- Accept "Host: ::1" (bug #497393).

- Accept Host: fields set to the ServerName value (bug #497301).

cups-CVE-2009-0164.patch

@@ -1,6 +1,6 @@
 diff -up cups-1.4b2-svn8404/CHANGES-1.3.txt.CVE-2009-0164 cups-1.4b2-svn8404/CHANGES-1.3.txt
 --- cups-1.4b2-svn8404/CHANGES-1.3.txt.CVE-2009-0164	2009-03-05 10:54:00.000000000 +0000
-+++ cups-1.4b2-svn8404/CHANGES-1.3.txt	2009-04-17 16:47:18.000000000 +0100
++++ cups-1.4b2-svn8404/CHANGES-1.3.txt	2009-04-26 13:22:11.000000000 +0100
 @@ -69,11 +69,6 @@ CHANGES IN CUPS V1.3.10
  	- The scheduler now rejects ATTR: messages with empty values.
  	- The scheduler could consume all CPU handling closed connections
@@ -15,7 +15,7 @@ diff -up cups-1.4b2-svn8404/CHANGES-1.3.txt.CVE-2009-0164 cups-1.4b2-svn8404/CHA
  	- The Epson sample driver PPDs contained errors (STR #2979)
 diff -up cups-1.4b2-svn8404/cups/http-addr.c.CVE-2009-0164 cups-1.4b2-svn8404/cups/http-addr.c
 --- cups-1.4b2-svn8404/cups/http-addr.c.CVE-2009-0164	2009-02-17 17:45:27.000000000 +0000
-+++ cups-1.4b2-svn8404/cups/http-addr.c	2009-04-17 16:47:18.000000000 +0100
++++ cups-1.4b2-svn8404/cups/http-addr.c	2009-04-26 13:22:11.000000000 +0100
 @@ -154,7 +154,7 @@ httpAddrLocalhost(
  #endif /* AF_LOCAL */
  
@@ -26,8 +26,8 @@ diff -up cups-1.4b2-svn8404/cups/http-addr.c.CVE-2009-0164 cups-1.4b2-svn8404/cu
  
    return (0);
 diff -up cups-1.4b2-svn8404/cups/http.c.CVE-2009-0164 cups-1.4b2-svn8404/cups/http.c
---- cups-1.4b2-svn8404/cups/http.c.CVE-2009-0164	2009-04-17 16:47:18.000000000 +0100
+--- cups-1.4b2-svn8404/cups/http.c.CVE-2009-0164	2009-04-26 13:22:11.000000000 +0100
-+++ cups-1.4b2-svn8404/cups/http.c	2009-04-17 16:47:18.000000000 +0100
++++ cups-1.4b2-svn8404/cups/http.c	2009-04-26 13:22:11.000000000 +0100
 @@ -1842,18 +1842,35 @@ httpSetField(http_t       *http,	/* I - 
  
    strlcpy(http->fields[field], value, HTTP_MAX_VALUE);
@@ -71,7 +71,7 @@ diff -up cups-1.4b2-svn8404/cups/http.c.CVE-2009-0164 cups-1.4b2-svn8404/cups/ht
  
