CVE-2023-32324 cups: heap buffer overflow may lead to DoS
Resolves: CVE-2023-32324
This commit is contained in:
Zdenek Dohnal
parent
90181701d3
commit
d9071222ad
34
0001-cups-strlcpy-handle-zero-size.patch
Normal file
34
0001-cups-strlcpy-handle-zero-size.patch
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
From 5e3107e734f06d410a490e8bc923dc3119f17671 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Michael R Sweet <michael.r.sweet@gmail.com>
|
||||||
|
Date: Wed, 17 May 2023 12:59:57 -0400
|
||||||
|
Subject: [PATCH] Consensus fix.
|
||||||
|
|
||||||
|
---
|
||||||
|
cups/string.c | 4 ++++
|
||||||
|
1 file changed, 4 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/cups/string.c b/cups/string.c
|
||||||
|
index 00454203c..b4fc12050 100644
|
||||||
|
--- a/cups/string.c
|
||||||
|
+++ b/cups/string.c
|
||||||
|
@@ -1,6 +1,7 @@
|
||||||
|
/*
|
||||||
|
* String functions for CUPS.
|
||||||
|
*
|
||||||
|
+ * Copyright © 2023 by OpenPrinting.
|
||||||
|
* Copyright © 2007-2019 by Apple Inc.
|
||||||
|
* Copyright © 1997-2007 by Easy Software Products.
|
||||||
|
*
|
||||||
|
@@ -730,6 +731,9 @@ _cups_strlcpy(char *dst, /* O - Destination string */
|
||||||
|
size_t srclen; /* Length of source string */
|
||||||
|
|
||||||
|
|
||||||
|
+ if (size == 0)
|
||||||
|
+ return (0);
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* Figure out how much room is needed...
|
||||||
|
*/
|
||||||
|
--
|
||||||
|
2.40.1
|
||||||
|
|
||||||
@ -113,6 +113,8 @@ Patch32: 0001-Use-purge-job-instead-of-purge-jobs-when-canceling-a.patch
|
|||||||
Patch33: 0001-cups-http-addr.c-Set-listen-backlog-size-to-INT_MAX-.patch
|
Patch33: 0001-cups-http-addr.c-Set-listen-backlog-size-to-INT_MAX-.patch
|
||||||
# CVE-2023-34241 cups: use-after-free in cupsdAcceptClient() in scheduler/client.c
|
# CVE-2023-34241 cups: use-after-free in cupsdAcceptClient() in scheduler/client.c
|
||||||
Patch34: 0001-Log-result-of-httpGetHostname-BEFORE-closing-the-con.patch
|
Patch34: 0001-Log-result-of-httpGetHostname-BEFORE-closing-the-con.patch
|
||||||
|
# CVE-2023-32324 cups: heap buffer overflow may lead to DoS
|
||||||
|
Patch35: 0001-cups-strlcpy-handle-zero-size.patch
|
||||||
|
|
||||||
|
|
||||||
##### Patches removed because IMHO they aren't no longer needed
|
##### Patches removed because IMHO they aren't no longer needed
|
||||||
@ -357,6 +359,8 @@ to CUPS daemon. This solution will substitute printer drivers and raw queues in
|
|||||||
%patch33 -p1 -b .listen-backlog
|
%patch33 -p1 -b .listen-backlog
|
||||||
# CVE-2023-34241 cups: use-after-free in cupsdAcceptClient() in scheduler/client.c
|
# CVE-2023-34241 cups: use-after-free in cupsdAcceptClient() in scheduler/client.c
|
||||||
%patch34 -p1 -b .cve34241
|
%patch34 -p1 -b .cve34241
|
||||||
|
# CVE-2023-32324 cups: heap buffer overflow may lead to DoS
|
||||||
|
%patch35 -p1 -b .cve32324
|
||||||
|
|
||||||
%if %{lspp}
|
%if %{lspp}
|
||||||
# LSPP support.
|
# LSPP support.
|
||||||
@ -782,6 +786,7 @@ rm -f %{cups_serverbin}/backend/smb
|
|||||||
%changelog
|
%changelog
|
||||||
* Thu Jun 29 2023 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-19
|
* Thu Jun 29 2023 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-19
|
||||||
- CVE-2023-34241 cups: use-after-free in cupsdAcceptClient() in scheduler/client.c
|
- CVE-2023-34241 cups: use-after-free in cupsdAcceptClient() in scheduler/client.c
|
||||||
|
- CVE-2023-32324 cups: heap buffer overflow may lead to DoS
|
||||||
|
|
||||||
* Wed Jun 28 2023 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-19
|
* Wed Jun 28 2023 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.3.3op2-19
|
||||||
- 2217177 - Delays printing to lpd when reserved ports are exhausted
|
- 2217177 - Delays printing to lpd when reserved ports are exhausted
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user