Compare commits
No commits in common. "c8-beta" and "c8" have entirely different histories.
@ -0,0 +1,34 @@
|
||||
diff --git a/utils/cups-browsed.c b/utils/cups-browsed.c
|
||||
index 2b30c63..a6d6fd2 100644
|
||||
--- a/utils/cups-browsed.c
|
||||
+++ b/utils/cups-browsed.c
|
||||
@@ -3576,6 +3576,12 @@ create_remote_printer_entry (const char *queue_name,
|
||||
NULL, pattrs);
|
||||
response = cupsDoRequest(http_printer, request, resource);
|
||||
|
||||
+ if (response && !ippValidateAttributes(response))
|
||||
+ {
|
||||
+ fprintf(stderr, "The printer %s contains invalid attributes.", p->queue_name);
|
||||
+ goto fail;
|
||||
+ }
|
||||
+
|
||||
/* Log all printer attributes for debugging */
|
||||
if (debug_stderr || debug_logfile) {
|
||||
debug_printf("Full list of IPP attributes (get-printer-attributes) for printer %s:\n",
|
||||
diff --git a/utils/driverless.c b/utils/driverless.c
|
||||
index fe61e58..0360bff 100644
|
||||
--- a/utils/driverless.c
|
||||
+++ b/utils/driverless.c
|
||||
@@ -513,6 +513,12 @@ generate_ppd (const char *uri)
|
||||
NULL, pattrs);
|
||||
response = cupsDoRequest(http, request, resource);
|
||||
|
||||
+ if (response && !ippValidateAttributes(response))
|
||||
+ {
|
||||
+ fprintf(stderr, "ERROR: The printer provides invalid attributes, skipping.");
|
||||
+ goto fail;
|
||||
+ }
|
||||
+
|
||||
/* Log all printer attributes for debugging */
|
||||
if (debug) {
|
||||
attr = ippFirstAttribute(response);
|
356
SOURCES/cups-filters-CVE-2024-47175.patch
Normal file
356
SOURCES/cups-filters-CVE-2024-47175.patch
Normal file
@ -0,0 +1,356 @@
|
||||
diff --git a/cupsfilters/ppdgenerator.c b/cupsfilters/ppdgenerator.c
|
||||
index 44d9313..a8acde4 100644
|
||||
--- a/cupsfilters/ppdgenerator.c
|
||||
+++ b/cupsfilters/ppdgenerator.c
|
||||
@@ -82,6 +82,7 @@ typedef struct _pwg_finishings_s /**** PWG finishings mapping data ****/
|
||||
|
||||
static void pwg_ppdize_name(const char *ipp, char *name, size_t namesize);
|
||||
static void pwg_ppdize_resolution(ipp_attribute_t *attr, int element, int *xres, int *yres, char *name, size_t namesize);
|
||||
+static void ppd_put_string(cups_file_t *fp, cups_lang_t *lang, const char *ppd_option, const char *ppd_choice, const char *pwg_msgid);
|
||||
|
||||
/*
|
||||
* '_cupsSetError()' - Set the last PPD generator status-message.
|
||||
@@ -1188,9 +1189,10 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
ipp_t *media_col, /* Media collection */
|
||||
*media_size; /* Media size collection */
|
||||
char make[256], /* Make and model */
|
||||
- *model, /* Model name */
|
||||
+ *mptr, // Pointer into make and model
|
||||
ppdname[PPD_MAX_NAME];
|
||||
/* PPD keyword */
|
||||
+ const char *model; /* Model name */
|
||||
int i, j, /* Looping vars */
|
||||
count = 0, /* Number of values */
|
||||
bottom, /* Largest bottom margin */
|
||||
@@ -1263,6 +1265,69 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
+ //
|
||||
+ // Get a sanitized make and model...
|
||||
+ //
|
||||
+
|
||||
+ if ((attr = ippFindAttribute(response, "printer-make-and-model", IPP_TAG_TEXT)) != NULL && ippValidateAttribute(attr))
|
||||
+ {
|
||||
+ // Sanitize the model name to only contain PPD-safe characters.
|
||||
+ strlcpy(make, ippGetString(attr, 0, NULL), sizeof(make));
|
||||
+
|
||||
+ for (mptr = make; *mptr; mptr ++)
|
||||
+ {
|
||||
+ if (*mptr < ' ' || *mptr >= 127 || *mptr == '\"')
|
||||
+ {
|
||||
+ // Truncate the make and model on the first bad character...
