rpms/hplip/F-8 hplip-parse-crash.patch, NONE, 1.1 hplip-static-alerts-table.patch, NONE, 1.1 hplip-validate-uri.patch, NONE, 1.1 hplip.spec, 1.171, 1.172
Tim Waugh
twaugh at fedoraproject.org
Tue Aug 26 13:29:34 UTC 2008
- Previous message (by thread): rpms/pygame/devel pygame-1.8.1-config.patch, NONE, 1.1 .cvsignore, 1.3, 1.4 pygame.spec, 1.23, 1.24 sources, 1.3, 1.4 pygame-1.8.0-config.patch, 1.1, NONE
- Next message (by thread): rpms/slrn/F-9 slrn-0.9.9pre108-makefile.patch, NONE, 1.1 slrn-0.9.9pre108-sendmail.patch, NONE, 1.1 .cvsignore, 1.10, 1.11 slrn.spec, 1.37, 1.38 sources, 1.10, 1.11 slrn-0.9.8.0-config.patch, 1.1, NONE slrn-0.9.8.1pl1-getaddr.patch, 1.1, NONE slrn-0.9.8.1pl1-nss.patch, 1.1, NONE slrn-scorefile.patch, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: twaugh
Update of /cvs/pkgs/rpms/hplip/F-8
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv22035
Modified Files:
hplip.spec
Added Files:
hplip-parse-crash.patch hplip-static-alerts-table.patch
hplip-validate-uri.patch
Log Message:
* Tue Aug 26 2008 Tim Waugh <twaugh at redhat.com> 2.8.2-2
- Applied patches to fix CVE-2008-2940 and CVE-2008-2941 (bug #458989).
hplip-parse-crash.patch:
--- NEW FILE hplip-parse-crash.patch ---
diff -up hplip-2.8.2/hpssd.py.parse-crash hplip-2.8.2/hpssd.py
--- hplip-2.8.2/hpssd.py.parse-crash 2008-08-26 14:18:17.000000000 +0100
+++ hplip-2.8.2/hpssd.py 2008-08-26 14:27:14.000000000 +0100
@@ -203,7 +203,7 @@ class hpssd_handler(dispatcher):
log.debug(self.out_buffer)
return True
- msg_type = self.fields.get('msg', 'unknown').lower()
+ msg_type = str (self.fields.get('msg', 'unknown')).lower()
log.debug("Handling: %s %s %s" % ("*"*20, msg_type, "*"*20))
log.debug(repr(self.in_buffer))
@@ -260,9 +260,9 @@ class hpssd_handler(dispatcher):
def handle_getvalue(self):
- device_uri = self.fields.get('device-uri', '').replace('hpfax:', 'hp:')
+ device_uri = str (self.fields.get('device-uri', '')).replace('hpfax:', 'hp:')
value = ''
- key = self.fields.get('key', '')
+ key = str (self.fields.get('key', ''))
result_code = self.__checkdevice(device_uri)
if result_code == ERROR_SUCCESS:
@@ -274,8 +274,8 @@ class hpssd_handler(dispatcher):
self.out_buffer = buildResultMessage('GetValueResult', value, result_code)
def handle_setvalue(self):
- device_uri = self.fields.get('device-uri', '').replace('hpfax:', 'hp:')
- key = self.fields.get('key', '')
+ device_uri = str (self.fields.get('device-uri', '')).replace('hpfax:', 'hp:')
+ key = str (self.fields.get('key', ''))
value = self.fields.get('value', '')
result_code = self.__checkdevice(device_uri)
@@ -285,7 +285,7 @@ class hpssd_handler(dispatcher):
self.out_buffer = buildResultMessage('SetValueResult', None, ERROR_SUCCESS)
def handle_queryhistory(self):
- device_uri = self.fields.get('device-uri', '').replace('hpfax:', 'hp:')
+ device_uri = str (self.fields.get('device-uri', '')).replace('hpfax:', 'hp:')
payload = ''
result_code = self.__checkdevice(device_uri)
@@ -305,8 +305,8 @@ class hpssd_handler(dispatcher):
# EVENT
def handle_registerguievent(self):
- username = self.fields.get('username', '')
- typ = self.fields.get('type', 'unknown')
+ username = str (self.fields.get('username', ''))
+ typ = str (self.fields.get('type', 'unknown'))
self.typ = typ
self.username = username
self.send_events = True
@@ -314,13 +314,13 @@ class hpssd_handler(dispatcher):
# EVENT
def handle_unregisterguievent(self):
- username = self.fields.get('username', '')
+ username = str (self.fields.get('username', ''))
