rpms/cups/F-7 cups-CVE-2007-4045.patch, NONE, 1.1 cups-CVE-2007-4352, 5392, 5393.patch, NONE, 1.1 cups.spec, 1.346, 1.347
Tim Waugh (twaugh)
fedora-extras-commits at redhat.com
Wed Nov 7 21:10:59 UTC 2007
Author: twaugh
Update of /cvs/pkgs/rpms/cups/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2291
Modified Files:
cups.spec
Added Files:
cups-CVE-2007-4045.patch cups-CVE-2007-4352,5392,5393.patch
Log Message:
* Wed Nov 7 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.12-7
- Applied patch to fix CVE-2007-4045 (bug #250161).
- Applied patch to fix CVE-2007-4352, CVE-2007-5392 and
CVE-2007-5393 (bug #345101).
cups-CVE-2007-4045.patch:
--- NEW FILE cups-CVE-2007-4045.patch ---
diff -up cups-1.2.4/scheduler/client.c.CVE-2007-4045 cups-1.2.4/scheduler/client.c
--- cups-1.2.4/scheduler/client.c.CVE-2007-4045 2007-10-30 09:51:04.000000000 +0000
+++ cups-1.2.4/scheduler/client.c 2007-10-30 10:07:10.000000000 +0000
@@ -105,6 +105,25 @@ static int write_file(cupsd_client_t *c
struct stat *filestats);
+void
+_cupsdFixClientsBIO(void)
+{
+#ifdef HAVE_LIBSSL
+ cupsd_client_t *c;
+ BIO *bio;
+ cupsArraySave (Clients);
+ for (c = (cupsd_client_t *)cupsArrayFirst(Clients);
+ c;
+ c = (cupsd_client_t *)cupsArrayNext(Clients))
+ {
+ bio = SSL_get_wbio(c->http.tls);
+ BIO_ctrl(bio, BIO_C_SET_FILE_PTR, 0, (char *)HTTP(c));
+ }
+ cupsArrayRestore (Clients);
+#endif
+}
+
+
/*
* 'cupsdAcceptClient()' - Accept a new client.
*/
@@ -438,6 +457,7 @@ cupsdAcceptClient(cupsd_listener_t *lis)
}
cupsArrayAdd(Clients, con);
+ _cupsdFixClientsBIO();
cupsdLogMessage(CUPSD_LOG_DEBUG2,
"cupsdAcceptClient: %d connected to server on %s:%d",
@@ -729,6 +749,7 @@ cupsdCloseClient(cupsd_client_t *con) /*
*/
cupsArrayRemove(Clients, con);
+ _cupsdFixClientsBIO();
free(con);
}
diff -up cups-1.2.4/scheduler/main.c.CVE-2007-4045 cups-1.2.4/scheduler/main.c
--- cups-1.2.4/scheduler/main.c.CVE-2007-4045 2007-10-30 09:51:04.000000000 +0000
+++ cups-1.2.4/scheduler/main.c 2007-10-30 09:51:05.000000000 +0000
@@ -948,7 +948,7 @@ main(int argc, /* I - Number of comm
* Write data as needed...
*/
- if (con->pipe_pid && FD_ISSET(con->file, input))
+ if (con->pipe_pid && con->file >= 0 && FD_ISSET(con->file, input))
{
/*
* Keep track of pending input from the file/pipe separately
***** Not enough context to create diffstat for file: cups-CVE-2007-4352,5392,5393.patch,NONE,1.1
***** Not enough context to create diff for file: cups-CVE-2007-4352,5392,5393.patch,NONE,1.1
Index: cups.spec
===================================================================
RCS file: /cvs/pkgs/rpms/cups/F-7/cups.spec,v
retrieving revision 1.346
retrieving revision 1.347
diff -u -r1.346 -r1.347
--- cups.spec 1 Nov 2007 14:42:52 -0000 1.346
+++ cups.spec 7 Nov 2007 21:10:23 -0000 1.347
@@ -6,7 +6,7 @@
Summary: Common Unix Printing System
Name: cups
Version: 1.2.12
-Release: 6%{?dist}
+Release: 7%{?dist}
License: GPL
Group: System Environment/Daemons
Source: ftp://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2
@@ -49,6 +49,8 @@
Patch25: cups-usb-paperout.patch
Patch26: cups-CVE-2007-3387.patch
Patch27: cups-CVE-2007-4351.patch
+Patch28: cups-CVE-2007-4352,5392,5393.patch
+Patch29: cups-CVE-2007-4045.patch
Patch100: cups-lspp.patch
Epoch: 1
Url: http://www.cups.org/
@@ -160,6 +162,8 @@
%patch25 -p1 -b .usb-paperout
%patch26 -p1 -b .CVE-2007-3387
%patch27 -p1 -b .CVE-2007-4351
+%patch28 -p1 -b .CVE-2007-4352,5392,5393
+%patch29 -p1 -b .CVE-2007-4045
%if %lspp
%patch100 -p1 -b .lspp
@@ -447,6 +451,11 @@
%{cups_serverbin}/daemon/cups-lpd
%changelog
+* Wed Nov 7 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.12-7
+- Applied patch to fix CVE-2007-4045 (bug #250161).
+- Applied patch to fix CVE-2007-4352, CVE-2007-5392 and
+ CVE-2007-5393 (bug #345101).
+
* Thu Nov 1 2007 Tim Waugh <twaugh at redhat.com> 1:1.2.12-6
- Applied patch to fix CVE-2007-4351 (STR #2561, bug #361661).
More information about the fedora-extras-commits
mailing list