diff -up cups-filters-1.0.41/config.h.in.dbus cups-filters-1.0.41/config.h.in -diff -up cups-filters-1.0.41/configure.ac.dbus cups-filters-1.0.41/configure.ac ---- cups-filters-1.0.41/configure.ac.dbus 2013-10-30 07:21:44.000000000 +0000 -+++ cups-filters-1.0.41/configure.ac 2013-11-06 17:23:07.619921079 +0000 -@@ -114,6 +114,18 @@ AX_COMPARE_VERSION([$CUPS_VERSION],[gt], - AC_DEFINE(PDFTOPDF, [], [Needed for pdftopdf filter compilation]) - AC_DEFINE_DIR(BANNERTOPDF_DATADIR, "{CUPS_DATADIR}/data", [Directory where bannertopdf finds its data files (PDF templates)]) - -+dnl DBus support -+DBUS_CFLAGS="" -+DBUS_LIBS="" -+AC_ARG_ENABLE([dbus], AC_HELP_STRING([--disable-dbus], -+ [Do not use dbus to communicate with external services])) -+if test "$enable_dbus" != "no"; then -+ PKG_CHECK_MODULES(DBUS, [dbus-1], [HAVE_DBUS=-DHAVE_DBUS]) -+ AC_DEFINE([HAVE_DBUS], [], [Defines if dbus is available.]) -+fi -+AC_SUBST(DBUS_CFLAGS) -+AC_SUBST(DBUS_LIBS) -+ - AC_SEARCH_LIBS([dlopen], - [dl], - [AS_IF([test "$ac_cv_search_dlopen" != "none required"], [ -@@ -640,6 +652,7 @@ Build configuration: - php-config: ${with_php_config} - test-font: ${with_test_font_path} - tiff: ${with_tiff} -+ dbus: ${HAVE_DBUS} - avahi: ${enable_avahi} - browsing: ${with_browseremoteprotocols} - werror: ${enable_werror} -diff -up cups-filters-1.0.41/filter/colord.c.dbus cups-filters-1.0.41/filter/colord.c ---- cups-filters-1.0.41/filter/colord.c.dbus 2013-07-29 20:12:42.000000000 +0100 -+++ cups-filters-1.0.41/filter/colord.c 2013-11-06 17:16:58.505234623 +0000 -@@ -32,6 +32,8 @@ MIT Open Source License - http://www.o - #include - #include - -+#include "config.h" -+ - #ifdef HAVE_DBUS - #include - #endif diff --git a/cups-filters-filter-costs.patch b/cups-filters-filter-costs.patch deleted file mode 100644 index bbe8c81..0000000 --- a/cups-filters-filter-costs.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up cups-filters-1.0.41/mime/cupsfilters.convs.filter-costs cups-filters-1.0.41/mime/cupsfilters.convs ---- cups-filters-1.0.41/mime/cupsfilters.convs.filter-costs 2013-11-19 11:51:06.279294346 +0000 -+++ cups-filters-1.0.41/mime/cupsfilters.convs 2013-11-19 11:51:07.960301722 +0000 -@@ -85,7 +85,7 @@ application/vnd.cups-pdf application/vnd - # - - application/vnd.cups-pdf application/vnd.cups-raster 99 gstoraster --application/vnd.cups-postscript application/vnd.cups-raster 200 gstoraster -+application/vnd.cups-postscript application/vnd.cups-raster 175 gstoraster - application/vnd.cups-pdf application/vnd.cups-raster 100 pdftoraster - image/gif application/vnd.cups-raster 100 imagetoraster - image/png application/vnd.cups-raster 100 imagetoraster diff --git a/cups-filters-memory-leaks.patch b/cups-filters-memory-leaks.patch deleted file mode 100644 index 98d1927..0000000 --- a/cups-filters-memory-leaks.patch +++ /dev/null @@ -1,36 +0,0 @@ -diff --git a/utils/cups-browsed.c b/utils/cups-browsed.c -index c312804..155b581 100644 ---- a/utils/cups-browsed.c -+++ b/utils/cups-browsed.c -@@ -993,6 +993,10 @@ void generate_local_queue(const char *host, - would get, so ignore this remote printer */ - debug_printf("cups-browsed: Printer with URI %s already exists, printer ignored.\n", - uri); -+ free (uri); -+ free (remote_host); -+ free (backup_queue_name); -+ cupsFreeDests(num_dests, dests); - return; - } - /* Is there a local queue with the name of the remote queue? */ -@@ -1027,6 +1031,7 @@ void generate_local_queue(const char *host, - ignore this remote printer */ - debug_printf("cups-browsed: %s also taken, printer ignored.