Merge branch 'f15' into f16
This commit is contained in:
Tim Waugh
commit
39d5c4b04d
33
cups-CVE-2011-2896.patch
Normal file
33
cups-CVE-2011-2896.patch
Normal file
@ -0,0 +1,33 @@
|
||||
diff -up cups-1.4.8/filter/image-gif.c.CVE-2011-2896 cups-1.4.8/filter/image-gif.c
|
||||
--- cups-1.4.8/filter/image-gif.c.CVE-2011-2896 2011-06-20 21:37:51.000000000 +0100
|
||||
+++ cups-1.4.8/filter/image-gif.c 2011-08-19 11:33:37.547911212 +0100
|
||||
@@ -648,11 +648,13 @@ gif_read_lzw(FILE *fp, /* I - File to
|
||||
|
||||
if (code == max_code)
|
||||
{
|
||||
- *sp++ = firstcode;
|
||||
- code = oldcode;
|
||||
+ if (sp < (stack + 8192))
|
||||
+ *sp++ = firstcode;
|
||||
+
|
||||
+ code = oldcode;
|
||||
}
|
||||
|
||||
- while (code >= clear_code)
|
||||
+ while (code >= clear_code && sp < (stack + 8192))
|
||||
{
|
||||
*sp++ = table[1][code];
|
||||
if (code == table[0][code])
|
||||
@@ -661,8 +663,10 @@ gif_read_lzw(FILE *fp, /* I - File to
|
||||
code = table[0][code];
|
||||
}
|
||||
|
||||
- *sp++ = firstcode = table[1][code];
|
||||
- code = max_code;
|
||||
+ if (sp < (stack + 8192))
|
||||
+ *sp++ = firstcode = table[1][code];
|
||||
+
|
||||
+ code = max_code;
|
||||
|
||||
if (code < 4096)
|
||||
{
|
||||
@ -13,7 +13,7 @@
|
||||
Summary: Common Unix Printing System
|
||||
Name: cups
|
||||
Version: 1.5.0
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}
|
||||
License: GPLv2
|
||||
Group: System Environment/Daemons
|
||||
Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2
|
||||
@ -70,6 +70,7 @@ Patch34: cups-avahi-5-services.patch
|
||||
|
||||
Patch35: cups-icc.patch
|
||||
Patch36: cups-systemd-socket.patch
|
||||
Patch37: cups-CVE-2011-2896.patch
|
||||
|
||||
Patch100: cups-lspp.patch
|
||||
|
||||
@ -289,6 +290,9 @@ Sends IPP requests to the specified URI and tests and/or displays the results.
|
||||
# Poettering).
|
||||
%patch36 -p1 -b .systemd-socket
|
||||
|
||||
# Avoid GIF reader loop (CVE-2011-2896, STR #3914, bug #727800).
|
||||
%patch37 -p1 -b .CVE-2011-2896
|
||||
|
||||
%if %lspp
|
||||
# LSPP support.
|
||||
%patch100 -p1 -b .lspp
|
||||
@ -635,6 +639,9 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{_mandir}/man1/ipptool.1.gz
|
||||
|
||||
%changelog
|
||||
* Fri Aug 19 2011 Tim Waugh <twaugh@redhat.com> 1:1.5.0-5
|
||||
- Avoid GIF reader loop (CVE-2011-2896, STR #3914, bug #727800).
|
||||
|
||||
* Wed Aug 17 2011 Tim Waugh <twaugh@redhat.com> 1:1.5.0-4
|
||||
- Enable systemd units by default (bug #731421).
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user