From 37fa67afb71d0496d8f26b068088a540c132f89c Mon Sep 17 00:00:00 2001 From: Tim Waugh Date: Thu, 25 Jun 2015 08:37:32 +0100 Subject: [PATCH] Fix redirection from CGI scripts (bug #1232030, STR #4538). --- cups-str4538.patch | 26 ++++++++++++++++++++++++++ cups.spec | 10 +++++++--- 2 files changed, 33 insertions(+), 3 deletions(-) create mode 100644 cups-str4538.patch diff --git a/cups-str4538.patch b/cups-str4538.patch new file mode 100644 index 0000000..98f8935 --- /dev/null +++ b/cups-str4538.patch @@ -0,0 +1,26 @@ +diff -up cups-2.0.3/scheduler/client.c.str4538 cups-2.0.3/scheduler/client.c +--- cups-2.0.3/scheduler/client.c.str4538 2015-06-25 08:35:22.196788744 +0100 ++++ cups-2.0.3/scheduler/client.c 2015-06-25 08:35:38.079786648 +0100 +@@ -2294,6 +2294,9 @@ cupsdSendError(cupsd_client_t *con, /* I + http_status_t code, /* I - Error code */ + int auth_type)/* I - Authentication type */ + { ++ char location[HTTP_MAX_VALUE]; /* Location field */ ++ ++ + cupsdLogClient(con, CUPSD_LOG_DEBUG2, "cupsdSendError code=%d, auth_type=%d", + code, auth_type); + +@@ -2326,8 +2329,12 @@ cupsdSendError(cupsd_client_t *con, /* I + * never disable it in that case. + */ + ++ strlcpy(location, httpGetField(con->http, HTTP_FIELD_LOCATION), sizeof(location)); ++ + httpClearFields(con->http); + ++ httpSetField(con->http, HTTP_FIELD_LOCATION, location); ++ + if (code >= HTTP_STATUS_BAD_REQUEST && con->type != CUPSD_AUTH_NEGOTIATE) + httpSetKeepAlive(con->http, HTTP_KEEPALIVE_OFF); + diff --git a/cups.spec b/cups.spec index 8befec4..fac3f42 100644 --- a/cups.spec +++ b/cups.spec @@ -11,7 +11,7 @@ Summary: CUPS printing system Name: cups Epoch: 1 Version: 2.0.3 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2 Url: http://www.cups.org/ Source0: http://www.cups.org/software/%{version}/cups-%{version}-source.tar.bz2 @@ -26,7 +26,7 @@ Source8: macros.cups Patch1: cups-no-gzip-man.patch Patch2: cups-system-auth.patch Patch3: cups-multilib.patch - +Patch4: cups-str4538.patch Patch5: cups-banners.patch Patch6: cups-serverbin-compat.patch Patch7: cups-no-export-ssllibs.patch @@ -190,7 +190,8 @@ Sends IPP requests to the specified URI and tests and/or displays the results. %patch2 -p1 -b .system-auth # Prevent multilib conflict in cups-config script. %patch3 -p1 -b .multilib - +# Fix redirection from CGI scripts (bug #1232030, STR #4538). +%patch4 -p1 -b .str4538 # Ignore rpm save/new files in the banners directory. %patch5 -p1 -b .banners # Use compatibility fallback path for ServerBin. @@ -615,6 +616,9 @@ rm -f %{cups_serverbin}/backend/smb %{_mandir}/man5/ipptoolfile.5.gz %changelog +* Thu Jun 25 2015 Tim Waugh - 1:2.0.3-2 +- Fix redirection from CGI scripts (bug #1232030, STR #4538). + * Tue Jun 09 2015 Jiri Popelka - 1:2.0.3-1 - 2.0.3