|
||||
+ *mptr = '\0';
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ while (mptr > make)
|
||||
+ {
|
||||
+ // Strip trailing whitespace...
|
||||
+ mptr --;
|
||||
+ if (*mptr == ' ')
|
||||
+ *mptr = '\0';
|
||||
+ }
|
||||
+
|
||||
+ if (!make[0])
|
||||
+ {
|
||||
+ // Use a default make and model if nothing remains...
|
||||
+ strlcpy(make, "Unknown", sizeof(make));
|
||||
+ }
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ // Use a default make and model...
|
||||
+ strlcpy(make, "Unknown", sizeof(make));
|
||||
+ }
|
||||
+
|
||||
+ if (!strncasecmp(make, "Hewlett Packard ", 16) || !strncasecmp(make, "Hewlett-Packard ", 16))
|
||||
+ {
|
||||
+ // Normalize HP printer make and model...
|
||||
+ model = make + 16;
|
||||
+ strlcpy(make, "HP", sizeof(make));
|
||||
+
|
||||
+ if (!strncasecmp(model, "HP ", 3))
|
||||
+ model += 3;
|
||||
+ }
|
||||
+ else if ((mptr = strchr(make, ' ')) != NULL)
|
||||
+ {
|
||||
+ // Separate "MAKE MODEL"...
|
||||
+ while (*mptr && *mptr == ' ')
|
||||
+ *mptr++ = '\0';
|
||||
+
|
||||
+ model = mptr;
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ // No separate model name...
|
||||
+ model = "Printer";
|
||||
+ }
|
||||
+
|
||||
+
|
||||
/*
|
||||
* Standard stuff for PPD file...
|
||||
*/
|
||||
@@ -1277,24 +1342,6 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
cupsFilePuts(fp, "*FileSystem: False\n");
|
||||
cupsFilePuts(fp, "*PCFileName: \"drvless.ppd\"\n");
|
||||
|
||||
- if ((attr = ippFindAttribute(response, "printer-make-and-model", IPP_TAG_TEXT)) != NULL)
|
||||
- strlcpy(make, ippGetString(attr, 0, NULL), sizeof(make));
|
||||
- else if (make_model && make_model[0] != '\0')
|
||||
- strlcpy(make, make_model, sizeof(make));
|
||||
- else
|
||||
- strlcpy(make, "Unknown Printer", sizeof(make));
|
||||
-
|
||||
- if (!_cups_strncasecmp(make, "Hewlett Packard ", 16) ||
|
||||
- !_cups_strncasecmp(make, "Hewlett-Packard ", 16))
|
||||
- {
|
||||
- model = make + 16;
|
||||
- strlcpy(make, "HP", sizeof(make));
|
||||
- }
|
||||
- else if ((model = strchr(make, ' ')) != NULL)
|
||||
- *model++ = '\0';
|
||||
- else
|
||||
- model = make;
|
||||
-
|
||||
cupsFilePrintf(fp, "*Manufacturer: \"%s\"\n", make);
|
||||
cupsFilePrintf(fp, "*ModelName: \"%s %s\"\n", make, model);
|
||||
cupsFilePrintf(fp, "*Product: \"(%s %s)\"\n", make, model);
|
||||
@@ -1311,10 +1358,10 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
cupsFilePuts(fp, "*cupsSNMPSupplies: False\n");
|
||||
cupsFilePuts(fp, "*cupsLanguages: \"en\"\n");
|
||||
|
||||
- if ((attr = ippFindAttribute(response, "printer-more-info", IPP_TAG_URI)) != NULL)
|
||||
+ if ((attr = ippFindAttribute(response, "printer-more-info", IPP_TAG_URI)) != NULL && ippValidateAttribute(attr))
|
||||
cupsFilePrintf(fp, "*APSupplies: \"%s\"\n", ippGetString(attr, 0, NULL));
|
||||
|
||||
- if ((attr = ippFindAttribute(response, "printer-charge-info-uri", IPP_TAG_URI)) != NULL)
|
||||
+ if ((attr = ippFindAttribute(response, "printer-charge-info-uri", IPP_TAG_URI)) != NULL && ippValidateAttribute(attr))
|
||||