\n", - local_queue_name); -+ free (uri); - free (backup_queue_name); - free (remote_host); - cupsFreeDests(num_dests, dests); -@@ -2426,9 +2431,9 @@ int main(int argc, char*argv[]) { - strcasecmp(val, "false") != 0) { - /* Queue found, add to our list */ - p = create_local_queue (dest->name, -- strdup(cupsGetOption("device-uri", -- dest->num_options, -- dest->options)), -+ cupsGetOption("device-uri", -+ dest->num_options, -+ dest->options), - "", "", "", "", NULL, 1); - if (p) { - /* Mark as unconfirmed, if no Avahi report of this queue appears diff --git a/cups-filters-pdf-landscape.patch b/cups-filters-pdf-landscape.patch deleted file mode 100644 index 5c9a776..0000000 --- a/cups-filters-pdf-landscape.patch +++ /dev/null @@ -1,49 +0,0 @@ -diff -up cups-filters-1.0.40/filter/pdftops.c.pdf-landscape cups-filters-1.0.40/filter/pdftops.c ---- cups-filters-1.0.40/filter/pdftops.c.pdf-landscape 2013-10-11 17:15:45.639623613 +0100 -+++ cups-filters-1.0.40/filter/pdftops.c 2013-10-11 17:22:41.517421905 +0100 -@@ -273,7 +273,6 @@ main(int argc, /* I - Number of comm - *pstops_options, /* Options for pstops filter */ - *pstops_end; /* End of pstops filter option */ - const char *cups_serverbin; /* CUPS_SERVERBIN environment variable */ -- const char *content_type; /* CONTENT_TYPE environment variable */ - #if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET) - struct sigaction action; /* Actions for POSIX signals */ - #endif /* HAVE_SIGACTION && !HAVE_SIGSET */ -@@ -457,7 +456,6 @@ main(int argc, /* I - Number of comm - * Build the command-line for the pdftops or gs filter... - */ - -- content_type = getenv("CONTENT_TYPE"); - if (renderer == PDFTOPS) - { - pdf_argv[0] = (char *)"pdftops"; -@@ -646,25 +644,17 @@ main(int argc, /* I - Number of comm - else if ((renderer == PDFTOPS) || (renderer == PDFTOCAIRO)) - { - /* -- * Use the page sizes of the original PDF document, this way documents -- * which contain pages of different sizes can be printed correctly -+ * No options to add. Note: pdftopdf has already rotated pages -+ * for us. - */ -- -- /* Only do this for unprocessed PDF files */ -- if (content_type && !strstr (content_type, "/vnd.cups-")) -- pdf_argv[pdf_argc++] = (char *)"-origpagesizes"; - } - #endif /* HAVE_POPPLER_PDFTOPS_WITH_ORIGPAGESIZES */ - else if (renderer == ACROREAD) - { - /* -- * Use the page sizes of the original PDF document, this way documents -- * which contain pages of different sizes can be printed correctly -+ * No options to add. Note: pdftopdf has already rotated pages -+ * for us. - */ -- -- /* Only do this for unprocessed PDF files */ -- if (content_type && !strstr (content_type, "/vnd.cups-")) -- pdf_argv[pdf_argc++] = (char *)"-choosePaperByPDFPageSize"; - } - - /* diff --git a/cups-filters-pdftoopvp.patch b/cups-filters-pdftoopvp.patch deleted file mode 100644 index 9144d50..0000000 --- a/cups-filters-pdftoopvp.patch +++ /dev/null @@ -1,160 +0,0 @@ -diff -up cups-filters-1.0.41/Makefile.am.pdftoopvp cups-filters-1.0.41/Makefile.am ---- cups-filters-1.0.41/Makefile.am.pdftoopvp 2014-03-11 13:15:07.367197743 +0100 -+++ cups-filters-1.0.41/Makefile.am 2014-03-11 13:15:07.372197679 +0100 -@@ -307,10 +307,7 @@ EXTRA_DIST += \ - # PDF to OPVP - # =========== - pkgfilterdir = $(CUPS_SERVERBIN)/filter --pkgfilter_PROGRAMS = pdftoopvp -- --pkgfontconfigdir = $(sysconfdir)/$(FONTDIR) --pkgfontconfig_DATA = filter/pdftoopvp/99pdftoopvp.conf -+pkgfilter_PROGRAMS = - - pdftoopvp_SOURCES = \ - filter/pdftoopvp/oprs/OPRS.cxx \ -@@ -353,8 +350,6 @@ pdftoopvp_LDADD = \ - $(POPPLER_LIBS) \ - $(DLOPEN_LIBS) - --EXTRA_DIST += $(pkgfontconfig_DATA) -- - # ========== - # PDF to PDF - # ========== -diff -up cups-filters-1.0.41/Makefile.in.pdftoopvp cups-filters-1.0.41/Makefile.in ---- cups-filters-1.0.41/Makefile.in.pdftoopvp 2014-03-11 13:15:07.369197717 +0100 -+++ cups-filters-1.0.41/Makefile.in 2014-03-11 13:16:50.989858630 +0100 -@@ -89,7 +89,7 @@ check_PROGRAMS = test1284$(EXEEXT) testc - TESTS = testdither$(EXEEXT) test_analyze$(EXEEXT) test_pdf$(EXEEXT) \ - test_ps$(EXEEXT) test_pdf1$(EXEEXT) test_pdf2$(EXEEXT) - bin_PROGRAMS = ttfread$(EXEEXT) --pkgfilter_PROGRAMS = pdftoopvp$(EXEEXT) pdftopdf$(EXEEXT) \ -+pkgfilter_PROGRAMS = pdftopdf$(EXEEXT) \ - bannertopdf$(EXEEXT) commandtoescpx$(EXEEXT) \ - commandtopclx$(EXEEXT) gstoraster$(EXEEXT) pdftoijs$(EXEEXT) \ - pdftoippprinter$(EXEEXT) pdftops$(EXEEXT) pdftoraster$(EXEEXT) \ -@@ -164,7 +164,6 @@ am__installdirs = "$(DESTDIR)$(libdir)" - "$(DESTDIR)$(pkgcupsserverrootdir)" \ - "$(DESTDIR)$(pkgdriverdir)" \ - "$(DESTDIR)$(pkgfiltersincludedir)" \ -- "$(DESTDIR)$(pkgfontconfigdir)" \ - "$(DESTDIR)$(pkgfontembedincludedir)" \ - "$(DESTDIR)$(pkgmimedir)" "$(DESTDIR)$(pkgppdcdir)" \ - "$(DESTDIR)$(ppddir)" -@@ -514,7 +513,7 @@ MANS = $(man_MANS) - DATA = $(doc_DATA) $(pkgbanner_DATA) $(pkgcharset_DATA) \ - $(pkgconf_DATA) $(pkgcupsdata_DATA) $(pkgcupsserverroot_DATA) \ - $(pkgdriver_DATA) $(pkgfiltersinclude_DATA) \ -- $(pkgfontconfig_DATA) $(pkgfontembedinclude_DATA) \ -+ $(pkgfontembedinclude_DATA) \ - $(pkgmime_DATA) $(pkgppdc_DATA) $(ppd_DATA) - am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) \ - $(LISP)config.h.in -@@ -929,7 +928,7 @@ EXTRA_DIST = $(doc_DATA) autogen.sh libc - cupsfilters/image.pgm cupsfilters/image.ppm \ - $(pkgcupsdata_DATA) $(pkgdriver_DATA) $(pkgppdc_DATA) \ - $(pkgmime_DATA) $(pkgfontembedinclude_DATA) fontembed/README \ -- $(pkgfontconfig_DATA) $(pkgfilter_SCRIPTS) filter/test.sh \ -+ $(pkgfilter_SCRIPTS) filter/test.sh \ - utils/cups-browsed.in $(man_MANS) $(ppd_DATA) scripting/perl \ - scripting/php/README scripting/php/phpcups.php - -@@ -1186,8 +1185,6 @@ test_ps_LDADD = libfontembed.la - # PDF to OPVP - # =========== - pkgfilterdir = $(CUPS_SERVERBIN)/filter --pkgfontconfigdir = $(sysconfdir)/$(FONTDIR) --pkgfontconfig_DATA = filter/pdftoopvp/99pdftoopvp.conf - pdftoopvp_SOURCES = \ - filter/pdftoopvp/oprs/OPRS.cxx \ - filter/pdftoopvp/oprs/OPRS.h \ -@@ -3715,43 +3712,6 @@ uninstall-pkgfiltersincludeDATA: - @list='$(pkgfiltersinclude_DATA)'; test -n "$(pkgfiltersincludedir)" || list=; \ - files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ - dir='$(DESTDIR)$(pkgfiltersincludedir)'; $(am__uninstall_files_from_dir) --install-pkgfontconfigDATA: $(pkgfontconfig_DATA) -- @$(NORMAL_INSTALL) -- @list='$(pkgfontconfig_DATA)'; test -n "$(pkgfontconfigdir)" || list=; \ -- if test -n "$$list"; then \ -- echo " $(MKDIR_P) '$(DESTDIR)$(pkgfontconfigdir)'"; \ -- $(MKDIR_P) "$(DESTDIR)$(pkgfontconfigdir)" || exit 1; \ -- fi; \ -- for p in $$list; do \ -- if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ -- echo "$$d$$p"; \ -- done | $(am__base_list) | \ -- while read files; do \ -- echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pkgfontconfigdir)'"; \ -- $(INSTALL_DATA) $$files "$(DESTDIR)$(pkgfontconfigdir)" || exit $$?; \ -- done -- --uninstall-pkgfontconfigDATA: -- @$(NORMAL_UNINSTALL) -- @list='$(pkgfontconfig_DATA)'; test -n "$(pkgfontconfigdir)" || list=; \ -- files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ -- dir='$(DESTDIR)$(pkgfontconfigdir)'; $(am__uninstall_files_from_dir) --install-pkgfontembedincludeDATA: $(pkgfontembedinclude_DATA) -- @$(NORMAL_INSTALL) -- @list='$(pkgfontembedinclude_DATA)'; test -n "$(pkgfontembedincludedir)" || list=; \ -- if test -n "$$list"; then \ -- echo " $(MKDIR_P) '$(DESTDIR)$(pkgfontembedincludedir)'"; \ -- $(MKDIR_P) "$(DESTDIR)$(pkgfontembedincludedir)" || exit 1; \ -- fi; \ -- for p in $$list; do \ -- if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ -- echo "$$d$$p"; \ -- done | $(am__base_list) | \ -- while read files; do \ -- echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pkgfontembedincludedir)'"; \ -- $(INSTALL_DATA) $$files "$(DESTDIR)$(pkgfontembedincludedir)" || exit $$?; \ -- done -- - uninstall-pkgfontembedincludeDATA: - @$(NORMAL_UNINSTALL) - @list='$(pkgfontembedinclude_DATA)'; test -n "$(pkgfontembedincludedir)" || list=; \ -@@ -4241,7 +4201,7 @@ all-am: Makefile $(LTLIBRARIES) $(PROGRA - install-binPROGRAMS: install-libLTLIBRARIES - - installdirs: -- for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(phpextensiondir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(pkgbackenddir)" "$(DESTDIR)$(pkgfilterdir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(initrcdir)" "$(DESTDIR)$(pkgfilterdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(docdir)" "$(DESTDIR)$(pkgbannerdir)" "$(DESTDIR)$(pkgcharsetdir)" "$(DESTDIR)$(pkgconfdir)" "$(DESTDIR)$(pkgcupsdatadir)" "$(DESTDIR)$(pkgcupsserverrootdir)" "$(DESTDIR)$(pkgdriverdir)" "$(DESTDIR)$(pkgfiltersincludedir)" "$(DESTDIR)$(pkgfontconfigdir)" "$(DESTDIR)$(pkgfontembedincludedir)" "$(DESTDIR)$(pkgmimedir)" "$(DESTDIR)$(pkgppdcdir)" "$(DESTDIR)$(ppddir)"; do \ -+ for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(phpextensiondir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(pkgbackenddir)" "$(DESTDIR)$(pkgfilterdir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(initrcdir)" "$(DESTDIR)$(pkgfilterdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(docdir)" "$(DESTDIR)$(pkgbannerdir)" "$(DESTDIR)$(pkgcharsetdir)" "$(DESTDIR)$(pkgconfdir)" "$(DESTDIR)$(pkgcupsdatadir)" "$(DESTDIR)$(pkgcupsserverrootdir)" "$(DESTDIR)$(pkgdriverdir)" "$(DESTDIR)$(pkgfiltersincludedir)" "$(DESTDIR)$(pkgfontembedincludedir)" "$(DESTDIR)$(pkgmimedir)" "$(DESTDIR)$(pkgppdcdir)" "$(DESTDIR)$(ppddir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done - install: install-am -@@ -4309,7 +4269,7 @@ install-data-am: install-docDATA install - install-pkgconfDATA install-pkgcupsdataDATA \ - install-pkgcupsserverrootDATA install-pkgdriverDATA \ - install-pkgfilterPROGRAMS install-pkgfilterSCRIPTS \ -- install-pkgfiltersincludeDATA install-pkgfontconfigDATA \ -+ install-pkgfiltersincludeDATA \ - install-pkgfontembedincludeDATA install-pkgmimeDATA \ - install-pkgppdcDATA install-ppdDATA - @$(NORMAL_INSTALL) -@@ -4368,7 +4328,7 @@ uninstall-am: uninstall-binPROGRAMS unin - uninstall-pkgconfDATA uninstall-pkgcupsdataDATA \ - uninstall-pkgcupsserverrootDATA uninstall-pkgdriverDATA \ - uninstall-pkgfilterPROGRAMS uninstall-pkgfilterSCRIPTS \ -- uninstall-pkgfiltersincludeDATA uninstall-pkgfontconfigDATA \ -+ uninstall-pkgfiltersincludeDATA \ - uninstall-pkgfontembedincludeDATA uninstall-pkgmimeDATA \ - uninstall-pkgppdcDATA uninstall-ppdDATA uninstall-sbinPROGRAMS - @$(NORMAL_INSTALL) -@@ -4399,7 +4359,7 @@ uninstall-man: uninstall-man5 uninstall- - install-pkgconfDATA install-pkgcupsdataDATA \ - install-pkgcupsserverrootDATA install-pkgdriverDATA \ - install-pkgfilterPROGRAMS install-pkgfilterSCRIPTS \ -- install-pkgfiltersincludeDATA install-pkgfontconfigDATA \ -+ install-pkgfiltersincludeDATA \ - install-pkgfontembedincludeDATA install-pkgmimeDATA \ - install-pkgppdcDATA install-ppdDATA install-ps install-ps-am \ - install-sbinPROGRAMS install-strip installcheck \ -@@ -4415,7 +4375,7 @@ uninstall-man: uninstall-man5 uninstall- - uninstall-pkgconfDATA uninstall-pkgcupsdataDATA \ - uninstall-pkgcupsserverrootDATA uninstall-pkgdriverDATA \ - uninstall-pkgfilterPROGRAMS uninstall-pkgfilterSCRIPTS \ -- uninstall-pkgfiltersincludeDATA uninstall-pkgfontconfigDATA \ -+ uninstall-pkgfiltersincludeDATA \ - uninstall-pkgfontembedincludeDATA uninstall-pkgmimeDATA \ - uninstall-pkgppdcDATA uninstall-ppdDATA uninstall-sbinPROGRAMS - diff --git a/cups-filters-urftopdf.patch b/cups-filters-urftopdf.patch deleted file mode 100644 index efafe15..0000000 --- a/cups-filters-urftopdf.patch +++ /dev/null @@ -1,37 +0,0 @@ -diff -up cups-filters-1.0.41/Makefile.am.urftopdf cups-filters-1.0.41/Makefile.am ---- cups-filters-1.0.41/Makefile.am.urftopdf 2014-03-11 13:13:48.012222641 +0100 -+++ cups-filters-1.0.41/Makefile.am 2014-03-11 13:13:48.020222538 +0100 -@@ -410,8 +410,8 @@ pkgfilter_PROGRAMS += \ - pdftoraster \ - rastertoescpx \ - rastertopclx \ -- texttopdf \ -- urftopdf -+ texttopdf -+ - if ENABLE_IMAGEFILTERS - pkgfilter_PROGRAMS += \ - imagetopdf \ -diff -up cups-filters-1.0.41/Makefile.in.urftopdf cups-filters-1.0.41/Makefile.in ---- cups-filters-1.0.41/Makefile.in.urftopdf 2014-03-11 13:13:48.022222512 +0100 -+++ cups-filters-1.0.41/Makefile.in 2014-03-11 13:14:45.729477255 +0100 -@@ -94,7 +94,7 @@ pkgfilter_PROGRAMS = pdftoopvp$(EXEEXT) - commandtopclx$(EXEEXT) gstoraster$(EXEEXT) pdftoijs$(EXEEXT) \ - pdftoippprinter$(EXEEXT) pdftops$(EXEEXT) pdftoraster$(EXEEXT) \ - rastertoescpx$(EXEEXT) rastertopclx$(EXEEXT) \ -- texttopdf$(EXEEXT) urftopdf$(EXEEXT) $(am__EXEEXT_1) -+ texttopdf$(EXEEXT) $(am__EXEEXT_1) - @ENABLE_IMAGEFILTERS_TRUE@am__append_1 = \ - @ENABLE_IMAGEFILTERS_TRUE@ imagetopdf \ - @ENABLE_IMAGEFILTERS_TRUE@ imagetoraster -diff -up cups-filters-1.0.41/mime/cupsfilters.convs.urftopdf cups-filters-1.0.41/mime/cupsfilters.convs ---- cups-filters-1.0.41/mime/cupsfilters.convs.urftopdf 2014-03-11 13:13:48.017222576 +0100 -+++ cups-filters-1.0.41/mime/cupsfilters.convs 2014-03-11 13:13:48.023222499 +0100 -@@ -68,7 +68,6 @@ image/x-xpixmap application/vnd.cups-pd - image/x-xwindowdump application/vnd.cups-pdf 65 imagetopdf - image/x-sun-raster application/vnd.cups-pdf 65 imagetopdf - application/vnd.cups-pdf-banner application/pdf 32 bannertopdf --image/urf application/pdf 0 urftopdf - - ######################################################################## - # diff --git a/cups-filters.spec b/cups-filters.spec index 998e862..fdd24b1 100644 --- a/cups-filters.spec +++ b/cups-filters.spec @@ -3,32 +3,23 @@ Summary: OpenPrinting CUPS filters and backends Name: cups-filters -Version: 1.0.41 -Release: 6%{?dist} +Version: 1.0.53 +Release: 1%{?dist} # For a breakdown of the licensing, see COPYING file # GPLv2: filters: commandto*, imagetoraster, pdftops, rasterto*, # imagetopdf, pstopdf, texttopdf # backends: parallel, serial -# GPLv2+: filters: gstopxl, textonly, texttops, imagetops +# GPLv2+: filters: gstopxl, textonly, texttops, imagetops, foomatic-rip # GPLv3: filters: bannertopdf # GPLv3+: filters: urftopdf # LGPLv2+: utils: cups-browsed # MIT: filters: gstoraster, pdftoijs, pdftoopvp, pdftopdf, pdftoraster License: GPLv2 and GPLv2+ and GPLv3 and GPLv3+ and LGPLv2+ and MIT -Group: System Environment/Base Url: http://www.linuxfoundation.org/collaborate/workgroups/openprinting/cups-filters Source0: http://www.openprinting.org/download/cups-filters/cups-filters-%{version}.tar.xz -Patch1: cups-filters-pdf-landscape.patch -Patch2: cups-filters-dbus.patch -Patch3: cups-filters-memory-leaks.patch -Patch4: cups-filters-filter-costs.patch -Patch5: cups-filters-urftopdf.patch -Patch6: cups-filters-pdftoopvp.patch -Patch7: cups-filters-bug1083327.patch - Requires: cups-filters-libs%{?_isa} = %{version}-%{release} # Obsolete cups-php (bug #971741) @@ -37,24 +28,28 @@ Obsoletes: cups-php < 1:1.6.0-1 #Provides: cups-php = 1:1.6.0-1 BuildRequires: cups-devel +BuildRequires: pkgconfig # pdftopdf -BuildRequires: qpdf-devel +BuildRequires: pkgconfig(libqpdf) # pdftops BuildRequires: poppler-utils # pdftoijs, pdftoopvp, pdftoraster, gstoraster -BuildRequires: poppler-devel poppler-cpp-devel +BuildRequires: pkgconfig(poppler) +BuildRequires: poppler-cpp-devel BuildRequires: libjpeg-devel -BuildRequires: libpng-devel BuildRequires: libtiff-devel -BuildRequires: zlib-devel -BuildRequires: pkgconfig dbus-devel +BuildRequires: pkgconfig(libpng) +BuildRequires: pkgconfig(zlib) +BuildRequires: pkgconfig(dbus-1) # libijs -BuildRequires: ghostscript-devel -BuildRequires: freetype-devel -BuildRequires: fontconfig-devel -BuildRequires: lcms2-devel +BuildRequires: pkgconfig(ijs) +BuildRequires: pkgconfig(freetype2) +BuildRequires: pkgconfig(fontconfig) +BuildRequires: pkgconfig(lcms) pkgconfig(lcms2) # cups-browsed -BuildRequires: avahi-devel avahi-glib-devel +BuildRequires: avahi-devel +BuildRequires: pkgconfig(avahi-glib) +BuildRequires: pkgconfig(glib-2.0) BuildRequires: systemd # Make sure we get postscriptdriver tags. @@ -70,6 +65,10 @@ BuildRequires: libtool Requires: cups-filesystem Requires: poppler-utils + +# texttopdf +Requires: liberation-mono-fonts + # pstopdf Requires: bc grep sed @@ -111,28 +110,6 @@ This is the development package for OpenPrinting CUPS filters and backends. %prep %setup -q -# Fix PDF landscape printing (bug #768811). -%patch1 -p1 -b .pdf-landscape - -# Include dbus so that colord support works (bug #1026928). -%patch2 -p1 -b .dbus - -# Fix memory leaks in cups-browsed (bug #1027317). -%patch3 -p1 -b .memory-leaks - -# Adjust filter costs so application/vnd.adobe-read-postscript input -# doesn't go via pstotiff (bug #1008166). -%patch4 -p1 -b .filter-costs - -# Don't ship urftopdf for now (bug #1002947). -%patch5 -p1 -b .urftopdf - -# Don't ship pdftoopvp for now (bug #1027557). -%patch6 -p1 -b .pdftoopvp - -# Remote command injection in cups-browsed (bug #1083327). -%patch7 -p1 -b .bug1083327 - %build # work-around Rpath ./autogen.sh @@ -167,6 +144,18 @@ rm -f %{buildroot}%{_bindir}/ttfread mkdir -p %{buildroot}%{_unitdir} install -p -m 644 utils/cups-browsed.service %{buildroot}%{_unitdir} +# Don't ship urftopdf for now (bug #1002947). +rm -f %{buildroot}%{_cups_serverbin}/filter/urftopdf +sed -i '/urftopdf/d' %{buildroot}%{_datadir}/cups/mime/cupsfilters.convs + +# Don't ship pdftoopvp for now (bug #1027557). +rm -f %{buildroot}%{_cups_serverbin}/filter/pdftoopvp +rm -f %{buildroot}%{_sysconfdir}/fonts/conf.d/99pdftoopvp.conf + +# Don't ship foomatic-rip +rm -f %{buildroot}%{_cups_serverbin}/filter/foomatic-rip +rm -f %{buildroot}%{_mandir}/man1/foomatic-rip.1 + %check make check @@ -246,6 +235,9 @@ fi %{_libdir}/libfontembed.so %changelog +* Mon Apr 28 2014 Jiri Popelka - 1.0.53-1 +- 1.0.53 + * Wed Apr 02 2014 Jiri Popelka - 1.0.41-6 - Remote command injection in cups-browsed (bug #1083327). diff --git a/sources b/sources index 3340f74..7351c93 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -fe5a9a07b9a64b35975154068cbedef9 cups-filters-1.0.41.tar.xz +85c605f82cddfd9990a17f1ffaf51eec cups-filters-1.0.53.tar.xz From 36df523c0b940c6e7d47b3812d31e7ab062054f8 Mon Sep 17 00:00:00 2001 From: Jiri Popelka Date: Fri, 9 May 2014 18:57:18 +0200 Subject: [PATCH 4/7] Return Tim's work-around patch for bug #768811. --- cups-filters-pdf-landscape.patch | 34 ++++++++++++++++++++++++++++++++ cups-filters.spec | 10 +++++++++- 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 cups-filters-pdf-landscape.patch diff --git a/cups-filters-pdf-landscape.patch b/cups-filters-pdf-landscape.patch new file mode 100644 index 0000000..30ffbfc --- /dev/null +++ b/cups-filters-pdf-landscape.patch @@ -0,0 +1,34 @@ +diff -up cups-filters-1.0.53/filter/pdftops.c.pdf-landscape cups-filters-1.0.53/filter/pdftops.c +--- cups-filters-1.0.53/filter/pdftops.c.pdf-landscape 2014-05-09 12:18:35.679501730 +0200 ++++ cups-filters-1.0.53/filter/pdftops.c 2014-05-09 12:19:34.114704598 +0200 +@@ -646,23 +646,23 @@ main(int argc, /* I - Number of comm + if ((renderer == PDFTOPS) || (renderer == PDFTOCAIRO)) + { + /* +- * Use the page sizes of the original PDF document, this way documents +- * which contain pages of different sizes can be printed correctly ++ * No options to add. Note: pdftopdf has already rotated pages ++ * for us. + */ + +- pdf_argv[pdf_argc++] = (char *)"-origpagesizes"; +- pdf_argv[pdf_argc++] = (char *)"-nocenter"; ++ //pdf_argv[pdf_argc++] = (char *)"-origpagesizes"; ++ //pdf_argv[pdf_argc++] = (char *)"-nocenter"; + } + else + #endif /* HAVE_POPPLER_PDFTOPS_WITH_ORIGPAGESIZES */ + if (renderer == ACROREAD) + { + /* +- * Use the page sizes of the original PDF document, this way documents +- * which contain pages of different sizes can be printed correctly ++ * No options to add. Note: pdftopdf has already rotated pages ++ * for us. + */ + +- pdf_argv[pdf_argc++] = (char *)"-choosePaperByPDFPageSize"; ++ //pdf_argv[pdf_argc++] = (char *)"-choosePaperByPDFPageSize"; + } + + /* diff --git a/cups-filters.spec b/cups-filters.spec index fdd24b1..510db35 100644 --- a/cups-filters.spec +++ b/cups-filters.spec @@ -4,7 +4,7 @@ Summary: OpenPrinting CUPS filters and backends Name: cups-filters Version: 1.0.53 -Release: 1%{?dist} +Release: 2%{?dist} # For a breakdown of the licensing, see COPYING file # GPLv2: filters: commandto*, imagetoraster, pdftops, rasterto*, @@ -20,6 +20,8 @@ License: GPLv2 and GPLv2+ and GPLv3 and GPLv3+ and LGPLv2+ and MIT Url: http://www.linuxfoundation.org/collaborate/workgroups/openprinting/cups-filters Source0: http://www.openprinting.org/download/cups-filters/cups-filters-%{version}.tar.xz +Patch1: cups-filters-pdf-landscape.patch + Requires: cups-filters-libs%{?_isa} = %{version}-%{release} # Obsolete cups-php (bug #971741) @@ -110,6 +112,9 @@ This is the development package for OpenPrinting CUPS filters and backends. %prep %setup -q +# Fix PDF landscape printing (bug #768811). +%patch1 -p1 -b .pdf-landscape + %build # work-around Rpath ./autogen.sh @@ -235,6 +240,9 @@ fi %{_libdir}/libfontembed.so %changelog +* Fri May 09 2014 Jiri Popelka - 1.0.53-2 +- Return Tim's work-around patch for bug #768811. + * Mon Apr 28 2014 Jiri Popelka - 1.0.53-1 - 1.0.53 From 659b81909616f7e3c0bfef3809e59c2a841eed8c Mon Sep 17 00:00:00 2001 From: Tim Waugh Date: Fri, 6 Jun 2014 13:51:04 +0100 Subject: [PATCH 5/7] Don't use grep's -P switch in pstopdf as it needs execmem (bug #1079534). Resolves: rhbz#1079534 --- cups-filters-execmem.patch | 12 ++++++++++++ cups-filters.spec | 5 ++++- 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 cups-filters-execmem.patch diff --git a/cups-filters-execmem.patch b/cups-filters-execmem.patch new file mode 100644 index 0000000..2c95bfd --- /dev/null +++ b/cups-filters-execmem.patch @@ -0,0 +1,12 @@ +diff -up cups-filters-1.0.53/filter/pstopdf.execmem cups-filters-1.0.53/filter/pstopdf +--- cups-filters-1.0.53/filter/pstopdf.execmem 2014-06-06 13:48:30.005230247 +0100 ++++ cups-filters-1.0.53/filter/pstopdf 2014-06-06 13:49:05.762403657 +0100 +@@ -105,7 +105,7 @@ eval "$(printf "%s" "$5" | sed -nre 's/. + eval "$(printf "%s" "$5" | sed -nre 's/.*(^|\s)orientation-requested=4.*/orientation="${orientation:-90}"/p')" + eval "$(printf "%s" "$5" | sed -nre 's/.*(^|\s)orientation-requested=5.*/orientation="${orientation:-270}"/p')" + eval "$(printf "%s" "$5" | sed -nre 's/.*(^|\s)orientation-requested=6.*/orientation="${orientation:-180}"/p')" +-if printf "%s" "$5" | grep -iPq '(\s|^)landscape(=(1|on|yes|true))?(\s|$)'; then ++if printf "%s" "$5" | grep -iq '(\s|^)landscape(=(1|on|yes|true))?(\s|$)'; then + if test -e "$PPD"; then + eval "$(sed -nre 's/^\*LandscapeOrientation:\s*Plus90.*/orientation="${orientation:-90}"/p' "$PPD")" + eval "$(sed -nre 's/^\*LandscapeOrientation:\s*Minus90.