 diff -up cups-1.4b2-svn8404/man/cupsd.conf.man.in.CVE-2009-0164 cups-1.4b2-svn8404/man/cupsd.conf.man.in
 --- cups-1.4b2-svn8404/man/cupsd.conf.man.in.CVE-2009-0164	2009-02-17 17:45:27.000000000 +0000
-+++ cups-1.4b2-svn8404/man/cupsd.conf.man.in	2009-04-17 16:47:18.000000000 +0100
++++ cups-1.4b2-svn8404/man/cupsd.conf.man.in	2009-04-26 13:22:11.000000000 +0100
 @@ -617,6 +617,11 @@ ServerAdmin user@domain.com
  .br
  Specifies the email address of the server administrator.
@@ -86,7 +86,7 @@ diff -up cups-1.4b2-svn8404/man/cupsd.conf.man.in.CVE-2009-0164 cups-1.4b2-svn84
  Specifies the directory where backends, CGIs, daemons, and filters may
 diff -up cups-1.4b2-svn8404/scheduler/client.c.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/client.c
 --- cups-1.4b2-svn8404/scheduler/client.c.CVE-2009-0164	2009-03-05 10:54:00.000000000 +0000
-+++ cups-1.4b2-svn8404/scheduler/client.c	2009-04-17 16:47:48.000000000 +0100
++++ cups-1.4b2-svn8404/scheduler/client.c	2009-04-26 13:38:34.000000000 +0100
 @@ -39,6 +39,7 @@
   *   is_path_absolute()      - Is a path absolute and free of relative elements.
   *   make_certificate()      - Make a self-signed SSL/TLS certificate.
@@ -138,7 +138,7 @@ diff -up cups-1.4b2-svn8404/scheduler/client.c.CVE-2009-0164 cups-1.4b2-svn8404/
      {
        unlink(seedfile);
        return (0);
-@@ -4862,6 +4862,165 @@ pipe_command(cupsd_client_t *con,	/* I -
+@@ -4862,6 +4862,166 @@ pipe_command(cupsd_client_t *con,	/* I -
  
  
  /*
@@ -174,7 +174,8 @@ diff -up cups-1.4b2-svn8404/scheduler/client.c.CVE-2009-0164 cups-1.4b2-svn8404/
 +            !strcmp(host, "127.0.0.1") ||
 +	    !strncmp(host, "127.0.0.1:", 10) ||
 +	    !strcmp(host, "[::1]") ||
-+	    !strncmp(host, "[::1]:", 6));
++	    !strncmp(host, "[::1]:", 6) ||
++	    !strcmp(host, "::1"));
 +  }
 +
 +#ifdef HAVE_DNSSD
@@ -305,8 +306,8 @@ diff -up cups-1.4b2-svn8404/scheduler/client.c.CVE-2009-0164 cups-1.4b2-svn8404/
   */
  
 diff -up cups-1.4b2-svn8404/scheduler/conf.c.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/conf.c
---- cups-1.4b2-svn8404/scheduler/conf.c.CVE-2009-0164	2009-04-17 16:47:18.000000000 +0100
+--- cups-1.4b2-svn8404/scheduler/conf.c.CVE-2009-0164	2009-04-26 13:22:11.000000000 +0100
-+++ cups-1.4b2-svn8404/scheduler/conf.c	2009-04-17 16:47:18.000000000 +0100
++++ cups-1.4b2-svn8404/scheduler/conf.c	2009-04-26 13:43:59.000000000 +0100
 @@ -14,13 +14,15 @@
   *
   * Contents:
@@ -411,24 +412,23 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.c.CVE-2009-0164 cups-1.4b2-svn8404/sc
      {
        cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to get hostname: %s",
                        strerror(errno));
-@@ -684,6 +731,50 @@ cupsdReadConfiguration(void)
+@@ -686,6 +733,54 @@ cupsdReadConfiguration(void)
+     cupsdSetString(&ServerName, temp);
    }
  