cupsFilePrintf(fp, "*cupsChargeInfoURI: \"%s\"\n", ippGetString(attr, 0, NULL));
|
||||
|
||||
/* Message catalogs for UI strings */
|
||||
@@ -1322,7 +1369,7 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
opt_strings_catalog = optArrayNew();
|
||||
load_opt_strings_catalog(NULL, opt_strings_catalog);
|
||||
}
|
||||
- if ((attr = ippFindAttribute(response, "printer-strings-uri", IPP_TAG_URI)) != NULL) {
|
||||
+ if ((attr = ippFindAttribute(response, "printer-strings-uri", IPP_TAG_URI)) != NULL && ippValidateAttribute(attr)) {
|
||||
printer_opt_strings_catalog = optArrayNew();
|
||||
load_opt_strings_catalog(ippGetString(attr, 0, NULL), printer_opt_strings_catalog);
|
||||
if (printer_opt_strings_catalog)
|
||||
@@ -2150,13 +2197,15 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
break;
|
||||
}
|
||||
if (j >= 0)
|
||||
- cupsFilePrintf(fp, "*InputSlot %s/%s: \"<</MediaPosition %d>>setpagedevice\"\n",
|
||||
- ppdname, human_readable, j);
|
||||
+ {
|
||||
+ cupsFilePrintf(fp, "*InputSlot %s: \"<</MediaPosition %d>>setpagedevice\"\n", ppdname, j);
|
||||
+ ppd_put_string(fp, lang, "InputSlot", ppdname, human_readable);
|
||||
+ }
|
||||
else
|
||||
- cupsFilePrintf(fp, "*InputSlot %s%s%s: \"\"\n",
|
||||
- ppdname,
|
||||
- (human_readable ? "/" : ""),
|
||||
- (human_readable ? human_readable : ""));
|
||||
+ {
|
||||
+ cupsFilePrintf(fp, "*InputSlot %s%s%s:\"\"\n", ppdname, human_readable ? "/" : "", human_readable ? human_readable : "");
|
||||
+ ppd_put_string(fp, lang, "InputSlot", ppdname, human_readable);
|
||||
+ }
|
||||
}
|
||||
cupsFilePuts(fp, "*CloseUI: *InputSlot\n");
|
||||
}
|
||||
@@ -2337,11 +2386,8 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
human_readable = (char *)_cupsLangString(lang, media_types[j][1]);
|
||||
break;
|
||||
}
|
||||
- cupsFilePrintf(fp, "*MediaType %s%s%s: \"<</MediaType(%s)>>setpagedevice\"\n",
|
||||
- ppdname,
|
||||
- (human_readable ? "/" : ""),
|
||||
- (human_readable ? human_readable : ""),
|
||||
- ppdname);
|
||||
+ cupsFilePrintf(fp, "*MediaType %s: \"<</MediaType(%s)>>setpagedevice\"\n", ppdname, ppdname);
|
||||
+ ppd_put_string(fp, lang, "MediaType", ppdname, human_readable);
|
||||
}
|
||||
cupsFilePuts(fp, "*CloseUI: *MediaType\n");
|
||||
}
|
||||
@@ -2755,10 +2801,8 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
human_readable = (char *)_cupsLangString(lang, output_bins[j][1]);
|
||||
break;
|
||||
}
|
||||
- cupsFilePrintf(fp, "*OutputBin %s%s%s: \"\"\n",
|
||||
- ppdname,
|
||||
- (human_readable ? "/" : ""),
|
||||
- (human_readable ? human_readable : ""));
|
||||
+ cupsFilePrintf(fp, "*OutputBin %s: \"\"\n", ppdname);
|
||||
+ ppd_put_string(fp, lang, "OutputBin", ppdname, human_readable);
|
||||
}
|
||||
cupsFilePuts(fp, "*CloseUI: *OutputBin\n");
|
||||
}
|
||||
@@ -2898,9 +2942,8 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
human_readable = (char *)_cupsLangString(lang, finishings[j][1]);
|
||||
break;
|
||||
}
|
||||
- cupsFilePrintf(fp, "*StapleLocation %s%s%s: \"\"\n", name,
|
||||
- (human_readable ? "/" : ""),
|
||||
