From d37b9bd35a2e68fddea3270ef94cd1d1c6555b1f Mon Sep 17 00:00:00 2001 From: Zdenek Dohnal Date: Mon, 25 Nov 2024 15:58:25 +0100 Subject: [PATCH] RHEL-45525 cups-2.4.10-2.el10: RHEL SAST Automation: address 1 High impact true positive(s) Resolves: RHEL-45525 --- 0001-Fix-Coverity-discovered-issues.patch | 28 +++++++++++++++++++++++ cups.spec | 7 ++++++ 2 files changed, 35 insertions(+) create mode 100644 0001-Fix-Coverity-discovered-issues.patch diff --git a/0001-Fix-Coverity-discovered-issues.patch b/0001-Fix-Coverity-discovered-issues.patch new file mode 100644 index 0000000..bd40965 --- /dev/null +++ b/0001-Fix-Coverity-discovered-issues.patch @@ -0,0 +1,28 @@ +From 08d2576b02fced09b94bcc205cfa7d08300abac3 Mon Sep 17 00:00:00 2001 +From: Michael R Sweet +Date: Wed, 13 Sep 2023 13:47:55 -0400 +Subject: [PATCH] Fix Coverity-discovered issues. + +--- + cups/raster-stream.c | 2 +- + scheduler/ipp.c | 13 +++++-------- + scheduler/job.c | 2 -- + tools/ipptool.c | 15 +++++++++------ + 4 files changed, 15 insertions(+), 17 deletions(-) + +diff --git a/scheduler/job.c b/scheduler/job.c +index 278bfb501..6b5ae84ec 100644 +--- a/scheduler/job.c ++++ b/scheduler/job.c +@@ -767,8 +767,6 @@ cupsdContinueJob(cupsd_job_t *job) /* I - Job */ + cupsdLogJob(job, CUPSD_LOG_DEBUG, + "Unable to add decompression filter - %s", strerror(errno)); + +- cupsArrayDelete(filters); +- + abort_message = "Stopping job because the scheduler ran out of memory."; + + goto abort_job; +-- +2.47.0 + diff --git a/cups.spec b/cups.spec index 6dcc3ed..f85e64c 100644 --- a/cups.spec +++ b/cups.spec @@ -89,6 +89,8 @@ Patch1001: cups-fix-device-uri-in-webui.patch Patch1002: 0001-Fix-IPP-everywhere-printer-setup-Issue-1033.patch # RHEL-54579 [rhel-10] Do not look into /root/.cups/lpoptions when using cupsGetNamedDest as root Patch1003: 0001-dest.c-Don-t-look-for-user-config-in-cupsGetNamedDes.patch +# RHEL-45525 cups-2.4.10-2.el10: RHEL SAST Automation: address 1 High impact true positive(s) +Patch1004: 0001-Fix-Coverity-discovered-issues.patch ##### Patches removed because IMHO they aren't no longer needed @@ -331,6 +333,8 @@ to CUPS daemon. This solution will substitute printer drivers and raw queues in %patch -P 1002 -p1 -b .fix-ippeve-thread-uri # RHEL-54579 [rhel-10] Do not look into /root/.cups/lpoptions when using cupsGetNamedDest as root %patch -P 1003 -p1 -b .root-cupsgetnameddest +# RHEL-45525 cups-2.4.10-2.el10: RHEL SAST Automation: address 1 High impact true positive(s) +%patch -P 1004 -p1 -b .sast-fix # Log to the system journal by default (bug #1078781, bug #1519331). @@ -800,6 +804,9 @@ rm -f %{cups_serverbin}/backend/smb %{_mandir}/man7/ippeveps.7.gz %changelog +* Mon Nov 25 2024 Zdenek Dohnal - 1:2.4.10-8 +- RHEL-45525 cups-2.4.10-2.el10: RHEL SAST Automation: address 1 High impact true positive(s) + * Fri Nov 22 2024 Zdenek Dohnal - 1:2.4.10-8 - RHEL-54579 [rhel-10] Do not look into /root/.cups/lpoptions when using cupsGetNamedDest as root