rpms/cups
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Merge branch 'f14' into f15

Browse Source
This commit is contained in:
Tim Waugh 2011-08-19 11:36:19 +01:00
commit 4b8b8d30d9
2 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
cups-CVE-2011-2896.patch Normal file
View File

@ -0,0 +1,33 @@
diff -up cups-1.4.8/filter/image-gif.c.CVE-2011-2896 cups-1.4.8/filter/image-gif.c
--- cups-1.4.8/filter/image-gif.c.CVE-2011-2896 2011-06-20 21:37:51.000000000 +0100
+++ cups-1.4.8/filter/image-gif.c 2011-08-19 11:33:37.547911212 +0100
@@ -648,11 +648,13 @@ gif_read_lzw(FILE *fp, /* I - File to
if (code == max_code)
{
- *sp++ = firstcode;
- code = oldcode;
+ if (sp < (stack + 8192))
+ *sp++ = firstcode;
+
+ code = oldcode;
}
- while (code >= clear_code)
+ while (code >= clear_code && sp < (stack + 8192))
{
*sp++ = table[1][code];
if (code == table[0][code])
@@ -661,8 +663,10 @@ gif_read_lzw(FILE *fp, /* I - File to
code = table[0][code];
}
- *sp++ = firstcode = table[1][code];
- code = max_code;
+ if (sp < (stack + 8192))
+ *sp++ = firstcode = table[1][code];
+
+ code = max_code;
if (code < 4096)
{

8
cups.spec
View File

@ -13,7 +13,7 @@
Summary: Common Unix Printing System Summary: Common Unix Printing System
Name: cups Name: cups
Version: 1.4.8 Version: 1.4.8
Release: 1%{?dist} Release: 2%{?dist}
License: GPLv2 License: GPLv2
Group: System Environment/Daemons Group: System Environment/Daemons
Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2 Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2
@ -72,6 +72,7 @@ Patch32: cups-texttops-rotate-page.patch
Patch33: cups-usb-parallel.patch Patch33: cups-usb-parallel.patch
Patch34: cups-str3535.patch Patch34: cups-str3535.patch
Patch35: cups-polld-busy-loop.patch Patch35: cups-polld-busy-loop.patch
Patch36: cups-CVE-2011-2896.patch
Patch40: cups-avahi-1-config.patch Patch40: cups-avahi-1-config.patch
Patch41: cups-avahi-2-backend.patch Patch41: cups-avahi-2-backend.patch
@ -291,6 +292,8 @@ module.
%patch34 -p1 -b .str3535 %patch34 -p1 -b .str3535
# Avoid busy loop in cups-polld (bug #720921). # Avoid busy loop in cups-polld (bug #720921).
%patch35 -p1 -b .polld-busy-loop %patch35 -p1 -b .polld-busy-loop
# Avoid GIF reader loop (CVE-2011-2896, STR #3914, bug #727800).
%patch36 -p1 -b .CVE-2011-2896
# Avahi support: # Avahi support:
# - discovery in the dnssd backend # - discovery in the dnssd backend
@ -633,6 +636,9 @@ rm -rf $RPM_BUILD_ROOT
%{php_extdir}/phpcups.so %{php_extdir}/phpcups.so
%changelog %changelog
* Fri Aug 19 2011 Tim Waugh <twaugh@redhat.com> 1:1.4.8-2
- Avoid GIF reader loop (CVE-2011-2896, STR #3914, bug #727800).
* Tue Jul 26 2011 Jiri Popelka <jpopelka@redhat.com> 1:1.4.8-1 * Tue Jul 26 2011 Jiri Popelka <jpopelka@redhat.com> 1:1.4.8-1
- 1.4.8 - 1.4.8