- (human_readable ? human_readable : ""));
|
||||
+ cupsFilePrintf(fp, "*StapleLocation %s: \"\"\n", name);
|
||||
+ ppd_put_string(fp, lang, "StapleLocation", name, human_readable);
|
||||
cupsFilePrintf(fp, "*cupsIPPFinishings %d/%s: \"*StapleLocation %s\"\n", value, name, name);
|
||||
}
|
||||
|
||||
@@ -2955,9 +2998,8 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
human_readable = (char *)_cupsLangString(lang, finishings[j][1]);
|
||||
break;
|
||||
}
|
||||
- cupsFilePrintf(fp, "*FoldType %s%s%s: \"\"\n", name,
|
||||
- (human_readable ? "/" : ""),
|
||||
- (human_readable ? human_readable : ""));
|
||||
+ cupsFilePrintf(fp, "*FoldType %s: \"\"\n", name);
|
||||
+ ppd_put_string(fp, lang, "FoldType", name, human_readable);
|
||||
cupsFilePrintf(fp, "*cupsIPPFinishings %d/%s: \"*FoldType %s\"\n", value, name, name);
|
||||
}
|
||||
|
||||
@@ -3012,9 +3054,8 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
human_readable = (char *)_cupsLangString(lang, finishings[j][1]);
|
||||
break;
|
||||
}
|
||||
- cupsFilePrintf(fp, "*PunchMedia %s%s%s: \"\"\n", name,
|
||||
- (human_readable ? "/" : ""),
|
||||
- (human_readable ? human_readable : ""));
|
||||
+ cupsFilePrintf(fp, "*PunchMedia %s: \"\"\n", name);
|
||||
+ ppd_put_string(fp, lang, "PunchMedia", name, human_readable);
|
||||
cupsFilePrintf(fp, "*cupsIPPFinishings %d/%s: \"*PunchMedia %s\"\n", value, name, name);
|
||||
}
|
||||
|
||||
@@ -3076,7 +3117,9 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
printer_opt_strings_catalog);
|
||||
if (human_readable == NULL)
|
||||
human_readable = (char *)keyword;
|
||||
- cupsFilePrintf(fp, "*cupsFinishingTemplate %s/%s: \"\n", keyword, human_readable);
|
||||
+ pwg_ppdize_name(keyword, ppdname, sizeof(ppdname));
|
||||
+ cupsFilePrintf(fp, "*cupsFinishingTemplate %s: \"\n", ppdname);
|
||||
+ ppd_put_string(fp, lang, "cupsFinishingTemplate", ppdname, human_readable);
|
||||
for (finishing_attr = ippFirstAttribute(finishing_col); finishing_attr; finishing_attr = ippNextAttribute(finishing_col))
|
||||
{
|
||||
if (ippGetValueTag(finishing_attr) == IPP_TAG_BEGIN_COLLECTION)
|
||||
@@ -3332,11 +3375,11 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
if (!preset || !preset_name)
|
||||
continue;
|
||||
|
||||
- if ((localized_name = lookup_option((char *)preset_name, opt_strings_catalog,
|
||||
- printer_opt_strings_catalog)) == NULL)
|
||||
- cupsFilePrintf(fp, "*APPrinterPreset %s: \"\n", preset_name);
|
||||
- else
|
||||
- cupsFilePrintf(fp, "*APPrinterPreset %s/%s: \"\n", preset_name, localized_name);
|
||||
+ pwg_ppdize_name(preset_name, ppdname, sizeof(ppdname));
|
||||
+
|
||||
+ localized_name = lookup_option((char *)preset_name, opt_strings_catalog, printer_opt_strings_catalog);
|
||||
+ cupsFilePrintf(fp, "*APPrinterPreset %s: \"\n", ppdname);
|
||||
+ ppd_put_string(fp, lang, "APPrinterPreset", ppdname, localized_name);
|
||||
|
||||
for (member = ippFirstAttribute(preset); member; member = ippNextAttribute(preset))
|
||||
{
|
||||
@@ -3378,7 +3421,10 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
