rpms/cups
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- 1.3.7. No longer need str2715, str2727, or CVE-2008-0047 patches.

Browse Source
This commit is contained in:
Tim Waugh 2008-04-02 11:33:34 +00:00
parent a5bf04c3a5
commit d7cf31ad81
4 changed files with 5 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
cups-CVE-2008-0047.patch
View File

@ -1,14 +0,0 @@
diff -up cups-1.3.6/cgi-bin/search.c.CVE-2008-0047 cups-1.3.6/cgi-bin/search.c
--- cups-1.3.6/cgi-bin/search.c.CVE-2008-0047 2008-01-16 22:20:33.000000000 +0000
+++ cups-1.3.6/cgi-bin/search.c 2008-04-01 16:41:30.000000000 +0100
@@ -167,7 +167,9 @@ cgiCompileSearch(const char *query) /* I
* string + RE overhead...
*/
- wlen = (sptr - s) + 4 * wlen + 2 * strlen(prefix) + 4;
+ wlen = (sptr - s) + 2 * 4 * wlen + 2 * strlen(prefix) + 11;
+ if (lword)
+ wlen += strlen(lword);
if (wlen > slen)
{

12
cups-str2715.patch
View File

@ -1,12 +0,0 @@
diff -up cups-1.3.6/cups/encode.c.str2715 cups-1.3.6/cups/encode.c
--- cups-1.3.6/cups/encode.c.str2715 2008-01-28 23:10:10.000000000 +0000
+++ cups-1.3.6/cups/encode.c 2008-02-23 12:16:50.000000000 +0000
@@ -67,6 +67,8 @@ static const _ipp_option_t ipp_options[]
{ 0, "job-page-limit", IPP_TAG_INTEGER, IPP_TAG_JOB },
{ 0, "job-priority", IPP_TAG_INTEGER, IPP_TAG_JOB },
{ 0, "job-quota-period", IPP_TAG_INTEGER, IPP_TAG_JOB },
+ { 1, "job-sheets", IPP_TAG_NAME, IPP_TAG_JOB },
+ { 1, "job-sheets-default", IPP_TAG_NAME, IPP_TAG_PRINTER },
{ 0, "job-uuid", IPP_TAG_URI, IPP_TAG_JOB },
{ 0, "landscape", IPP_TAG_BOOLEAN, IPP_TAG_JOB },
{ 1, "media", IPP_TAG_KEYWORD, IPP_TAG_JOB },

54
cups-str2727.patch
View File

@ -1,54 +0,0 @@
diff -up cups-1.3.6/filter/image-jpeg.c.str2727 cups-1.3.6/filter/image-jpeg.c
--- cups-1.3.6/filter/image-jpeg.c.str2727 2007-07-11 22:46:42.000000000 +0100
+++ cups-1.3.6/filter/image-jpeg.c 2008-02-28 22:28:45.000000000 +0000
@@ -47,8 +47,8 @@ _cupsImageReadJPEG(
struct jpeg_error_mgr jerr; /* Error handler info */
cups_ib_t *in, /* Input pixels */
*out; /* Output pixels */
- char header[16]; /* Photoshop JPEG header */
- int psjpeg; /* Non-zero if Photoshop JPEG */
+ jpeg_saved_marker_ptr marker; /* Pointer to marker data */
+ int psjpeg = 0; /* Non-zero if Photoshop CMYK JPEG */
static const char *cspaces[] =
{ /* JPEG colorspaces... */
"JCS_UNKNOWN",
@@ -61,23 +61,30 @@ _cupsImageReadJPEG(
/*
- * Read the first 16 bytes to determine if this is a Photoshop JPEG file...
- */
-
- fread(header, sizeof(header), 1, fp);
- rewind(fp);
-
- psjpeg = memcmp(header + 6, "Photoshop ", 10) == 0;
-
- /*
* Read the JPEG header...
*/
cinfo.err = jpeg_std_error(&jerr);
jpeg_create_decompress(&cinfo);
+ jpeg_save_markers(&cinfo, JPEG_APP0 + 14, 0xffff); /* Adobe JPEG */
jpeg_stdio_src(&cinfo, fp);
jpeg_read_header(&cinfo, 1);
+ /*
+ * Parse any Adobe APPE data embedded in the JPEG file. Since Adobe doesn't
+ * bother following standards, we have to invert the CMYK JPEG data written by
+ * Adobe apps...
+ */
+
+ for (marker = cinfo.marker_list; marker; marker = marker->next)
+ if (marker->marker == (JPEG_APP0 + 14) && marker->data_length >= 12 &&
+ !memcmp(marker->data, "Adobe", 5) && marker->data[11] == 2)
+ {
+ fputs("DEBUG: Adobe CMYK JPEG detected (inverting color values)\n",
+ stderr);
+ psjpeg = 1;
+ }
+
cinfo.quantize_colors = 0;
fprintf(stderr, "DEBUG: num_components = %d\n", cinfo.num_components);

