rpms/libcupsfilters
5
0
Fork 0
Code Issues Pull Requests Releases Activity

RHEL-60322 CVE-2024-47076 libcupsfilters: cfGetPrinterAttributes API does not perform sanitization on returned IPP attributes

Browse Source 
Resolves: RHEL-60322
This commit is contained in:
Zdenek Dohnal 2024-11-21 17:41:13 +01:00
parent 3b4bb2b00b
commit 8cf5e03b17
2 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
0001-cfgetprinterattributes5-validate-response-attributes.patch Normal file
View File

@ -0,0 +1,34 @@
From 7df31c8e0ee56992de4568287f9cd6d766b793cb Mon Sep 17 00:00:00 2001
From: Till Kamppeter <till.kamppeter@gmail.com>
Date: Tue, 24 Sep 2024 11:58:01 +0200
Subject: [PATCH] cfGetPrinterAttributes5(): Validate response attributes
before return
The destination can be corrupted or forged, so validate the response
to strenghten security measures.
---
cupsfilters/ipp.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/cupsfilters/ipp.c b/cupsfilters/ipp.c
index 8d6a9b3d..db10cb3f 100644
--- a/cupsfilters/ipp.c
+++ b/cupsfilters/ipp.c
@@ -404,6 +404,14 @@ cfGetPrinterAttributes5(http_t *http_printer,
ippDelete(response2);
}
}
+
+ // Check if the response is valid
+ if (!ippValidateAttributes(response))
+ {
+ ippDelete(response);
+ response = NULL;
+ }
+
if (have_http == 0) httpClose(http_printer);
if (uri) free(uri);
return (response);
--
2.46.1

7
libcupsfilters.spec
View File

@ -4,7 +4,7 @@
Name: libcupsfilters
Epoch: 1
Version: 2.0.0
Release: 8%{?dist}
Release: 9%{?dist}
Summary: Library for developing printing filters
# the CUPS exception text is the same as LLVM exception, so using that name with
# agreement from legal team
@ -19,6 +19,8 @@ Source0: %{URL}/releases/download/%{version}/%{name}-%{version}.tar.gz
Patch001: libcf-color-raster-printing.patch
# RHEL-29726 Backport fix for typo influencing image filtering from CMYK to CMY
Patch002: 0001-cfImageCMYKToCMY-Fixed-copy-and-paste-error.patch
# RHEL-60322 CVE-2024-47076 libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes
Patch003: 0001-cfgetprinterattributes5-validate-response-attributes.patch
# for generating configure and Makefile scripts in autogen.h
@ -196,6 +198,9 @@ rm -f %{buildroot}%{_pkgdocdir}/{LICENSE,COPYING,NOTICE}
%changelog
* Thu Nov 21 2024 Zdenek Dohnal <zdohnal@redhat.com> - 1:2.0.0-9
- RHEL-60322 CVE-2024-47076 libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1:2.0.0-8
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018