-     cupsdSetString(&ServerName, temp);
-+
 +  if (!ServerAlias)
 +    ServerAlias = cupsArrayNew(NULL, NULL);
 +
-+    cupsdAddAlias(ServerAlias, temp);
++  cupsdAddAlias(ServerAlias, ServerName);
-+    cupsdLogMessage(CUPSD_LOG_DEBUG, "Added auto ServerAlias %s", temp);
++  cupsdLogMessage(CUPSD_LOG_DEBUG, "Added auto ServerAlias %s", ServerName);
 +
 +  if (HostNameLookups || RemoteAccessEnabled)
 +  {
 +    struct hostent	*host;		/* Host entry to get FQDN */
 +
-+      if ((host = gethostbyname(temp)) != NULL)
++    if ((host = gethostbyname(ServerName)) != NULL)
 +    {
-+        if (strcasecmp(temp, host->h_name))
++      if (strcasecmp(ServerName, host->h_name))
 +      {
 +	cupsdSetString(&ServerName, host->h_name);
 +	cupsdAddAlias(ServerAlias, host->h_name);
@@ -439,7 +439,7 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.c.CVE-2009-0164 cups-1.4b2-svn8404/sc
 +      if (host->h_aliases)
 +      {
 +	for (i = 0; host->h_aliases[i]; i ++)
-+	    if (strcasecmp(temp, host->h_aliases[i]))
++	  if (strcasecmp(ServerName, host->h_aliases[i]))
 +	  {
 +	    cupsdAddAlias(ServerAlias, host->h_aliases[i]);
 +	    cupsdLogMessage(CUPSD_LOG_DEBUG, "Added auto ServerAlias %s",
@@ -453,16 +453,21 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.c.CVE-2009-0164 cups-1.4b2-svn8404/sc
 +  * Make sure we have the base hostname added as an alias, too!
 +  */
 +
-+    if ((slash = strchr(temp, '.')) != NULL)
++  if ((slash = strchr(ServerName, '.')) != NULL)
 +  {
-+      *slash = '\0';
++    size_t n = slash - ServerName;
++    if (n > sizeof(temp) - 1)
++      n = sizeof(temp) - 1;
++    memcpy (temp, ServerName, n);
++    temp[n] = '\0';
 +    cupsdAddAlias(ServerAlias, temp);
 +    cupsdLogMessage(CUPSD_LOG_DEBUG, "Added auto ServerAlias %s", temp);
 +  }
-   }
++
- 
    for (slash = ServerName; isdigit(*slash & 255) || *slash == '.'; slash ++);
-@@ -3278,6 +3369,13 @@ read_configuration(cups_file_t *fp)	/* I
+ 
+   ServerNameIsIP = !*slash;
+@@ -3278,6 +3373,13 @@ read_configuration(cups_file_t *fp)	/* I
  	    break;
        }
      }
@@ -477,8 +482,8 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.c.CVE-2009-0164 cups-1.4b2-svn8404/sc
      {
       /*
 diff -up cups-1.4b2-svn8404/scheduler/conf.h.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/conf.h
---- cups-1.4b2-svn8404/scheduler/conf.h.CVE-2009-0164	2009-04-17 16:47:18.000000000 +0100
+--- cups-1.4b2-svn8404/scheduler/conf.h.CVE-2009-0164	2009-04-26 13:22:11.000000000 +0100
-+++ cups-1.4b2-svn8404/scheduler/conf.h	2009-04-17 16:47:18.000000000 +0100
++++ cups-1.4b2-svn8404/scheduler/conf.h	2009-04-26 13:22:11.000000000 +0100
 @@ -82,6 +82,17 @@ typedef enum
  
