From feee1b3cc9253b5868c38ea8d58967de09484543 Mon Sep 17 00:00:00 2001 From: Zdenek Dohnal Date: Wed, 13 Aug 2025 08:13:31 +0200 Subject: [PATCH] RHEL-108945 The KONICA MINOLTA C352 is not distributed using cups-browsed and the included ppd file Resolves: RHEL-108945 --- ...-characters-from-PPD-names-Issue-111.patch | 29 +++++++++++++++++++ cups.spec | 10 ++++++- 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 0001-Drop-non-keyword-characters-from-PPD-names-Issue-111.patch diff --git a/0001-Drop-non-keyword-characters-from-PPD-names-Issue-111.patch b/0001-Drop-non-keyword-characters-from-PPD-names-Issue-111.patch new file mode 100644 index 0000000..9d2cbba --- /dev/null +++ b/0001-Drop-non-keyword-characters-from-PPD-names-Issue-111.patch @@ -0,0 +1,29 @@ +From c0b8e48125044510d6cd6858258a15fc742b97e0 Mon Sep 17 00:00:00 2001 +From: Michael R Sweet +Date: Wed, 2 Apr 2025 15:14:58 -0400 +Subject: [PATCH] Drop non-keyword characters from PPD names (Issue #1118) + +--- + CHANGES.md | 1 + + cups/ppd-cache.c | 7 +------ + 2 files changed, 2 insertions(+), 6 deletions(-) + +diff --git a/cups/ppd-cache.c b/cups/ppd-cache.c +index 5d61f7c9f..a4c2b4c5b 100644 +--- a/cups/ppd-cache.c ++++ b/cups/ppd-cache.c +@@ -5680,11 +5680,6 @@ pwg_unppdize_name(const char *ppd, /* I - PPD keyword */ + nodash = 1; + } + } +- else +- { +- *ptr++ = *ppd; +- nodash = 0; +- } + + if (nodash == 0) + { +-- +2.50.1 + diff --git a/cups.spec b/cups.spec index 5e80c98..aa2037e 100644 --- a/cups.spec +++ b/cups.spec @@ -22,7 +22,7 @@ Summary: CUPS printing system Name: cups Epoch: 1 Version: 2.4.10 -Release: 12%{?dist} +Release: 13%{?dist} # backend/failover.c - BSD-3-Clause # cups/md5* - Zlib # scheduler/colorman.c - Apache-2.0 WITH LLVM-exception AND BSD-2-Clause @@ -109,6 +109,9 @@ Patch1013: 0001-Add-NoSystem-SSLOptions-value.patch Patch1014: CVE-2025-58060.patch # RHEL-113073 CVE-2025-58364 cups: Null Pointer Dereference in CUPS ipp_read_io() Leading to Remote DoS Patch1015: CVE-2025-58364.patch +# RHEL-108945 The KONICA MINOLTA C352 is not distributed using cups-browsed and the included ppd file +# https://github.com/OpenPrinting/cups/commit/c0b8e481250445 +Patch1016: 0001-Drop-non-keyword-characters-from-PPD-names-Issue-111.patch ##### Patches removed because IMHO they aren't no longer needed @@ -370,6 +373,8 @@ to CUPS daemon. This solution will substitute printer drivers and raw queues in %patch -P 1014 -p1 -b .cve-2025-58060 # RHEL-113073 CVE-2025-58364 cups: Null Pointer Dereference in CUPS ipp_read_io() Leading to Remote DoS %patch -P 1015 -p1 -b .cve-2025-58364 +# drop nonIPP characters from keywords +%patch -P 1016 -p1 -b .drop-brackets # Log to the system journal by default (bug #1078781, bug #1519331). @@ -839,6 +844,9 @@ rm -f %{cups_serverbin}/backend/smb %{_mandir}/man7/ippeveps.7.gz %changelog +* Tue Sep 16 2025 Zdenek Dohnal - 1:2.4.10-13 +- RHEL-108945 The KONICA MINOLTA C352 is not distributed using cups-browsed and the included ppd file + * Thu Sep 11 2025 Zdenek Dohnal - 1:2.4.10-12 - RHEL-112419 CVE-2025-58060 cups: Authentication Bypass in CUPS Authorization Handling - RHEL-113073 CVE-2025-58364 cups: Null Pointer Dereference in CUPS ipp_read_io() Leading to Remote DoS