diff --git a/cups-CVE-2009-0163.patch b/cups-CVE-2009-0163.patch new file mode 100644 index 0000000..041588a --- /dev/null +++ b/cups-CVE-2009-0163.patch @@ -0,0 +1,14 @@ +diff -up cups-1.4b2-svn8404/filter/image-private.h.CVE-2009-0163 cups-1.4b2-svn8404/filter/image-private.h +--- cups-1.4b2-svn8404/filter/image-private.h.CVE-2009-0163 2009-02-17 17:45:27.000000000 +0000 ++++ cups-1.4b2-svn8404/filter/image-private.h 2009-04-17 16:21:52.000000000 +0100 +@@ -40,8 +40,8 @@ + + # define CUPS_IMAGE_MAX_WIDTH 0x07ffffff + /* 2^27-1 to allow for 15-channel data */ +-# define CUPS_IMAGE_MAX_HEIGHT 0x7fffffff +- /* 2^31-1 */ ++# define CUPS_IMAGE_MAX_HEIGHT 0x3fffffff ++ /* 2^30-1 */ + + # define CUPS_TILE_SIZE 256 /* 256x256 pixel tiles */ + # define CUPS_TILE_MINIMUM 10 /* Minimum number of tiles */ diff --git a/cups-CVE-2009-0164.patch b/cups-CVE-2009-0164.patch new file mode 100644 index 0000000..415ee15 --- /dev/null +++ b/cups-CVE-2009-0164.patch @@ -0,0 +1,653 @@ +diff -up cups-1.4b2-svn8404/CHANGES-1.3.txt.CVE-2009-0164 cups-1.4b2-svn8404/CHANGES-1.3.txt +--- cups-1.4b2-svn8404/CHANGES-1.3.txt.CVE-2009-0164 2009-03-05 10:54:00.000000000 +0000 ++++ cups-1.4b2-svn8404/CHANGES-1.3.txt 2009-04-17 16:47:18.000000000 +0100 +@@ -69,11 +69,6 @@ CHANGES IN CUPS V1.3.10 + - The scheduler now rejects ATTR: messages with empty values. + - The scheduler could consume all CPU handling closed connections + (STR #2988) +- - The scheduler now protects against DNS rebinding attacks on +- localhost. +- - SECURITY: The PNG image reading code did not validate the +- image size properly, leading to a potential buffer overflow +- (STR #2974) + - Fixed some configure script bugs with rc/xinetd directories + (STR #2970) + - The Epson sample driver PPDs contained errors (STR #2979) +diff -up cups-1.4b2-svn8404/cups/http-addr.c.CVE-2009-0164 cups-1.4b2-svn8404/cups/http-addr.c +--- cups-1.4b2-svn8404/cups/http-addr.c.CVE-2009-0164 2009-02-17 17:45:27.000000000 +0000 ++++ cups-1.4b2-svn8404/cups/http-addr.c 2009-04-17 16:47:18.000000000 +0100 +@@ -154,7 +154,7 @@ httpAddrLocalhost( + #endif /* AF_LOCAL */ + + if (addr->addr.sa_family == AF_INET && +- ntohl(addr->ipv4.sin_addr.s_addr) == 0x7f000001) ++ (ntohl(addr->ipv4.sin_addr.s_addr) & 0xff000000) == 0x7f000000) + return (1); + + return (0); +diff -up cups-1.4b2-svn8404/cups/http.c.CVE-2009-0164 cups-1.4b2-svn8404/cups/http.c +--- cups-1.4b2-svn8404/cups/http.c.CVE-2009-0164 2009-04-17 16:47:18.000000000 +0100 ++++ cups-1.4b2-svn8404/cups/http.c 2009-04-17 16:47:18.000000000 +0100 +@@ -1842,18 +1842,35 @@ httpSetField(http_t *http, /* I - + + strlcpy(http->fields[field], value, HTTP_MAX_VALUE); + +- /* +- * Special case for Authorization: as its contents can be +- * longer than HTTP_MAX_VALUE +- */ +- + if (field == HTTP_FIELD_AUTHORIZATION) + { ++ /* ++ * Special case for Authorization: as its contents can be ++ * longer than HTTP_MAX_VALUE ++ */ ++ + if (http->field_authorization) + free(http->field_authorization); + + http->field_authorization = strdup(value); + } ++ else if (field == HTTP_FIELD_HOST) ++ { ++ /* ++ * Special-case for Host: as we don't want a trailing "." on the hostname. ++ */ ++ ++ char *ptr = http->fields[HTTP_FIELD_HOST]; ++ /* Pointer into Host: field */ ++ ++ if (*ptr) ++ { ++ ptr += strlen(ptr) - 1; ++ ++ if (*ptr == '.') ++ *ptr = '\0'; ++ } ++ } + } + + +diff -up cups-1.4b2-svn8404/man/cupsd.conf.man.in.CVE-2009-0164 cups-1.4b2-svn8404/man/cupsd.conf.man.in +--- cups-1.4b2-svn8404/man/cupsd.conf.man.in.CVE-2009-0164 2009-02-17 17:45:27.000000000 +0000 ++++ cups-1.4b2-svn8404/man/cupsd.conf.man.in 2009-04-17 16:47:18.000000000 +0100 +@@ -617,6 +617,11 @@ ServerAdmin user@domain.com + .br + Specifies the email address of the server administrator. + .TP 5 ++ServerAlias hostname ++.br ++Specifies an alternate name that the server is known by. The special name "*" ++allows any name to be used. ++.TP 5 + ServerBin directory + .br + Specifies the directory where backends, CGIs, daemons, and filters may +diff -up cups-1.4b2-svn8404/scheduler/client.c.