fin_col = ippGetCollection(member, i);
|
||||
|
||||
if ((keyword = ippGetString(ippFindAttribute(fin_col, "finishing-template", IPP_TAG_ZERO), 0, NULL)) != NULL)
|
||||
- cupsFilePrintf(fp, "*cupsFinishingTemplate %s\n", keyword);
|
||||
+ {
|
||||
+ pwg_ppdize_name(keyword, ppdname, sizeof(ppdname));
|
||||
+ cupsFilePrintf(fp, "*cupsFinishingTemplate %s\n", ppdname);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
else if (!strcmp(member_name, "media"))
|
||||
@@ -3405,13 +3451,13 @@ ppdCreateFromIPP(char *buffer, /* I - Filename buffer */
|
||||
if ((keyword = ippGetString(ippFindAttribute(media_col, "media-source", IPP_TAG_ZERO), 0, NULL)) != NULL)
|
||||
{
|
||||
pwg_ppdize_name(keyword, ppdname, sizeof(ppdname));
|
||||
- cupsFilePrintf(fp, "*InputSlot %s\n", keyword);
|
||||
+ cupsFilePrintf(fp, "*InputSlot %s\n", ppdname);
|
||||
}
|
||||
|
||||
if ((keyword = ippGetString(ippFindAttribute(media_col, "media-type", IPP_TAG_ZERO), 0, NULL)) != NULL)
|
||||
{
|
||||
pwg_ppdize_name(keyword, ppdname, sizeof(ppdname));
|
||||
- cupsFilePrintf(fp, "*MediaType %s\n", keyword);
|
||||
+ cupsFilePrintf(fp, "*MediaType %s\n", ppdname);
|
||||
}
|
||||
}
|
||||
else if (!strcmp(member_name, "print-quality"))
|
||||
@@ -3670,18 +3716,29 @@ pwg_ppdize_name(const char *ipp, /* I - IPP keyword */
|
||||
char *ptr, /* Pointer into name buffer */
|
||||
*end; /* End of name buffer */
|
||||
|
||||
+ if (!ipp || !_cups_isalnum(*ipp))
|
||||
+ {
|
||||
+ *name = '\0';
|
||||
+ return;
|
||||
+ }
|
||||
|
||||
*name = (char)toupper(*ipp++);
|
||||
|
||||
for (ptr = name + 1, end = name + namesize - 1; *ipp && ptr < end;)
|
||||
{
|
||||
- if (*ipp == '-' && _cups_isalpha(ipp[1]))
|
||||
+ if (*ipp == '-' && isalnum(ipp[1]))
|
||||
{
|
||||
ipp ++;
|
||||
*ptr++ = (char)toupper(*ipp++ & 255);
|
||||
}
|
||||
- else
|
||||
+ else if (*ipp == '_' || *ipp == '.' || *ipp == '-' || isalnum(*ipp))
|
||||
+ {
|
||||
*ptr++ = *ipp++;
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ ipp ++;
|
||||
+ }
|
||||
}
|
||||
|
||||
*ptr = '\0';
|
||||
@@ -3721,6 +3778,41 @@ pwg_ppdize_resolution(
|
||||
snprintf(name, namesize, "%dx%ddpi", *xres, *yres);
|
||||
}
|
||||
}
|
||||
+
|
||||
+
|
||||
+/*
|
||||
+ * 'ppd_put_strings()' - Write localization attributes to a PPD file.
|
||||
+ */
|
||||
+
|
||||
+static void
|
||||
+ppd_put_string(cups_file_t *fp, /* I - PPD file */
|
||||
+ cups_lang_t *lang, /* I - Language */
|
||||
+ const char *ppd_option,/* I - PPD option */
|
||||
+ const char *ppd_choice,/* I - PPD choice */
|
||||
+ const char *text) /* I - Localized text */
|
||||
+{
|
||||
+ if (!text)
|
||||
+ return;
|
||||
+
|
||||
+ // Add the first line of localized text...
|
||||
+#if CUPS_VERSION_MAJOR > 2
|
||||
+ cupsFilePrintf(fp, "*%s.%s %s/", cupsLangGetName(lang), ppd_option, ppd_choice);
|
||||
+#else
|
||||
+ cupsFilePrintf(fp, "*%s.%s %s/", lang->language, ppd_option, ppd_choice);
|
||||
+#endif // CUPS_VERSION_MAJOR > 2
|
||||
+
|
||||
+ while (*text && *text != '\n')
|
||||
+ {
|
||||
+ // Escape ":" and "<"...
