diff --git a/0001-cups-strlcpy-handle-zero-size.patch b/0001-cups-strlcpy-handle-zero-size.patch new file mode 100644 index 0000000..45d36ad --- /dev/null +++ b/0001-cups-strlcpy-handle-zero-size.patch @@ -0,0 +1,26 @@ +From 5e3107e734f06d410a490e8bc923dc3119f17671 Mon Sep 17 00:00:00 2001 +From: Michael R Sweet +Date: Wed, 17 May 2023 12:59:57 -0400 +Subject: [PATCH] Consensus fix. + +--- + cups/string.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/cups/string.c b/cups/string.c +index 00454203c..b4fc12050 100644 +--- a/cups/string.c ++++ b/cups/string.c +@@ -730,6 +731,9 @@ _cups_strlcpy(char *dst, /* O - Destination string */ + size_t srclen; /* Length of source string */ + + ++ if (size == 0) ++ return (0); ++ + /* + * Figure out how much room is needed... + */ +-- +2.40.1 + diff --git a/cups.spec b/cups.spec index 641dec7..989de0d 100644 --- a/cups.spec +++ b/cups.spec @@ -151,6 +151,8 @@ Patch81: 0001-Use-purge-job-instead-of-purge-jobs-when-canceling-a.patch Patch82: 0001-cups-http-addr.c-Set-listen-backlog-size-to-INT_MAX-.patch # CVE-2023-34241 cups: use-after-free in cupsdAcceptClient() in scheduler/client.c Patch83: 0001-Log-result-of-httpGetHostname-BEFORE-closing-the-con.patch +# CVE-2023-32324 cups: heap buffer overflow may lead to DoS +Patch84: 0001-cups-strlcpy-handle-zero-size.patch Patch1000: cups-lspp.patch @@ -445,6 +447,8 @@ Sends IPP requests to the specified URI and tests and/or displays the results. %patch82 -p1 -b .listen-backlog # CVE-2023-34241 cups: use-after-free in cupsdAcceptClient() in scheduler/client.c %patch83 -p1 -b .cve34241 +# CVE-2023-32324 cups: heap buffer overflow may lead to DoS +%patch84 -p1 -b .cve32324 sed -i -e '1iMaxLogSize 0' conf/cupsd.conf.in @@ -869,6 +873,7 @@ rm -f %{cups_serverbin}/backend/smb - 2217283 - The command "cancel -x " does not remove job files - 2217955 - Enlarge backlog queue for listen() in cupsd - CVE-2023-34241 cups: use-after-free in cupsdAcceptClient() in scheduler/client.c +- CVE-2023-32324 cups: heap buffer overflow may lead to DoS * Mon Apr 03 2023 Zdenek Dohnal - 1:2.2.6-51 - RHEL-316 - Enable fmf tests in centos stream