*/orientation="${orientation:-270}"/p' "$PPD")" diff --git a/cups-filters.spec b/cups-filters.spec index 510db35..cd36e6f 100644 --- a/cups-filters.spec +++ b/cups-filters.spec @@ -4,7 +4,7 @@ Summary: OpenPrinting CUPS filters and backends Name: cups-filters Version: 1.0.53 -Release: 2%{?dist} +Release: 3%{?dist} # For a breakdown of the licensing, see COPYING file # GPLv2: filters: commandto*, imagetoraster, pdftops, rasterto*, @@ -240,6 +240,9 @@ fi %{_libdir}/libfontembed.so %changelog +* Fri Jun 6 2014 Tim Waugh - 1.0.53-3 +- Don't use grep's -P switch in pstopdf as it needs execmem (bug #1079534). + * Fri May 09 2014 Jiri Popelka - 1.0.53-2 - Return Tim's work-around patch for bug #768811. From 846e99fd87d7f46885d87156848585809d2ed6ad Mon Sep 17 00:00:00 2001 From: Tim Waugh Date: Fri, 6 Jun 2014 16:55:30 +0100 Subject: [PATCH 6/7] Fixed last fix. --- cups-filters-execmem.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cups-filters-execmem.patch b/cups-filters-execmem.patch index 2c95bfd..60518c2 100644 --- a/cups-filters-execmem.patch +++ b/cups-filters-execmem.patch @@ -6,7 +6,7 @@ diff -up cups-filters-1.0.53/filter/pstopdf.execmem cups-filters-1.0.53/filter/p eval "$(printf "%s" "$5" | sed -nre 's/.*(^|\s)orientation-requested=5.*/orientation="${orientation:-270}"/p')" eval "$(printf "%s" "$5" | sed -nre 's/.*(^|\s)orientation-requested=6.*/orientation="${orientation:-180}"/p')" -if printf "%s" "$5" | grep -iPq '(\s|^)landscape(=(1|on|yes|true))?(\s|$)'; then -+if printf "%s" "$5" | grep -iq '(\s|^)landscape(=(1|on|yes|true))?(\s|$)'; then ++if printf "%s" "$5" | grep -qiE '(\s|^)landscape(=(1|on|yes|true))?(\s|$)'; then if test -e "$PPD"; then eval "$(sed -nre 's/^\*LandscapeOrientation:\s*Plus90.*/orientation="${orientation:-90}"/p' "$PPD")" eval "$(sed -nre 's/^\*LandscapeOrientation:\s*Minus90.*/orientation="${orientation:-270}"/p' "$PPD")" From 382dc703a99ac9074bf640d932d0225277de48b1 Mon Sep 17 00:00:00 2001 From: Tim Waugh Date: Wed, 11 Jun 2014 13:59:24 +0100 Subject: [PATCH 7/7] Fix build issue (bug #1106101). Resolves: rhbz#1106101 --- cups-filters-makefile.patch | 14 ++++++++++++++ cups-filters.spec | 9 ++++++++- 2 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 cups-filters-makefile.patch diff --git a/cups-filters-makefile.patch b/cups-filters-makefile.patch new file mode 100644 index 0000000..2177950 --- /dev/null +++ b/cups-filters-makefile.patch @@ -0,0 +1,14 @@ +diff -up cups-filters-1.0.54/Makefile.am.makefile cups-filters-1.0.54/Makefile.am +--- cups-filters-1.0.54/Makefile.am.makefile 2014-06-11 13:36:11.962393900 +0100 ++++ cups-filters-1.0.54/Makefile.am 2014-06-11 13:40:34.343533005 +0100 +@@ -467,7 +467,9 @@ bannertopdf_LDADD = \ + $(FONTCONFIG_LIBS) \ + libfontembed.la + +-bannertopdf_DEPENDENCIES = $(GETLINE) ++bannertopdf_DEPENDENCIES = \ ++ $(GETLINE) \ ++ libfontembed.la + + commandtoescpx_SOURCES = \ + cupsfilters/driver.h \ diff --git a/cups-filters.spec b/cups-filters.spec index cd36e6f..384e750 100644 --- a/cups-filters.spec +++ b/cups-filters.spec @@ -4,7 +4,7 @@ Summary: OpenPrinting CUPS filters and backends Name: cups-filters Version: 1.0.53 -Release: 3%{?dist} +Release: 4%{?dist} # For a breakdown of the licensing, see COPYING file # GPLv2: filters: commandto*, imagetoraster, pdftops, rasterto*, @@ -21,6 +21,7 @@ Url: http://www.linuxfoundation.org/collaborate/workgroups/openprinting/cups Source0: http://www.openprinting.org/download/cups-filters/cups-filters-%{version}.tar.xz Patch1: cups-filters-pdf-landscape.patch +Patch2: cups-filters-makefile.patch Requires: cups-filters-libs%{?_isa} = %{version}-%{release} @@ -115,6 +116,9 @@ This is the development package for OpenPrinting CUPS filters and backends. # Fix PDF landscape printing (bug #768811). %patch1 -p1 -b .pdf-landscape +# Fixed build issue (bug #1106101). +%patch2 -p1 -b .cups-filters + %build # work-around Rpath ./autogen.sh @@ -240,6 +244,9 @@ fi %{_libdir}/libfontembed.so %changelog +* Wed Jun 11 2014 Tim Waugh - 1.0.53-4 +- Fix build issue (bug #1106101). + * Fri Jun 6 2014 Tim Waugh - 1.0.53-3 - Don't use grep's -P switch in pstopdf as it needs execmem (bug #1079534).