13
cups.spec
View File

@ -6,8 +6,8 @@
Summary: Common Unix Printing System Summary: Common Unix Printing System
Name: cups Name: cups
Version: 1.3.6 Version: 1.3.7
Release: 9%{?svn:.svn%{svn}}%{?dist} Release: 1%{?svn:.svn%{svn}}%{?dist}
License: GPLv2 License: GPLv2
Group: System Environment/Daemons Group: System Environment/Daemons
Source: ftp://ftp.easysw.com/pub/cups/test//cups-%{version}%{?svn:svn-r%{svn}}-source.tar.bz2 Source: ftp://ftp.easysw.com/pub/cups/test//cups-%{version}%{?svn:svn-r%{svn}}-source.tar.bz2
@ -46,9 +46,6 @@ Patch21: cups-driverd-timeout.patch
Patch22: cups-strict-ppd-line-length.patch Patch22: cups-strict-ppd-line-length.patch
Patch23: cups-logrotate.patch Patch23: cups-logrotate.patch
Patch25: cups-usb-paperout.patch Patch25: cups-usb-paperout.patch
Patch26: cups-str2715.patch
Patch27: cups-str2727.patch
Patch28: cups-CVE-2008-0047.patch
Patch29: cups-CVE-2008-1373.patch Patch29: cups-CVE-2008-1373.patch
Patch100: cups-lspp.patch Patch100: cups-lspp.patch
Epoch: 1 Epoch: 1
@ -165,9 +162,6 @@ lpd emulation.
%patch22 -p1 -b .strict-ppd-line-length %patch22 -p1 -b .strict-ppd-line-length
%patch23 -p1 -b .logrotate %patch23 -p1 -b .logrotate
%patch25 -p1 -b .usb-paperout %patch25 -p1 -b .usb-paperout
%patch26 -p1 -b .str2715
%patch27 -p1 -b .str2727
%patch28 -p1 -b .CVE-2008-0047
%patch29 -p1 -b .CVE-2008-1373 %patch29 -p1 -b .CVE-2008-1373
%if %lspp %if %lspp
@ -445,6 +439,9 @@ rm -rf $RPM_BUILD_ROOT
%{cups_serverbin}/daemon/cups-lpd %{cups_serverbin}/daemon/cups-lpd
%changelog %changelog
* Wed Apr 2 2008 Tim Waugh <twaugh@redhat.com> 1:1.3.7-1
- 1.3.7. No longer need str2715, str2727, or CVE-2008-0047 patches.
* Thu Apr 1 2008 Tim Waugh <twaugh@redhat.com> 1:1.3.6-9 * Thu Apr 1 2008 Tim Waugh <twaugh@redhat.com> 1:1.3.6-9
- Applied patch to fix CVE-2008-1373 (GIF overflow, bug #438303). - Applied patch to fix CVE-2008-1373 (GIF overflow, bug #438303).
- Applied patch to prevent heap-based buffer overflow in CUPS helper - Applied patch to prevent heap-based buffer overflow in CUPS helper