|
||||
+ if (*text == ':' || *text == '<')
|
||||
+ cupsFilePrintf(fp, "<%02X>", *text);
|
||||
+ else
|
||||
+ cupsFilePutChar(fp, *text);
|
||||
+
|
||||
+ text ++;
|
||||
+ }
|
||||
+ cupsFilePuts(fp, ": \"\"\n");
|
||||
+}
|
||||
#endif /* HAVE_CUPS_1_6 */
|
||||
|
||||
/*
|
@ -11,7 +11,7 @@
|
||||
Summary: OpenPrinting CUPS filters and backends
|
||||
Name: cups-filters
|
||||
Version: 1.20.0
|
||||
Release: 34%{?dist}
|
||||
Release: 35%{?dist}
|
||||
|
||||
# For a breakdown of the licensing, see COPYING file
|
||||
# GPLv2: filters: commandto*, imagetoraster, pdftops, rasterto*,
|
||||
@ -73,6 +73,10 @@ Patch18: beh-cve2023.patch
|
||||
Patch19: 0001-gstoraster-Improved-detection-whether-input-is-PostS.patch
|
||||
# RHEL-16034 pdftopdf results with (N > 1)^2 copies if a file is sent to IPP printer with collate
|
||||
Patch20: 0001-pdftopdf-Fixed-printing-multiple-copies-on-driverles.patch
|
||||
# CVE-2024-47175 cups-filters: remote command injection via attacker controlled data in PPD file
|
||||
Patch21: cups-filters-CVE-2024-47175.patch
|
||||
# CVE-2024-47076 cups-filters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes
|
||||
Patch22: 0001-cfGetPrinterAttributes5-Validate-response-attributes.patch
|
||||
|
||||
|
||||
%if %{with braille}
|
||||
@ -250,6 +254,10 @@ The package provides filters and cups-brf backend needed for braille printing.
|
||||
%patch19 -p1 -b .gstoraster-psdetect
|
||||
# RHEL-16034 pdftopdf results with (N > 1)^2 copies if a file is sent to IPP printer with collate
|
||||
%patch20 -p1 -b .pdftopdf-ncopies
|
||||
# CVE-2024-47175 cups-filters: remote command injection via attacker controlled data in PPD file
|
||||
%patch21 -p1 -b .CVE-2024-47175
|
||||
# CVE-2024-47076 cups-filters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes
|
||||
%patch22 -p1 -b .CVE-2024-47076
|
||||
|
||||
|
||||
%build
|
||||
@ -283,6 +291,7 @@ The package provides filters and cups-brf backend needed for braille printing.
|
||||
%else
|
||||
--disable-braille \
|
||||
%endif
|
||||
--with-browseremoteprotocols=none\
|
||||
--enable-auto-setup-driverless
|
||||
|
||||
make %{?_smp_mflags}
|
||||
@ -332,6 +341,14 @@ make check
|
||||
%post
|
||||
%systemd_post cups-browsed.service
|
||||
|
||||
# Set BrowseRemoteProtocols to none in light of CVE-2024-47176
|
||||
if ! grep -Fxq "# added by post scriptlet" %{_sysconfdir}/cups/cups-browsed.conf
|
||||
then
|
||||
cp %{_sysconfdir}/cups/cups-browsed.conf %{_sysconfdir}/cups/cups-browsed.conf.rpmsave
|
||||
sed -i "s/^\s*BrowseRemoteProtocols.*/# added by post scriptlet\nBrowseRemoteProtocols none/" %{_sysconfdir}/cups/cups-browsed.conf
|
||||
fi
|
||||
|
||||
|
||||
%preun
|
||||
%systemd_preun cups-browsed.service
|
||||
|
||||
@ -347,7 +364,7 @@ make check
|
||||
%{_pkgdocdir}/README
|
||||
%{_pkgdocdir}/AUTHORS
|
||||
%{_pkgdocdir}/NEWS
|
||||
%config(noreplace) %{_sysconfdir}/cups/cups-browsed.conf
|
||||
%config(noreplace) %verify(not size filedigest mtime) %{_sysconfdir}/cups/cups-browsed.conf
|
||||
%attr(0755,root,root) %{_cups_serverbin}/backend/parallel
|
||||
# Serial backend needs to run as root (bug #212577#c4).
|
||||
%attr(0700,root,root) %{_cups_serverbin}/backend/serial
|
||||
@ -460,6 +477,11 @@ make check
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Sep 27 2024 Zdenek Dohnal <zdohnal@redhat.com> - 1.20.0-35
|
||||
- CVE-2024-47175 cups-filters: remote command injection via attacker controlled data in PPD file
|
||||
- CVE-2024-47076 cups-filters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes
|
||||
- CVE-2024-47176 cups-filters: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source
|
||||
|
||||
* Mon Feb 26 2024 Zdenek Dohnal <zdohnal@redhat.com> - 1.20.0-34
|
||||
- RHEL-13211 redhat-lsb unnecessary pulls in cups and avahi dependencies
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user