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/client.c +--- cups-1.4b2-svn8404/scheduler/client.c.CVE-2009-0164 2009-03-05 10:54:00.000000000 +0000 ++++ cups-1.4b2-svn8404/scheduler/client.c 2009-04-17 16:47:48.000000000 +0100 +@@ -39,6 +39,7 @@ + * is_path_absolute() - Is a path absolute and free of relative elements. + * make_certificate() - Make a self-signed SSL/TLS certificate. + * pipe_command() - Pipe the output of a command to the remote client. ++ * valid_host() - Is the Host: field valid? + * write_file() - Send a file via HTTP. + * write_pipe() - Flag that data is available on the CGI pipe. + */ +@@ -108,6 +109,7 @@ static int make_certificate(cupsd_clien + #endif /* HAVE_SSL */ + static int pipe_command(cupsd_client_t *con, int infile, int *outfile, + char *command, char *options, int root); ++static int valid_host(cupsd_client_t *con); + static int write_file(cupsd_client_t *con, http_status_t code, + char *filename, char *type, + struct stat *filestats); +@@ -1129,13 +1131,7 @@ cupsdReadClient(cupsd_client_t *con) /* + return; + } + } +- else if (httpAddrLocalhost(con->http.hostaddr) && +- strcasecmp(con->http.fields[HTTP_FIELD_HOST], "localhost") && +- strncasecmp(con->http.fields[HTTP_FIELD_HOST], "localhost:", 10) && +- strcmp(con->http.fields[HTTP_FIELD_HOST], "127.0.0.1") && +- strncmp(con->http.fields[HTTP_FIELD_HOST], "127.0.0.1:", 10) && +- strcmp(con->http.fields[HTTP_FIELD_HOST], "[::1]") && +- strncmp(con->http.fields[HTTP_FIELD_HOST], "[::1]:", 6)) ++ else if (!valid_host(con)) + { + /* + * Access to localhost must use "localhost" or the corresponding IPv4 +@@ -3278,6 +3274,10 @@ get_cdsa_certificate(cupsd_client_t *con + ssl_options.ServerName = con->servername; + ssl_options.ServerNameLen = strlen(con->servername); + ++ cupsdLogMessage(CUPSD_LOG_DEBUG, ++ "get_cdsa_certificate: Looking for certs for \"%s\"...", ++ con->servername); ++ + options.Data = (uint8 *)&ssl_options; + options.Length = sizeof(ssl_options); + +@@ -3970,7 +3970,7 @@ make_certificate(cupsd_client_t *con) /* + envp[envc] = NULL; + + if (!cupsdStartProcess(command, argv, envp, -1, -1, -1, -1, -1, 1, NULL, 0, +- &pid)) ++ NULL, &pid)) + { + unlink(seedfile); + return (0); +@@ -4862,6 +4862,165 @@ pipe_command(cupsd_client_t *con, /* I - + + + /* ++ * 'valid_host()' - Is the Host: field valid? ++ */ ++ ++static int /* O - 1 if valid, 0 if not */ ++valid_host(cupsd_client_t *con) /* I - Client connection */ ++{ ++ cupsd_alias_t *a; /* Current alias */ ++ cupsd_netif_t *netif; /* Current network interface */ ++ const char *host, /* Host field */ ++ *end; /* End character */ ++ ++ ++ host = con->http.fields[HTTP_FIELD_HOST]; ++ ++ if (httpAddrLocalhost(con->http.hostaddr)) ++ { ++ /* ++ * Only allow "localhost" or the equivalent IPv4 or IPv6 numerical ++ * addresses when accessing CUPS via the loopback interface... ++ */ ++ ++ return (!strcasecmp(host, "localhost") || ++ !strncasecmp(host, "localhost:", 10) || ++ !strcasecmp(host, "localhost.") || ++ !strncasecmp(host, "localhost.:", 11) || ++#ifdef __linux ++ !strcasecmp(host, "localhost.localdomain") || ++ !strncasecmp(host, "localhost.localdomain:", 22) || ++#endif /* __linux */ ++ !strcmp(host, "127.0.0.1") || ++ !strncmp(host, "127.0.0.1:", 10) || ++ !strcmp(host, "[::1]") || ++ !strncmp(host, "[::1]:", 6)); ++ } ++ ++#ifdef HAVE_DNSSD ++ /* ++ * Check if the hostname is something.local (Bonjour); if so, allow it. ++ */ ++ ++ if ((end = strrchr(host, '.')) != NULL && ++ (!strcasecmp(end, ".local") || !strncasecmp(end, ".local:", 7) || ++ !strcasecmp(end, ".local.") || !strncasecmp(end, ".local.:", 8))) ++ return (1); ++#endif /* HAVE_DNSSD */ ++ ++ /* ++ * Check if the hostname is an IP address... ++ */ ++ ++ if (isdigit(*host & 255) || *host == '[') ++ { ++ /* ++ * Possible IPv4/IPv6 address... ++ */ ++ ++ char temp[1024], /* Temporary string */ ++ *ptr; /* Pointer into temporary string */ ++ http_addrlist_t *addrlist; /* List of addresses */ ++ ++ ++ strlcpy(temp, host, sizeof(temp)); ++ if ((ptr = strrchr(temp, ':')) != NULL && !strchr(ptr, ']')) ++ *ptr = '\0'; /* Strip :port from host value */ ++ ++ if ((addrlist = httpAddrGetList(temp, AF_UNSPEC, NULL)) != NULL) ++ { ++ /* ++ * Good IPv4/IPv6 address... ++ */ ++ ++ httpAddrFreeList(addrlist); ++ return (1); ++ } ++ } ++ ++ /* ++ * Check for (alias) name matches... ++ */ ++ ++ for (a = (cupsd_alias_t *)cupsArrayFirst(ServerAlias); ++ a; ++ a = (cupsd_alias_t *)cupsArrayNext(ServerAlias)) ++ { ++ /* ++ * "ServerAlias *" allows all host values through... ++ */ ++ ++ if (!strcmp(a->name, "*")) ++ return (1); ++ ++ if (!strncasecmp(host, a->name, a->namelen)) ++ { ++ /* ++ * Prefix matches; check the character at the end - it must be ":", ".", ++ * ".:", or nul... ++ */ ++ ++ end = host + a->namelen; ++ ++ if (!*end || *end == ':' || (*end == '.' && (!end[1] || end[1] == ':'))) ++ return (1); ++ } ++ } ++ ++#ifdef HAVE_DNSSD ++ for (a = (cupsd_alias_t *)cupsArrayFirst(DNSSDAlias); ++ a; ++ a = (cupsd_alias_t *)cupsArrayNext(DNSSDAlias)) ++ { ++ /* ++ * "ServerAlias *" allows all host values through... ++ */ ++ ++ if (!strcmp(a->name, "*")) ++ return (1); ++ ++ if (!strncasecmp(host, a->name, a->namelen)) ++ { ++ /* ++ * Prefix matches; check the character at the end - it must be ":", ".", ++ * ".:", or nul... ++ */ ++ ++ end = host + a->namelen; ++ ++ if (!