self.send_events = False
def handle_test_email(self):
result_code = ERROR_SUCCESS
- username = self.fields.get('username', prop.username)
+ username = str (self.fields.get('username', prop.username))
message = device.queryString('email_test_message')
subject = device.queryString('email_test_subject')
result_code = self.sendEmail(username, subject, message, True)
@@ -343,11 +343,14 @@ class hpssd_handler(dispatcher):
# sent by hpfax: to indicate the start of a complete fax rendering job
def handle_hpfaxbegin(self):
- username = self.fields.get('username', prop.username)
- job_id = self.fields.get('job-id', 0)
- printer_name = self.fields.get('printer', '')
- device_uri = self.fields.get('device-uri', '').replace('hp:', 'hpfax:')
- title = self.fields.get('title', '')
+ username = str (self.fields.get('username', prop.username))
+ try:
+ job_id = int (self.fields.get('job-id', 0))
+ except ValueError:
+ job_id = 0
+ printer_name = str (self.fields.get('printer', ''))
+ device_uri = str (self.fields.get('device-uri', '')).replace('hp:', 'hpfax:')
+ title = str (self.fields.get('title', ''))
log.debug("Creating data store for %s:%d" % (username, job_id))
fax_file[(username, job_id)] = tempfile.NamedTemporaryFile(prefix="hpfax")
@@ -360,8 +363,11 @@ class hpssd_handler(dispatcher):
# sent by hpfax: to transfer completed fax rendering data
def handle_hpfaxdata(self):
- username = self.fields.get('username', prop.username)
- job_id = self.fields.get('job-id', 0)
+ username = str (self.fields.get('username', prop.username))
+ try:
+ job_id = int (self.fields.get('job-id', 0))
+ except ValueError:
+ job_id = 0
if self.payload and (username, job_id) in fax_file and \
not fax_file_ready[(username, job_id)]:
@@ -373,12 +379,18 @@ class hpssd_handler(dispatcher):
# sent by hpfax: to indicate the end of a complete fax rendering job
def handle_hpfaxend(self):
- username = self.fields.get('username', '')
- job_id = self.fields.get('job-id', 0)
- printer_name = self.fields.get('printer', '')
- device_uri = self.fields.get('device-uri', '').replace('hp:', 'hpfax:')
- title = self.fields.get('title', '')
- job_size = self.fields.get('job-size', 0)
+ username = str (self.fields.get('username', ''))
+ try:
+ job_id = int (self.fields.get('job-id', 0))
+ except ValueError:
+ job_id = 0
+ printer_name = str (self.fields.get('printer', ''))
+ device_uri = str (self.fields.get('device-uri', '')).replace('hp:', 'hpfax:')
+ title = str (self.fields.get('title', ''))
+ try:
+ job_size = int (self.fields.get('job-size', 0))
+ except ValueError:
+ job_size = 0
fax_file[(username, job_id)].seek(0)
fax_file_ready[(username, job_id)] = True
@@ -389,7 +401,7 @@ class hpssd_handler(dispatcher):
# sent by hp-sendfax to see if any faxes have been printed and need to be picked up
def handle_faxcheck(self):
- username = self.fields.get('username', '')
+ username = str (self.fields.get('username', ''))
result_code = ERROR_NO_DATA_AVAILABLE
other_fields = {}
@@ -413,8 +425,11 @@ class hpssd_handler(dispatcher):
# after being run with --job param, both after a hpfaxend message
def handle_faxgetdata(self):
result_code = ERROR_SUCCESS
- username = self.fields.get('username', '')
- job_id = self.fields.get('job-id', 0)
+ username = str (self.fields.get('username', ''))
+ try:
+ job_id = int (self.fields.get('job-id', 0))
+ except ValueError:
+ job_id = 0
try:
fax_file[(username, job_id)]
@@ -442,15 +457,17 @@ class hpssd_handler(dispatcher):
# EVENT
def handle_event(self):
gui_port, gui_host = None, None
