- Applied patch to fix CVE-2009-3553 (bug #530111, STR #3200).

This commit is contained in:
Tim Waugh 2009-11-19 13:29:08 +00:00
parent cb55925d57
commit f792eb4dd8
2 changed files with 45 additions and 1 deletions

39
cups-CVE-2009-3553.patch Normal file
View File

@ -0,0 +1,39 @@
diff -up cups-1.4.2/scheduler/select.c.CVE-2009-3553 cups-1.4.2/scheduler/select.c
--- cups-1.4.2/scheduler/select.c.CVE-2009-3553 2009-07-15 00:07:52.000000000 +0100
+++ cups-1.4.2/scheduler/select.c 2009-11-19 12:30:39.672976150 +0000
@@ -454,7 +454,7 @@ cupsdDoSelect(long timeout) /* I - Time
if (fdptr->read_cb && event->filter == EVFILT_READ)
(*(fdptr->read_cb))(fdptr->data);
- if (fdptr->write_cb && event->filter == EVFILT_WRITE)
+ if (fdptr->use > 1 && fdptr->write_cb && event->filter == EVFILT_WRITE)
(*(fdptr->write_cb))(fdptr->data);
release_fd(fdptr);
@@ -499,7 +499,7 @@ cupsdDoSelect(long timeout) /* I - Time
if (fdptr->read_cb && (event->events & (EPOLLIN | EPOLLERR | EPOLLHUP)))
(*(fdptr->read_cb))(fdptr->data);
- if (fdptr->write_cb && (event->events & (EPOLLOUT | EPOLLERR | EPOLLHUP)))
+ if (fdptr->use > 1 && fdptr->write_cb && (event->events & (EPOLLOUT | EPOLLERR | EPOLLHUP)))
(*(fdptr->write_cb))(fdptr->data);
release_fd(fdptr);
@@ -590,7 +590,7 @@ cupsdDoSelect(long timeout) /* I - Time
if (fdptr->read_cb && (pfd->revents & (POLLIN | POLLERR | POLLHUP)))
(*(fdptr->read_cb))(fdptr->data);
- if (fdptr->write_cb && (pfd->revents & (POLLOUT | POLLERR | POLLHUP)))
+ if (fdptr->use > 1 && fdptr->write_cb && (pfd->revents & (POLLOUT | POLLERR | POLLHUP)))
(*(fdptr->write_cb))(fdptr->data);
release_fd(fdptr);
@@ -645,7 +645,7 @@ cupsdDoSelect(long timeout) /* I - Time
if (fdptr->read_cb && FD_ISSET(fdptr->fd, &cupsd_current_input))
(*(fdptr->read_cb))(fdptr->data);
- if (fdptr->write_cb && FD_ISSET(fdptr->fd, &cupsd_current_output))
+ if (fdptr->use > 1 && fdptr->write_cb && FD_ISSET(fdptr->fd, &cupsd_current_output))
(*(fdptr->write_cb))(fdptr->data);
release_fd(fdptr);

View File

@ -9,7 +9,7 @@
Summary: Common Unix Printing System Summary: Common Unix Printing System
Name: cups Name: cups
Version: 1.4.2 Version: 1.4.2
Release: 6%{?dist} Release: 7%{?dist}
License: GPLv2 License: GPLv2
Group: System Environment/Daemons Group: System Environment/Daemons
Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2 Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2
@ -57,6 +57,7 @@ Patch31: cups-str3399.patch
Patch32: cups-str3403.patch Patch32: cups-str3403.patch
Patch33: cups-str3407.patch Patch33: cups-str3407.patch
Patch34: cups-str3418.patch Patch34: cups-str3418.patch
Patch35: cups-CVE-2009-3553.patch
Patch100: cups-lspp.patch Patch100: cups-lspp.patch
@ -224,6 +225,7 @@ module.
%patch32 -p1 -b .str3403 %patch32 -p1 -b .str3403
%patch33 -p1 -b .str3407 %patch33 -p1 -b .str3407
%patch34 -p1 -b .str3418 %patch34 -p1 -b .str3418
%patch35 -p1 -b .CVE-2009-3553
%if %lspp %if %lspp
%patch100 -p1 -b .lspp %patch100 -p1 -b .lspp
@ -516,6 +518,9 @@ rm -rf $RPM_BUILD_ROOT
%{php_extdir}/phpcups.so %{php_extdir}/phpcups.so
%changelog %changelog
* Thu Nov 19 2009 Tim Waugh <twaugh@redhat.com> 1:1.4.2-7
- Applied patch to fix CVE-2009-3553 (bug #530111, STR #3200).
* Tue Nov 17 2009 Tim Waugh <twaugh@redhat.com> 1:1.4.2-6 * Tue Nov 17 2009 Tim Waugh <twaugh@redhat.com> 1:1.4.2-6
- Fixed display of current driver (bug #537182, STR #3418). - Fixed display of current driver (bug #537182, STR #3418).
- Fixed out-of-memory handling when loading jobs (bug #538054, - Fixed out-of-memory handling when loading jobs (bug #538054,