*end || *end == ':' || (*end == '.' && (!end[1] || end[1] == ':'))) ++ return (1); ++ } ++ } ++#endif /* HAVE_DNSSD */ ++ ++ /* ++ * Check for interface hostname matches... ++ */ ++ ++ for (netif = (cupsd_netif_t *)cupsArrayFirst(NetIFList); ++ netif; ++ netif = (cupsd_netif_t *)cupsArrayNext(NetIFList)) ++ { ++ if (!strncasecmp(host, netif->hostname, netif->hostlen)) ++ { ++ /* ++ * Prefix matches; check the character at the end - it must be ":", ".", ++ * ".:", or nul... ++ */ ++ ++ end = host + netif->hostlen; ++ ++ if (!*end || *end == ':' || (*end == '.' && (!end[1] || end[1] == ':'))) ++ return (1); ++ } ++ } ++ ++ return (0); ++} ++ ++ ++/* + * 'write_file()' - Send a file via HTTP. + */ + +diff -up cups-1.4b2-svn8404/scheduler/conf.c.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/conf.c +--- cups-1.4b2-svn8404/scheduler/conf.c.CVE-2009-0164 2009-04-17 16:47:18.000000000 +0100 ++++ cups-1.4b2-svn8404/scheduler/conf.c 2009-04-17 16:47:18.000000000 +0100 +@@ -14,13 +14,15 @@ + * + * Contents: + * ++ * cupsdAddAlias() - Add a host alias. + * cupsdCheckPermissions() - Fix the mode and ownership of a file or + * directory. ++ * cupsdFreeAliases() - Free all of the alias entries. + * cupsdReadConfiguration() - Read the cupsd.conf file. + * get_address() - Get an address + port number from a line. + * get_addr_and_mask() - Get an IP address and netmask. +- * parse_aaa() - Parse authentication, authorization, and +- * access control lines. ++ * parse_aaa() - Parse authentication, authorization, and access ++ * control lines. + * parse_fatal_errors() - Parse FatalErrors values in a string. + * parse_groups() - Parse system group names in a string. + * parse_protocols() - Parse browse protocols in a string. +@@ -197,6 +199,7 @@ static const unsigned zeros[4] = + /* + * Local functions... + */ ++ + static http_addrlist_t *get_address(const char *value, int defport); + static int get_addr_and_mask(const char *value, unsigned *ip, + unsigned *mask); +@@ -211,6 +214,30 @@ static int read_policy(cups_file_t *fp, + + + /* ++ * 'cupsdAddAlias()' - Add a host alias. ++ */ ++ ++void ++cupsdAddAlias(cups_array_t *aliases, /* I - Array of aliases */ ++ const char *name) /* I - Name to add */ ++{ ++ cupsd_alias_t *a; /* New alias */ ++ size_t namelen; /* Length of name */ ++ ++ ++ namelen = strlen(name); ++ ++ if ((a = (cupsd_alias_t *)malloc(sizeof(cupsd_alias_t) + namelen)) == NULL) ++ return; ++ ++ a->namelen = namelen; ++ strcpy(a->name, name); /* OK since a->name is allocated */ ++ ++ cupsArrayAdd(aliases, a); ++} ++ ++ ++/* + * 'cupsdCheckPermissions()' - Fix the mode and ownership of a file or directory. + */ + +@@ -362,6 +389,25 @@ cupsdCheckPermissions( + + + /* ++ * 'cupsdFreeAliases()' - Free all of the alias entries. ++ */ ++ ++void ++cupsdFreeAliases(cups_array_t *aliases) /* I - Array of aliases */ ++{ ++ cupsd_alias_t *a; /* Current alias */ ++ ++ ++ for (a = (cupsd_alias_t *)cupsArrayFirst(ServerAlias); ++ a; ++ a = (cupsd_alias_t *)cupsArrayNext(ServerAlias)) ++ free(a); ++ ++ cupsArrayDelete(aliases); ++} ++ ++ ++/* + * 'cupsdReadConfiguration()' - Read the cupsd.conf file. + */ + +@@ -433,6 +479,9 @@ cupsdReadConfiguration(void) + * String options... + */ + ++ cupsdFreeAliases(ServerAlias); ++ ServerAlias = NULL; ++ + cupsdClearString(&ServerName); + cupsdClearString(&ServerAdmin); + cupsdSetString(&ServerBin, CUPS_SERVERBIN); +@@ -674,9 +723,7 @@ cupsdReadConfiguration(void) + + if (!ServerName) + { +- if (HostNameLookups || RemoteAccessEnabled) +- httpGetHostname(NULL, temp, sizeof(temp)); +- else if (gethostname(temp, sizeof(temp))) ++ if (gethostname(temp, sizeof(temp))) + { + cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to get hostname: %s", + strerror(errno)); +@@ -684,6 +731,50 @@ cupsdReadConfiguration(void) + } + + cupsdSetString(&ServerName, temp); ++ ++ if (!ServerAlias) ++ ServerAlias = cupsArrayNew(NULL, NULL); ++ ++ cupsdAddAlias(ServerAlias, temp); ++ cupsdLogMessage(CUPSD_LOG_DEBUG, "Added auto ServerAlias %s", temp); ++ ++ if (HostNameLookups || RemoteAccessEnabled) ++ { ++ struct hostent *host; /* Host entry to get FQDN */ ++ ++ if ((host = gethostbyname(temp)) != NULL) ++ { ++ if (strcasecmp(temp, host->h_name)) ++ { ++ cupsdSetString(&ServerName, host->h_name); ++ cupsdAddAlias(ServerAlias, host->h_name); ++ cupsdLogMessage(CUPSD_LOG_DEBUG, "Added auto ServerAlias %s", ++ host->h_name); ++ } ++ ++ if (host->h_aliases) ++ { ++ for (i = 0; host->h_aliases[i]; i ++) ++ if (strcasecmp(temp, host->h_aliases[i])) ++ { ++ cupsdAddAlias(ServerAlias, host->h_aliases[i]); ++ cupsdLogMessage(CUPSD_LOG_DEBUG, "Added auto ServerAlias %s", ++ host->h_aliases[i]); ++ } ++ } ++ } ++ } ++ ++ /* ++ * Make sure we have the base hostname added as an alias, too! ++ */ ++ ++ if ((slash = strchr(temp, '.')) != NULL) ++ { ++ *slash = '\0'; ++ cupsdAddAlias(ServerAlias, temp); ++ cupsdLogMessage(CUPSD_LOG_DEBUG, "Added auto ServerAlias %s", temp); ++ } + } + + for (slash = ServerName; isdigit(*slash & 255) || *slash == '.'; slash ++); +@@ -3278,6 +3369,13 @@ read_configuration(cups_file_t *fp) /* I + break; + } + } ++ else if (!strcasecmp(line, "ServerAlias") && value) ++ { ++ if (!ServerAlias) ++ ServerAlias = cupsArrayNew(NULL, NULL); ++ ++ cupsdAddAlias(ServerAlias, value); ++ } + else if (!strcasecmp(line, "SetEnv") && value) + { + /* +diff -up cups-1.4b2-svn8404/scheduler/conf.h.