- event_type = self.fields.get('event-type', 'event')
-
- event_code = self.fields.get('event-code', STATUS_PRINTER_IDLE)
+ event_type = str (self.fields.get('event-type', 'event'))
+ try:
+ event_code = int (self.fields.get('event-code', STATUS_PRINTER_IDLE))
+ except ValueError:
+ event_code = STATUS_PRINTER_IDLE
# If event-code > 10001, its a PJL error code, so convert it
if event_code > EVENT_MAX_EVENT:
event_code = status.MapPJLErrorCode(event_code)
- device_uri = self.fields.get('device-uri', '').replace('hpfax:', 'hp:')
+ device_uri = str (self.fields.get('device-uri', '')).replace('hpfax:', 'hp:')
result_code = self.__checkdevice(device_uri)
if result_code != ERROR_SUCCESS:
return
@@ -461,10 +478,13 @@ class hpssd_handler(dispatcher):
log.debug("Short/Long: %s/%s" % (error_string_short, error_string_long))
- job_id = self.fields.get('job-id', 0)
+ try:
+ job_id = int (self.fields.get('job-id', 0))
+ except ValueError:
+ job_id = 0
try:
- username = self.fields['username']
+ username = str (self.fields['username'])
except KeyError:
if job_id == 0:
username = prop.username
@@ -480,7 +500,10 @@ class hpssd_handler(dispatcher):
no_fwd = utils.to_bool(self.fields.get('no-fwd', '0'))
log.debug("Username (jobid): %s (%d)" % (username, job_id))
- retry_timeout = self.fields.get('retry-timeout', 0)
+ try:
+ retry_timeout = int (self.fields.get('retry-timeout', 0))
+ except ValueError:
+ retry_timeout = 0
user_alerts = alerts.get(username, {})
dup_event = False
hplip-static-alerts-table.patch:
--- NEW FILE hplip-static-alerts-table.patch ---
diff -up hplip-2.8.2/base/g.py.static-alerts-table hplip-2.8.2/base/g.py
--- hplip-2.8.2/base/g.py.static-alerts-table 2008-08-26 13:19:13.000000000 +0100
+++ hplip-2.8.2/base/g.py 2008-08-26 14:14:41.000000000 +0100
@@ -139,6 +139,7 @@ class Config(dict):
prop.sys_config_file = '/etc/hp/hplip.conf'
prop.user_dir = os.path.expanduser('~/.hplip')
prop.user_config_file = os.path.join(prop.user_dir, 'hplip.conf')
+prop.alerts_config_file = '/etc/hp/alerts.conf'
if (not (prop.user_config_file.startswith ("/root/") or
prop.user_config_file.startswith ("/var/")) and
@@ -160,6 +161,7 @@ if (not (prop.user_config_file.startswit
sys_cfg = Config(prop.sys_config_file, True)
user_cfg = Config(prop.user_config_file)
+alerts_cfg = Config(prop.alerts_config_file)
# Language settings
diff -up hplip-2.8.2/hpssd.py.static-alerts-table hplip-2.8.2/hpssd.py
--- hplip-2.8.2/hpssd.py.static-alerts-table 2008-08-26 13:20:20.000000000 +0100
+++ hplip-2.8.2/hpssd.py 2008-08-26 13:22:59.000000000 +0100
@@ -70,6 +70,12 @@ from prnt import cups
# Per user alert settings
alerts = {}
+for user, cfg in alerts_cfg.iteritems ():
+ entry = {}
+ entry['email-alerts'] = utils.to_bool (cfg.get('email-alerts', 0))
+ entry['email-from-address'] = cfg.get('email-from-address', '')
+ entry['email-to-addresses'] = cfg.get('email-to-addresses', '')
+ alerts[user] = entry
# Fax
fax_file = {}
@@ -289,15 +295,10 @@ class hpssd_handler(dispatcher):
self.out_buffer = buildResultMessage('QueryHistoryResult', payload, result_code)
- # TODO: Need to load alerts at start-up
def handle_setalerts(self):
result_code = ERROR_SUCCESS
- username = self.fields.get('username', '')
- alerts[username] = {'email-alerts' : utils.to_bool(self.fields.get('email-alerts', '0')),
- 'email-from-address' : self.fields.get('email-from-address', ''),
- 'email-to-addresses' : self.fields.get('email-to-addresses', ''),
- }
+ # Do nothing. We use the alerts table in /etc/hp/alerts.conf.
