CVE-2023-32324 cups: heap buffer overflow may lead to DoS
Resolves: CVE-2023-32324
This commit is contained in:
Zdenek Dohnal
parent
f8d61137f8
commit
f6f4141d54
26
0001-cups-strlcpy-handle-zero-size.patch
Normal file
26
0001-cups-strlcpy-handle-zero-size.patch
Normal file
@ -0,0 +1,26 @@
|
||||
From 5e3107e734f06d410a490e8bc923dc3119f17671 Mon Sep 17 00:00:00 2001
|
||||
From: Michael R Sweet <michael.r.sweet@gmail.com>
|
||||
Date: Wed, 17 May 2023 12:59:57 -0400
|
||||
Subject: [PATCH] Consensus fix.
|
||||
|
||||
---
|
||||
cups/string.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/cups/string.c b/cups/string.c
|
||||
index 00454203c..b4fc12050 100644
|
||||
--- a/cups/string.c
|
||||
+++ b/cups/string.c
|
||||
@@ -730,6 +731,9 @@ _cups_strlcpy(char *dst, /* O - Destination string */
|
||||
size_t srclen; /* Length of source string */
|
||||
|
||||
|
||||
+ if (size == 0)
|
||||
+ return (0);
|
||||
+
|
||||
/*
|
||||
* Figure out how much room is needed...
|
||||
*/
|
||||
--
|
||||
2.40.1
|
||||
|
||||
@ -151,6 +151,8 @@ Patch81: 0001-Use-purge-job-instead-of-purge-jobs-when-canceling-a.patch
|
||||
Patch82: 0001-cups-http-addr.c-Set-listen-backlog-size-to-INT_MAX-.patch
|
||||
# CVE-2023-34241 cups: use-after-free in cupsdAcceptClient() in scheduler/client.c
|
||||
Patch83: 0001-Log-result-of-httpGetHostname-BEFORE-closing-the-con.patch
|
||||
# CVE-2023-32324 cups: heap buffer overflow may lead to DoS
|
||||
Patch84: 0001-cups-strlcpy-handle-zero-size.patch
|
||||
|
||||
Patch1000: cups-lspp.patch
|
||||
|
||||
@ -445,6 +447,8 @@ Sends IPP requests to the specified URI and tests and/or displays the results.
|
||||
%patch82 -p1 -b .listen-backlog
|
||||
# CVE-2023-34241 cups: use-after-free in cupsdAcceptClient() in scheduler/client.c
|
||||
%patch83 -p1 -b .cve34241
|
||||
# CVE-2023-32324 cups: heap buffer overflow may lead to DoS
|
||||
%patch84 -p1 -b .cve32324
|
||||
|
||||
sed -i -e '1iMaxLogSize 0' conf/cupsd.conf.in
|
||||
|
||||
@ -869,6 +873,7 @@ rm -f %{cups_serverbin}/backend/smb
|
||||
- 2217283 - The command "cancel -x <job>" does not remove job files
|
||||
- 2217955 - Enlarge backlog queue for listen() in cupsd
|
||||
- CVE-2023-34241 cups: use-after-free in cupsdAcceptClient() in scheduler/client.c
|
||||
- CVE-2023-32324 cups: heap buffer overflow may lead to DoS
|
||||
|
||||
* Mon Apr 03 2023 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.2.6-51
|
||||
- RHEL-316 - Enable fmf tests in centos stream
|
||||
|
||||
Loading…
Reference in New Issue
Block a user