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/conf.h +--- cups-1.4b2-svn8404/scheduler/conf.h.CVE-2009-0164 2009-04-17 16:47:18.000000000 +0100 ++++ cups-1.4b2-svn8404/scheduler/conf.h 2009-04-17 16:47:18.000000000 +0100 +@@ -82,6 +82,17 @@ typedef enum + + + /* ++ * ServerAlias data... ++ */ ++ ++typedef struct ++{ ++ size_t namelen; /* Length of alias name */ ++ char name[1]; /* Alias name */ ++} cupsd_alias_t; ++ ++ ++/* + * Globals... + */ + +@@ -105,6 +116,8 @@ VAR char *ConfigurationFile VALUE(NULL) + /* Directory for request files */ + *DocumentRoot VALUE(NULL); + /* Root directory for documents */ ++VAR cups_array_t *ServerAlias VALUE(NULL); ++ /* Alias names for server */ + VAR int RemoteAccessEnabled VALUE(0), + /* Are we listening on non-local addresses? */ + ServerNameIsIP VALUE(0); +@@ -269,10 +282,12 @@ VAR char *SystemGroupAuthKey VALUE(NULL + * Prototypes... + */ + ++extern void cupsdAddAlias(cups_array_t *aliases, const char *name); + extern int cupsdCheckPermissions(const char *filename, + const char *suffix, int mode, + int user, int group, int is_dir, + int create_dir); ++extern void cupsdFreeAliases(cups_array_t *aliases); + extern char *cupsdGetDateTime(struct timeval *t, cupsd_time_t format); + #ifdef HAVE_GSSAPI + extern int cupsdLogGSSMessage(int level, int major_status, +diff -up cups-1.4b2-svn8404/scheduler/dirsvc.c.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/dirsvc.c +--- cups-1.4b2-svn8404/scheduler/dirsvc.c.CVE-2009-0164 2009-04-17 16:47:18.000000000 +0100 ++++ cups-1.4b2-svn8404/scheduler/dirsvc.c 2009-04-17 16:47:18.000000000 +0100 +@@ -38,6 +38,7 @@ + * cupsdUpdateLDAPBrowse() - Scan for new printers via LDAP... + * cupsdUpdateSLPBrowse() - Get browsing information via SLP. + * dequote() - Remote quotes from a string. ++ * dnssdAddAlias() - Add a DNS-SD alias name. + * dnssdBuildTxtRecord() - Build a TXT record from printer info. + * dnssdComparePrinters() - Compare the registered names of two printers. + * dnssdDeregisterPrinter() - Stop sending broadcast information for a +@@ -155,6 +156,10 @@ static void update_smb(int onoff); + + + #ifdef HAVE_DNSSD ++# ifdef HAVE_COREFOUNDATION ++static void dnssdAddAlias(const void *key, const void *value, ++ void *context); ++# endif /* HAVE_COREFOUNDATION */ + static char *dnssdBuildTxtRecord(int *txt_len, cupsd_printer_t *p, + int for_lpd); + static int dnssdComparePrinters(cupsd_printer_t *a, cupsd_printer_t *b); +@@ -2199,6 +2204,38 @@ dequote(char *d, /* I - Destinat + + + #ifdef HAVE_DNSSD ++# ifdef HAVE_COREFOUNDATION ++/* ++ * 'dnssdAddAlias()' - Add a DNS-SD alias name. ++ */ ++ ++static void ++dnssdAddAlias(const void *key, /* I - Key */ ++ const void *value, /* I - Value (domain) */ ++ void *context) /* I - Unused */ ++{ ++ char valueStr[1024], /* Domain string */ ++ hostname[1024]; /* Complete hostname */ ++ ++ ++ (void)context; ++ ++ if (CFGetTypeID((CFStringRef)value) == CFStringGetTypeID() && ++ CFStringGetCString((CFStringRef)value, valueStr, sizeof(valueStr), ++ kCFStringEncodingUTF8)) ++ { ++ snprintf(hostname, sizeof(hostname), "%s.%s", DNSSDName, valueStr); ++ if (!DNSSDAlias) ++ DNSSDAlias = cupsArrayNew(NULL, NULL); ++ ++ cupsdAddAlias(DNSSDAlias, hostname); ++ cupsdLogMessage(CUPSD_LOG_DEBUG, "Added Back to My Mac ServerAlias %s", ++ hostname); ++ } ++} ++# endif /* HAVE_COREFOUNDATION */ ++ ++ + /* + * 'dnssdBuildTxtRecord()' - Build a TXT record from printer info. + */ +diff -up cups-1.4b2-svn8404/scheduler/dirsvc.h.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/dirsvc.h +--- cups-1.4b2-svn8404/scheduler/dirsvc.h.CVE-2009-0164 2009-02-17 17:45:27.000000000 +0000 ++++ cups-1.4b2-svn8404/scheduler/dirsvc.h 2009-04-17 16:47:18.000000000 +0100 +@@ -4,7 +4,7 @@ + * Directory services definitions for the Common UNIX Printing System + * (CUPS) scheduler. + * +- * Copyright 2007-2008 by Apple Inc. ++ * Copyright 2007-2009 by Apple Inc. + * Copyright 1997-2007 by Easy Software Products, all rights reserved. + * + * These coded instructions, statements, and computer programs are the +@@ -135,6 +135,8 @@ VAR cupsd_statbuf_t *PollStatusBuffer VA + #ifdef HAVE_DNSSD + VAR char *DNSSDName VALUE(NULL); + /* Computer/server name */ ++VAR cups_array_t *DNSSDAlias VALUE(NULL); ++ /* List of dynamic ServerAlias's */ + VAR int DNSSDPort VALUE(0); + /* Port number to register */ + VAR cups_array_t *DNSSDPrinters VALUE(NULL); +diff -up cups-1.4b2-svn8404/scheduler/network.c.