self.out_buffer = buildResultMessage('SetAlertsResult', None, result_code)
hplip-validate-uri.patch:
--- NEW FILE hplip-validate-uri.patch ---
diff -up hplip-2.8.2/hpssd.py.validate-uri hplip-2.8.2/hpssd.py
--- hplip-2.8.2/hpssd.py.validate-uri 2008-08-26 13:19:13.000000000 +0100
+++ hplip-2.8.2/hpssd.py 2008-08-26 13:20:20.000000000 +0100
@@ -450,6 +450,9 @@ class hpssd_handler(dispatcher):
event_code = status.MapPJLErrorCode(event_code)
device_uri = self.fields.get('device-uri', '').replace('hpfax:', 'hp:')
+ result_code = self.__checkdevice(device_uri)
+ if result_code != ERROR_SUCCESS:
+ return
log.debug("Device URI: %s" % device_uri)
error_string_short = device.queryString(str(event_code), 0)
Index: hplip.spec
===================================================================
RCS file: /cvs/pkgs/rpms/hplip/F-8/hplip.spec,v
retrieving revision 1.171
retrieving revision 1.172
diff -u -r1.171 -r1.172
--- hplip.spec 4 Apr 2008 16:14:27 -0000 1.171
+++ hplip.spec 26 Aug 2008 13:29:03 -0000 1.172
@@ -1,7 +1,7 @@
Summary: HP Linux Imaging and Printing Project
Name: hplip
Version: 2.8.2
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+ and MIT
Group: System Environment/Daemons
Conflicts: system-config-printer < 0.6.132
@@ -22,6 +22,9 @@
Patch8: hplip-libsane.patch
Patch12: hplip-no-root-config.patch
Patch13: hplip-ui-optional.patch
+Patch14: hplip-validate-uri.patch
+Patch15: hplip-static-alerts-table.patch
+Patch16: hplip-parse-crash.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires(pre): /sbin/service
@@ -116,6 +119,12 @@
# Make utils.checkPyQtImport() look for the gui sub-package (bug #243273).
%patch13 -p1 -b .ui-optional
+# CVE-2008-2940.
+%patch14 -p1 -b .validate-uri
+%patch15 -p1 -b .static-alerts-table
+# CVE-2008-2941
+%patch16 -p1 -b .parse-crash
+
autoconf # for patch4
%build
@@ -278,6 +287,9 @@
exit 0
%changelog
+* Tue Aug 26 2008 Tim Waugh <twaugh at redhat.com> 2.8.2-2
+- Applied patches to fix CVE-2008-2940 and CVE-2008-2941 (bug #458989).
+
* Fri Apr 4 2008 Tim Waugh <twaugh at redhat.com>
- Images in docdir should not be executable (bug #440552).
- Previous message (by thread): rpms/pygame/devel pygame-1.8.1-config.patch, NONE, 1.1 .cvsignore, 1.3, 1.4 pygame.spec, 1.23, 1.24 sources, 1.3, 1.4 pygame-1.8.0-config.patch, 1.1, NONE
- Next message (by thread): rpms/slrn/F-9 slrn-0.9.9pre108-makefile.patch, NONE, 1.1 slrn-0.9.9pre108-sendmail.patch, NONE, 1.1 .cvsignore, 1.10, 1.11 slrn.spec, 1.37, 1.38 sources, 1.10, 1.11 slrn-0.9.8.0-config.patch, 1.1, NONE slrn-0.9.8.1pl1-getaddr.patch, 1.1, NONE slrn-0.9.8.1pl1-nss.patch, 1.1, NONE slrn-scorefile.patch, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list