  
@@ -520,8 +525,8 @@ diff -up cups-1.4b2-svn8404/scheduler/conf.h.CVE-2009-0164 cups-1.4b2-svn8404/sc
  #ifdef HAVE_GSSAPI
  extern int	cupsdLogGSSMessage(int level, int major_status,
 diff -up cups-1.4b2-svn8404/scheduler/dirsvc.c.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/dirsvc.c
---- cups-1.4b2-svn8404/scheduler/dirsvc.c.CVE-2009-0164	2009-04-17 16:47:18.000000000 +0100
+--- cups-1.4b2-svn8404/scheduler/dirsvc.c.CVE-2009-0164	2009-04-26 13:22:11.000000000 +0100
-+++ cups-1.4b2-svn8404/scheduler/dirsvc.c	2009-04-17 16:47:18.000000000 +0100
++++ cups-1.4b2-svn8404/scheduler/dirsvc.c	2009-04-26 13:22:11.000000000 +0100
 @@ -38,6 +38,7 @@
   *   cupsdUpdateLDAPBrowse()    - Scan for new printers via LDAP...
   *   cupsdUpdateSLPBrowse()     - Get browsing information via SLP.
@@ -582,7 +587,7 @@ diff -up cups-1.4b2-svn8404/scheduler/dirsvc.c.CVE-2009-0164 cups-1.4b2-svn8404/
   */
 diff -up cups-1.4b2-svn8404/scheduler/dirsvc.h.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/dirsvc.h
 --- cups-1.4b2-svn8404/scheduler/dirsvc.h.CVE-2009-0164	2009-02-17 17:45:27.000000000 +0000
-+++ cups-1.4b2-svn8404/scheduler/dirsvc.h	2009-04-17 16:47:18.000000000 +0100
++++ cups-1.4b2-svn8404/scheduler/dirsvc.h	2009-04-26 13:22:11.000000000 +0100
 @@ -4,7 +4,7 @@
   *   Directory services definitions for the Common UNIX Printing System
   *   (CUPS) scheduler.
@@ -603,7 +608,7 @@ diff -up cups-1.4b2-svn8404/scheduler/dirsvc.h.CVE-2009-0164 cups-1.4b2-svn8404/
  VAR cups_array_t	*DNSSDPrinters	VALUE(NULL);
 diff -up cups-1.4b2-svn8404/scheduler/network.c.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/network.c
 --- cups-1.4b2-svn8404/scheduler/network.c.CVE-2009-0164	2009-02-05 10:57:28.000000000 +0000
-+++ cups-1.4b2-svn8404/scheduler/network.c	2009-04-17 16:47:18.000000000 +0100
++++ cups-1.4b2-svn8404/scheduler/network.c	2009-04-26 13:22:11.000000000 +0100
 @@ -101,6 +101,7 @@ cupsdNetIFUpdate(void)
    struct ifaddrs	*addrs,		/* Interface address list */
  			*addr;		/* Current interface address */
@@ -633,7 +638,7 @@ diff -up cups-1.4b2-svn8404/scheduler/network.c.CVE-2009-0164 cups-1.4b2-svn8404
      if (addr->ifa_addr->sa_family == AF_INET)
 diff -up cups-1.4b2-svn8404/scheduler/network.h.CVE-2009-0164 cups-1.4b2-svn8404/scheduler/network.h
 --- cups-1.4b2-svn8404/scheduler/network.h.CVE-2009-0164	2008-12-03 15:39:53.000000000 +0000
-+++ cups-1.4b2-svn8404/scheduler/network.h	2009-04-17 16:47:18.000000000 +0100
++++ cups-1.4b2-svn8404/scheduler/network.h	2009-04-26 13:22:11.000000000 +0100
 @@ -4,7 +4,7 @@
   *   Network interface definitions for the Common UNIX Printing System
   *   (CUPS) scheduler.

cups.spec

@@ -8,7 +8,7 @@
 Summary: Common Unix Printing System
 Name: cups
 Version: 1.4
-Release: 0.%{pre}.14%{?dist}
+Release: 0.%{pre}.15%{?dist}
 License: GPLv2
 Group: System Environment/Daemons
 Source: ftp://ftp.easysw.com/pub/cups/test//cups-%{version}%{?pre}%{?svn}-source.tar.bz2
@@ -478,7 +478,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/php/modules/*.so
 
 %changelog
-* Tue Apr 21 2009 Tim Waugh <twaugh@redhat.com>
+* Sun Apr 26 2009 Tim Waugh <twaugh@redhat.com> 1:1.4-0.b2.15
+- Accept "Host: ::1" (bug #497393).
+- Accept Host: fields set to the ServerName value (bug #497301).
 - Specify that we want poppler's pdftops (not ghostscript) for the
   pdftops wrapper when calling configure.