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/network.c +--- cups-1.4b2-svn8404/scheduler/network.c.CVE-2009-0164 2009-02-05 10:57:28.000000000 +0000 ++++ cups-1.4b2-svn8404/scheduler/network.c 2009-04-17 16:47:18.000000000 +0100 +@@ -101,6 +101,7 @@ cupsdNetIFUpdate(void) + struct ifaddrs *addrs, /* Interface address list */ + *addr; /* Current interface address */ + char hostname[1024]; /* Hostname for address */ ++ size_t hostlen; /* Length of hostname */ + + + /* +@@ -176,8 +177,8 @@ cupsdNetIFUpdate(void) + * Create a new address element... + */ + +- if ((temp = calloc(1, sizeof(cupsd_netif_t) + +- strlen(hostname))) == NULL) ++ hostlen = strlen(hostname); ++ if ((temp = calloc(1, sizeof(cupsd_netif_t) + hostlen)) == NULL) + break; + + /* +@@ -185,6 +186,7 @@ cupsdNetIFUpdate(void) + */ + + strlcpy(temp->name, addr->ifa_name, sizeof(temp->name)); ++ temp->hostlen = hostlen; + strcpy(temp->hostname, hostname); /* Safe because hostname is allocated */ + + if (addr->ifa_addr->sa_family == AF_INET) +diff -up cups-1.4b2-svn8404/scheduler/network.h.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/network.h +--- cups-1.4b2-svn8404/scheduler/network.h.CVE-2009-0164 2008-12-03 15:39:53.000000000 +0000 ++++ cups-1.4b2-svn8404/scheduler/network.h 2009-04-17 16:47:18.000000000 +0100 +@@ -4,7 +4,7 @@ + * Network interface definitions for the Common UNIX Printing System + * (CUPS) scheduler. + * +- * Copyright 2007 by Apple Inc. ++ * Copyright 2007-2009 by Apple Inc. + * Copyright 1997-2006 by Easy Software Products, all rights reserved. + * + * These coded instructions, statements, and computer programs are the +@@ -25,6 +25,7 @@ typedef struct cupsd_netif_s /**** Netw + http_addr_t address, /* Network address */ + mask, /* Network mask */ + broadcast; /* Broadcast address */ ++ size_t hostlen; /* Length of hostname */ + char name[32], /* Network interface name */ + hostname[1]; /* Hostname associated with interface */ + } cupsd_netif_t; diff --git a/cups-lspp.patch b/cups-lspp.patch index 136807f..c2a71bc 100644 --- a/cups-lspp.patch +++ b/cups-lspp.patch @@ -1,6 +1,6 @@ diff -up cups-1.4b2-svn8404/config.h.in.lspp cups-1.4b2-svn8404/config.h.in ---- cups-1.4b2-svn8404/config.h.in.lspp 2009-03-05 11:40:03.000000000 +0000 -+++ cups-1.4b2-svn8404/config.h.in 2009-03-05 11:40:03.000000000 +0000 +--- cups-1.4b2-svn8404/config.h.in.lspp 2009-04-17 16:48:02.000000000 +0100 ++++ cups-1.4b2-svn8404/config.h.in 2009-04-17 16:48:03.000000000 +0100 @@ -626,6 +626,13 @@ #undef HAVE_TCPD_H @@ -16,8 +16,8 @@ diff -up cups-1.4b2-svn8404/config.h.in.lspp cups-1.4b2-svn8404/config.h.in /* diff -up /dev/null cups-1.4b2-svn8404/config-scripts/cups-lspp.m4 ---- /dev/null 2009-03-05 08:48:03.067001897 +0000 -+++ cups-1.4b2-svn8404/config-scripts/cups-lspp.m4 2009-03-05 11:40:03.000000000 +0000 +--- /dev/null 2009-04-17 08:56:26.038189487 +0100 ++++ cups-1.4b2-svn8404/config-scripts/cups-lspp.m4 2009-04-17 16:48:03.000000000 +0100 @@ -0,0 +1,36 @@ +dnl +dnl LSPP code for the Common UNIX Printing System (CUPS). @@ -57,7 +57,7 @@ diff -up /dev/null cups-1.4b2-svn8404/config-scripts/cups-lspp.m4 +fi diff -up cups-1.4b2-svn8404/configure.in.lspp cups-1.4b2-svn8404/configure.in --- cups-1.4b2-svn8404/configure.in.lspp 2009-02-17 17:45:27.000000000 +0000 -+++ cups-1.4b2-svn8404/configure.in 2009-03-05 11:40:03.000000000 +0000 ++++ cups-1.4b2-svn8404/configure.in 2009-04-17 16:48:03.000000000 +0100 @@ -42,6 +42,8 @@ sinclude(config-scripts/cups-pap.m4) sinclude(config-scripts/cups-pdf.m4) sinclude(config-scripts/cups-scripting.m4) @@ -69,7 +69,7 @@ diff -up cups-1.4b2-svn8404/configure.in.lspp cups-1.4b2-svn8404/configure.in LANGFILES="" diff -up cups-1.4b2-svn8404/cups/cups.h.lspp cups-1.4b2-svn8404/cups/cups.h --- cups-1.4b2-svn8404/cups/cups.h.lspp 2009-03-05 10:54:00.000000000 +0000 -+++ cups-1.4b2-svn8404/cups/cups.h 2009-03-05 11:40:03.000000000 +0000 ++++ cups-1.4b2-svn8404/cups/cups.h 2009-04-17 16:48:03.000000000 +0100 @@ -15,6 +15,9 @@ * This file is subject to the Apple OS-Developed Software exception. */ @@ -95,7 +95,7 @@ diff -up cups-1.4b2-svn8404/cups/cups.h.lspp cups-1.4b2-svn8404/cups/cups.h */ diff -up cups-1.4b2-svn8404/data/Makefile.lspp cups-1.4b2-svn8404/data/Makefile --- cups-1.4b2-svn8404/data/Makefile.lspp 2009-02-17 17:45:27.000000000 +0000 -+++ cups-1.4b2-svn8404/data/Makefile 2009-03-05 11:40:03.000000000 +0000 ++++ cups-1.4b2-svn8404/data/Makefile 2009-04-17 16:48:03.000000000 +0100 @@ -25,7 +25,10 @@ BANNERS = \ secret \ standard \ @@ -109,8 +109,8 @@ diff -up cups-1.4b2-svn8404/data/Makefile.lspp cups-1.4b2-svn8404/data/Makefile CHARMAPS = \ euc-cn.txt \ diff -up /dev/null cups-1.4b2-svn8404/data/mls ---- /dev/null 2009-03-05 08:48:03.067001897 +0000 -+++ cups-1.4b2-svn8404/data/mls 2009-03-05 11:40:03.000000000 +0000 +--- /dev/null 2009-04-17 08:56:26.038189487 +0100 ++++ cups-1.4b2-svn8404/data/mls 2009-04-17 16:48:03.000000000 +0100 @@ -0,0 +1,261 @@ +%!PS-Adobe-3.0 +%%BoundingBox: 0 0 612 792 @@ -374,8 +374,8 @@ diff -up /dev/null cups-1.4b2-svn8404/data/mls +% +%%EOF diff -up /dev/null cups-1.4b2-svn8404/data/selinux ---- /dev/null 2009-03-05 08:48:03.067001897 +0000 -+++ cups-1.4b2-svn8404/data/selinux 2009-03-05 11:40:03.000000000 +0000 +--- /dev/null 2009-04-17 08:56:26.038189487 +0100 ++++ cups-1.4b2-svn8404/data/selinux 2009-04-17 16:48:03.000000000 +0100 @@ -0,0 +1,261 @@ +%!PS-Adobe-3.0 +%%BoundingBox: 0 0 612 792 @@ -639,8 +639,8 @@ diff -up /dev/null cups-1.4b2-svn8404/data/selinux +% +%%EOF diff -up /dev/null cups-1.4b2-svn8404/data/te ---- /dev/null 2009-03-05 08:48:03.067001897 +0000 -+++ cups-1.4b2-svn8404/data/te 2009-03-05 11:40:03.000000000 +0000 +--- /dev/null 2009-04-17 08:56:26.038189487 +0100 ++++ cups-1.4b2-svn8404/data/te 2009-04-17 16:48:03.000000000 +0100 @@ -0,0 +1,261 @@ +%!PS-Adobe-3.0 +%%BoundingBox: 0 0 612 792 @@ -905,7 +905,7 @@ diff -up /dev/null cups-1.4b2-svn8404/data/te +%%EOF diff -up cups-1.4b2-svn8404/filter/common.c.lspp cups-1.4b2-svn8404/filter/common.c --- cups-1.4b2-svn8404/filter/common.c.lspp 2008-12-03 15:39:53.000000000 +0000 -+++ cups-1.4b2-svn8404/filter/common.c 2009-03-05 11:40:03.000000000 +0000 ++++ cups-1.4b2-svn8404/filter/common.c 2009-04-17 16:48:03.000000000 +0100 @@ -30,6 +30,12 @@ * Include necessary headers... */ @@ -1075,8 +1075,8 @@ diff -up cups-1.4b2-svn8404/filter/common.c.lspp cups-1.4b2-svn8404/filter/commo /* diff -up cups-1.4b2-svn8404/filter/pstops.c.lspp cups-1.4b2-svn8404/filter/pstops.c ---- cups-1.4b2-svn8404/filter/pstops.c.lspp 2009-03-05 11:40:03.000000000 +0000 -+++ cups-1.4b2-svn8404/filter/pstops.c 2009-03-05 11:40:03.000000000 +0000 +--- cups-1.4b2-svn8404/filter/pstops.c.lspp 2009-04-17 16:48:02.000000000 +0100 ++++ cups-1.4b2-svn8404/filter/pstops.c 2009-04-17 16:48:03.000000000 +0100 @@ -3239,6 +3239,18 @@ write_label_prolog(pstops_doc_t *doc, /* { const char *classification; /* CLASSIFICATION environment variable */ @@ -1233,8 +1233,8 @@ diff -up cups-1.4b2-svn8404/filter/pstops.c.lspp cups-1.4b2-svn8404/filter/pstop /* diff -up cups-1.4b2-svn8404/Makedefs.in.lspp cups-1.4b2-svn8404/Makedefs.in ---- cups-1.4b2-svn8404/Makedefs.in.lspp 2009-03-05 11:40:03.000000000 +0000 -+++ cups-1.4b2-svn8404/Makedefs.in 2009-03-05 11:40:03.000000000 +0000 +--- cups-1.4b2-svn8404/Makedefs.in.lspp 2009-04-17 16:48:02.000000000 +0100 ++++ cups-1.4b2-svn8404/Makedefs.in 2009-04-17 16:48:03.000000000 +0100 @@ -146,7 +146,7 @@ LIBCUPSORDER = @LIBCUPSORDER@ LIBCUPSIMAGEORDER = @LIBCUPSIMAGEORDER@ LINKCUPS = @LINKCUPS@ $(SSLLIBS) $(DNSSDLIBS) @@ -1254,17 +1254,17 @@ diff -up cups-1.4b2-svn8404/Makedefs.in.lspp cups-1.4b2-svn8404/Makedefs.in .c.o: diff -up cups-1.4b2-svn8404/scheduler/client.c.lspp cups-1.4b2-svn8404/scheduler/client.c ---- cups-1.4b2-svn8404/scheduler/client.c.lspp 2009-03-05 10:54:00.000000000 +0000 -+++ cups-1.4b2-svn8404/scheduler/client.c 2009-03-05 11:40:03.000000000 +0000 -@@ -41,6 +41,7 @@ - * pipe_command() - Pipe the output of a command to the remote client. +--- cups-1.4b2-svn8404/scheduler/client.c.lspp 2009-04-17 16:48:03.000000000 +0100 ++++ cups-1.4b2-svn8404/scheduler/client.c 2009-04-17 16:48:25.000000000 +0100 +@@ -42,6 +42,7 @@ + * valid_host() - Is the Host: field valid? * write_file() - Send a file via HTTP. * write_pipe() - Flag that data is available on the CGI pipe. + * client_pid_to_auid() - Get the audit login uid of the client. */ /* -@@ -49,6 +50,7 @@ +@@ -50,6 +51,7 @@ #include "cupsd.h" @@ -1272,7 +1272,7 @@ diff -up cups-1.4b2-svn8404/scheduler/client.c.lspp cups-1.4b2-svn8404/scheduler #ifdef HAVE_CDSASSL # include # ifdef HAVE_SECIDENTITYSEARCHPRIV_H -@@ -81,6 +83,12 @@ extern const char *cssmErrorString(int e +@@ -82,6 +84,12 @@ extern const char *cssmErrorString(int e # include #endif /* HAVE_TCPD_H */ @@ -1285,7 +1285,7 @@ diff -up cups-1.4b2-svn8404/scheduler/client.c.lspp cups-1.4b2-svn8404/scheduler /* * Local functions... -@@ -381,6 +389,57 @@ cupsdAcceptClient(cupsd_listener_t *lis) +@@ -383,6 +391,57 @@ cupsdAcceptClient(cupsd_listener_t *lis) } #endif /* HAVE_TCPD_H */ @@ -1343,7 +1343,7 @@ diff -up cups-1.4b2-svn8404/scheduler/client.c.lspp cups-1.4b2-svn8404/scheduler #ifdef AF_INET6 if (con->http.hostaddr->addr.sa_family == AF_INET6) cupsdLogMessage(CUPSD_LOG_DEBUG, "cupsdAcceptClient: %d from %s:%d (IPv6)", -@@ -772,6 +831,13 @@ cupsdReadClient(cupsd_client_t *con) /* +@@ -774,6 +833,13 @@ cupsdReadClient(cupsd_client_t *con) /* mime_type_t *type; /* MIME type of file */ cupsd_printer_t *p; /* Printer */ static unsigned request_id = 0; /* Request ID for temp files */ @@ -1357,7 +1357,7 @@ diff -up cups-1.4b2-svn8404/scheduler/client.c.lspp cups-1.4b2-svn8404/scheduler status = HTTP_CONTINUE; -@@ -2054,6 +2120,67 @@ cupsdReadClient(cupsd_client_t *con) /* +@@ -2050,6 +2116,67 @@ cupsdReadClient(cupsd_client_t *con) /* fchmod(con->file, 0640); fchown(con->file, RunUser, Group); fcntl(con->file, F_SETFD, fcntl(con->file, F_GETFD) | FD_CLOEXEC); @@ -1478,7 +1478,7 @@ diff -up cups-1.4b2-svn8404/scheduler/client.c.lspp cups-1.4b2-svn8404/scheduler */ diff -up cups-1.4b2-svn8404/scheduler/client.h.lspp cups-1.4b2-svn8404/scheduler/client.h --- cups-1.4b2-svn8404/scheduler/client.h.lspp 2009-02-17 17:45:27.000000000 +0000 -+++ cups-1.4b2-svn8404/scheduler/client.h 2009-03-05 11:40:03.000000000 +0000 ++++ cups-1.4b2-svn8404/scheduler/client.h 2009-04-17 16:48:03.000000000 +0100 @@ -18,6 +18,13 @@ #endif /* HAVE_AUTHORIZATION_H */ @@ -1515,9 +1515,9 @@ diff -up cups-1.4b2-svn8404/scheduler/client.h.lspp cups-1.4b2-svn8404/scheduler /* diff -up cups-1.4b2-svn8404/scheduler/conf.c.lspp cups-1.4b2-svn8404/scheduler/conf.c ---- cups-1.4b2-svn8404/scheduler/conf.c.lspp 2009-03-05 11:40:03.000000000 +0000 -+++ cups-1.4b2-svn8404/scheduler/conf.c 2009-03-05 11:40:03.000000000 +0000 -@@ -27,6 +27,7 @@ +--- cups-1.4b2-svn8404/scheduler/conf.c.lspp 2009-04-17 16:48:03.000000000 +0100 ++++ cups-1.4b2-svn8404/scheduler/conf.c 2009-04-17 16:48:03.000000000 +0100 +@@ -29,6 +29,7 @@ * read_configuration() - Read a configuration file. * read_location() - Read a definition. * read_policy() - Read a definition. @@ -1525,7 +1525,7 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.c.lspp cups-1.4b2-svn8404/scheduler/c */ /* -@@ -48,6 +49,9 @@ +@@ -50,6 +51,9 @@ # define INADDR_NONE 0xffffffff #endif /* !INADDR_NONE */ @@ -1535,7 +1535,7 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.c.lspp cups-1.4b2-svn8404/scheduler/c /* * Configuration variable structure... -@@ -169,6 +173,10 @@ static const cupsd_var_t variables[] = +@@ -171,6 +175,10 @@ static const cupsd_var_t variables[] = # if defined(HAVE_LIBSSL) || defined(HAVE_GNUTLS) { "ServerKey", &ServerKey, CUPSD_VARTYPE_PATHNAME }, # endif /* HAVE_LIBSSL || HAVE_GNUTLS */ @@ -1546,7 +1546,7 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.c.lspp cups-1.4b2-svn8404/scheduler/c #endif /* HAVE_SSL */ { "ServerName", &ServerName, CUPSD_VARTYPE_STRING }, { "ServerRoot", &ServerRoot, CUPSD_VARTYPE_PATHNAME }, -@@ -382,6 +390,9 @@ cupsdReadConfiguration(void) +@@ -428,6 +436,9 @@ cupsdReadConfiguration(void) const char *tmpdir; /* TMPDIR environment variable */ struct stat tmpinfo; /* Temporary directory info */ cupsd_policy_t *p; /* Policy */ @@ -1556,7 +1556,7 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.c.lspp cups-1.4b2-svn8404/scheduler/c /* -@@ -665,6 +676,25 @@ cupsdReadConfiguration(void) +@@ -714,6 +725,25 @@ cupsdReadConfiguration(void) RunUser = getuid(); @@ -1582,7 +1582,7 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.c.lspp cups-1.4b2-svn8404/scheduler/c cupsdLogMessage(CUPSD_LOG_INFO, "Remote access is %s.", RemoteAccessEnabled ? "enabled" : "disabled"); -@@ -981,11 +1011,23 @@ cupsdReadConfiguration(void) +@@ -1072,11 +1102,23 @@ cupsdReadConfiguration(void) * Update classification setting as needed... */ @@ -1607,7 +1607,7 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.c.lspp cups-1.4b2-svn8404/scheduler/c /* * Check the MaxClients setting, and then allocate memory for it... -@@ -3536,6 +3578,18 @@ read_location(cups_file_t *fp, /* I - C +@@ -3634,6 +3676,18 @@ read_location(cups_file_t *fp, /* I - C return ((FatalErrors & CUPSD_FATAL_CONFIG) ? 0 : linenum); } @@ -1627,9 +1627,9 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.c.lspp cups-1.4b2-svn8404/scheduler/c /* * 'read_policy()' - Read a definition. diff -up cups-1.4b2-svn8404/scheduler/conf.h.lspp cups-1.4b2-svn8404/scheduler/conf.h ---- cups-1.4b2-svn8404/scheduler/conf.h.lspp 2009-03-05 11:40:03.000000000 +0000 -+++ cups-1.4b2-svn8404/scheduler/conf.h 2009-03-05 11:40:03.000000000 +0000 -@@ -246,6 +246,12 @@ VAR char *ServerKey VALUE(NULL); +--- cups-1.4b2-svn8404/scheduler/conf.h.lspp 2009-04-17 16:48:03.000000000 +0100 ++++ cups-1.4b2-svn8404/scheduler/conf.h 2009-04-17 16:48:03.000000000 +0100 +@@ -259,6 +259,12 @@ VAR char *ServerKey VALUE(NULL); VAR int SSLOptions VALUE(CUPSD_SSL_NONE); /* SSL/TLS options */ #endif /* HAVE_SSL */ @@ -1642,7 +1642,7 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.h.lspp cups-1.4b2-svn8404/scheduler/c #ifdef HAVE_LAUNCHD VAR int LaunchdTimeout VALUE(DEFAULT_KEEPALIVE); -@@ -264,6 +270,9 @@ VAR char *SystemGroupAuthKey VALUE(NULL +@@ -277,6 +283,9 @@ VAR char *SystemGroupAuthKey VALUE(NULL /* System group auth key */ #endif /* HAVE_AUTHORIZATION_H */ @@ -1653,8 +1653,8 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.h.lspp cups-1.4b2-svn8404/scheduler/c /* * Prototypes... diff -up cups-1.4b2-svn8404/scheduler/ipp.c.lspp cups-1.4b2-svn8404/scheduler/ipp.c ---- cups-1.4b2-svn8404/scheduler/ipp.c.lspp 2009-03-05 11:40:03.000000000 +0000 -+++ cups-1.4b2-svn8404/scheduler/ipp.c 2009-03-05 11:40:03.000000000 +0000 +--- cups-1.4b2-svn8404/scheduler/ipp.c.lspp 2009-04-17 16:48:02.000000000 +0100 ++++ cups-1.4b2-svn8404/scheduler/ipp.c 2009-04-17 16:48:03.000000000 +0100 @@ -41,6 +41,7 @@ * cancel_all_jobs() - Cancel all print jobs. * cancel_job() - Cancel a print job. @@ -2247,8 +2247,8 @@ diff -up cups-1.4b2-svn8404/scheduler/ipp.c.lspp cups-1.4b2-svn8404/scheduler/ip * Check the username against the owner... */ diff -up cups-1.4b2-svn8404/scheduler/job.c.lspp cups-1.4b2-svn8404/scheduler/job.c ---- cups-1.4b2-svn8404/scheduler/job.c.lspp 2009-03-05 11:40:03.000000000 +0000 -+++ cups-1.4b2-svn8404/scheduler/job.c 2009-03-05 12:07:09.000000000 +0000 +--- cups-1.4b2-svn8404/scheduler/job.c.lspp 2009-04-17 16:48:02.000000000 +0100 ++++ cups-1.4b2-svn8404/scheduler/job.c 2009-04-17 16:48:03.000000000 +0100 @@ -65,6 +65,9 @@ * update_job_attrs() - Update the job-printer-* attributes. */ @@ -2643,7 +2643,7 @@ diff -up cups-1.4b2-svn8404/scheduler/job.c.lspp cups-1.4b2-svn8404/scheduler/jo */ diff -up cups-1.4b2-svn8404/scheduler/job.h.lspp cups-1.4b2-svn8404/scheduler/job.h --- cups-1.4b2-svn8404/scheduler/job.h.lspp 2009-03-05 10:54:00.000000000 +0000 -+++ cups-1.4b2-svn8404/scheduler/job.h 2009-03-05 11:40:03.000000000 +0000 ++++ cups-1.4b2-svn8404/scheduler/job.h 2009-04-17 16:48:03.000000000 +0100 @@ -13,6 +13,13 @@ * file is missing or damaged, see the license at "http://www.cups.org/". */ @@ -2670,8 +2670,8 @@ diff -up cups-1.4b2-svn8404/scheduler/job.h.lspp cups-1.4b2-svn8404/scheduler/jo diff -up cups-1.4b2-svn8404/scheduler/main.c.lspp cups-1.4b2-svn8404/scheduler/main.c ---- cups-1.4b2-svn8404/scheduler/main.c.lspp 2009-03-05 11:40:03.000000000 +0000 -+++ cups-1.4b2-svn8404/scheduler/main.c 2009-03-05 11:40:03.000000000 +0000 +--- cups-1.4b2-svn8404/scheduler/main.c.lspp 2009-04-17 16:48:02.000000000 +0100 ++++ cups-1.4b2-svn8404/scheduler/main.c 2009-04-17 16:48:03.000000000 +0100 @@ -35,6 +35,8 @@ * usage() - Show scheduler usage. */ @@ -2740,8 +2740,8 @@ diff -up cups-1.4b2-svn8404/scheduler/main.c.lspp cups-1.4b2-svn8404/scheduler/m } diff -up cups-1.4b2-svn8404/scheduler/printers.c.lspp cups-1.4b2-svn8404/scheduler/printers.c ---- cups-1.4b2-svn8404/scheduler/printers.c.lspp 2009-03-05 11:40:03.000000000 +0000 -+++ cups-1.4b2-svn8404/scheduler/printers.c 2009-03-05 11:40:03.000000000 +0000 +--- cups-1.4b2-svn8404/scheduler/printers.c.lspp 2009-04-17 16:48:02.000000000 +0100 ++++ cups-1.4b2-svn8404/scheduler/printers.c 2009-04-17 16:48:03.000000000 +0100 @@ -58,6 +58,8 @@ * write_xml_string() - Write a string with XML escaping. */ diff --git a/cups.spec b/cups.spec index 2cfde1b..329462c 100644 --- a/cups.spec +++ b/cups.spec @@ -8,7 +8,7 @@ Summary: Common Unix Printing System Name: cups Version: 1.4 -Release: 0.%{pre}.13%{?dist} +Release: 0.%{pre}.14%{?dist} License: GPLv2 Group: System Environment/Daemons Source: ftp://ftp.easysw.com/pub/cups/test//cups-%{version}%{?pre}%{?svn}-source.tar.bz2 @@ -49,6 +49,8 @@ Patch22: cups-build.patch Patch23: cups-res_init.patch Patch26: cups-avahi.patch Patch27: cups-missing-devices.patch +Patch28: cups-CVE-2009-0163.patch +Patch29: cups-CVE-2009-0164.patch Patch100: cups-lspp.patch Epoch: 1 Url: http://www.cups.org/ @@ -191,6 +193,8 @@ module. %patch23 -p1 -b .res_init %patch26 -p1 -b .avahi %patch27 -p1 -b .missing-devices +%patch28 -p1 -b .CVE-2009-0163 +%patch29 -p1 -b .CVE-2009-0164 %if %lspp %patch100 -p1 -b .lspp @@ -472,6 +476,10 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/php/modules/*.so %changelog +* Fri Apr 17 2009 Tim Waugh 1:1.4-0.b2.14 +- Applied patch to fix CVE-2009-0163 (bug #490596). +- Applied patch to fix CVE-2009-0164 (bug #490597). + * Thu Apr 2 2009 Tim Waugh 1:1.4-0.b2.13 - Don't verify MD5 sum, file size, or mtime for several config files: cupsd.conf, client.conf, classes.conf, printers.conf, snmp.conf,