diff options
| author | tron <tron@pkgsrc.org> | 2010-11-13 11:22:03 +0000 |
|---|---|---|
| committer | tron <tron@pkgsrc.org> | 2010-11-13 11:22:03 +0000 |
| commit | fbe90473b7042b5ac8ede2d4c0336fdda64ce04e (patch) | |
| tree | 9a7e815cc2a01cf0d13ed62f3ae18b4c36a80454 /print | |
| parent | 1aa8fe662ec9fa019239fce7d4de6679980cb96c (diff) | |
| download | pkgsrc-fbe90473b7042b5ac8ede2d4c0336fdda64ce04e.tar.gz | |
Pullup ticket #3271 - requested by sbd
print/cups: security patch
Revisions pulled up:
- print/cups/Makefile 1.170
- print/cups/distinfo 1.76
- print/cups/patches/patch-aq 1.4
- print/cups/patches/patch-ar 1.4
---
Module Name: pkgsrc
Committed By: sbd
Date: Fri Nov 12 08:24:32 UTC 2010
Modified Files:
pkgsrc/print/cups: Makefile distinfo
Added Files:
pkgsrc/print/cups/patches: patch-aq patch-ar
Log Message:
Add str3648.patch by Mike Sweet to address CVE-2010-2941.
Obtained from https://bugzilla.redhat.com/show_bug.cgi?id=624438
as Cups STR#3648 (http://www.cups.org/str.php?L3648) is not public yet!
Diffstat (limited to 'print')
| -rw-r--r-- | print/cups/Makefile | 4 | ||||
| -rw-r--r-- | print/cups/distinfo | 4 | ||||
| -rw-r--r-- | print/cups/patches/patch-aq | 18 | ||||
| -rw-r--r-- | print/cups/patches/patch-ar | 39 |
4 files changed, 62 insertions, 3 deletions
diff --git a/print/cups/Makefile b/print/cups/Makefile index 6c1f28a1dc5..1b02f19a1d8 100644 --- a/print/cups/Makefile +++ b/print/cups/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.169 2010/07/14 11:25:19 sbd Exp $ +# $NetBSD: Makefile,v 1.169.2.1 2010/11/13 11:22:03 tron Exp $ # # The CUPS author is very good about taking back changes into the main # CUPS distribution. The correct place to send patches or bug-fixes is: @@ -8,7 +8,7 @@ DISTNAME= cups-${DIST_VERS}-source PKGNAME= cups-${DIST_VERS:S/-/./g} BASE_VERS= 1.4.3 DIST_VERS= ${BASE_VERS} -PKGREVISION= 9 +PKGREVISION= 10 CATEGORIES= print MASTER_SITES= http://ftp.easysw.com/pub/cups/${BASE_VERS}/ \ diff --git a/print/cups/distinfo b/print/cups/distinfo index cdcfb6838a4..2a6226628f0 100644 --- a/print/cups/distinfo +++ b/print/cups/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.75 2010/07/13 10:59:42 sbd Exp $ +$NetBSD: distinfo,v 1.75.2.1 2010/11/13 11:22:03 tron Exp $ SHA1 (cups-1.4.3-source.tar.bz2) = 0dd9e3d709614d26cce77728b9263556c94c9559 RMD160 (cups-1.4.3-source.tar.bz2) = 6c5ab282405d6a1132163c727583f3a572307d88 @@ -19,6 +19,8 @@ SHA1 (patch-am) = b2cc09ac01e45c96247558667f875fd4a95b125f SHA1 (patch-an) = 231c871e31db279e8aeafba71506f93330e0a971 SHA1 (patch-ao) = 7fe50080b9a6fd4dac186020f9351ef6000373c7 SHA1 (patch-ap) = 70c5fa4a19ca2812818844180ca9db9cb7cfd601 +SHA1 (patch-aq) = 098d78b7dd82ae0d69804d736603cdad9814ee9a +SHA1 (patch-ar) = ec48fcb37ed2525af4ee669e6f3fa6a253e7bf10 SHA1 (patch-at) = aee1f0e8cbcd9e2dbcfa9af3fb675ea7ce1ce622 SHA1 (patch-ba) = caf7c85d5c23cb36711b56cc401ae3b6f7e366df SHA1 (patch-bb) = 4a554f5815c8dd7a79d2a0c7080b8b5095b37515 diff --git a/print/cups/patches/patch-aq b/print/cups/patches/patch-aq new file mode 100644 index 00000000000..97c128f3548 --- /dev/null +++ b/print/cups/patches/patch-aq @@ -0,0 +1,18 @@ +$NetBSD: patch-aq,v 1.4.2.2 2010/11/13 11:22:03 tron Exp $ + +Add str3648.patch by Mike Sweet to address CVE-2010-2941. +Obtained from https://bugzilla.redhat.com/show_bug.cgi?id=624438 +as Cups STR#3648 (http://www.cups.org/str.php?L3648) is not public yet! + +--- cups/ipp.h.orig 2010-04-23 18:56:34.000000000 +0000 ++++ cups/ipp.h +@@ -93,7 +93,8 @@ typedef enum ipp_tag_e /**** Format ta + IPP_TAG_END_COLLECTION, /* End of collection value */ + IPP_TAG_TEXT = 0x41, /* Text value */ + IPP_TAG_NAME, /* Name value */ +- IPP_TAG_KEYWORD = 0x44, /* Keyword value */ ++ IPP_TAG_RESERVED_STRING, /* Reserved for future string value @private@ */ ++ IPP_TAG_KEYWORD, /* Keyword value */ + IPP_TAG_URI, /* URI value */ + IPP_TAG_URISCHEME, /* URI scheme value */ + IPP_TAG_CHARSET, /* Character set value */ diff --git a/print/cups/patches/patch-ar b/print/cups/patches/patch-ar new file mode 100644 index 00000000000..2ae629a2da8 --- /dev/null +++ b/print/cups/patches/patch-ar @@ -0,0 +1,39 @@ +$NetBSD: patch-ar,v 1.4.2.2 2010/11/13 11:22:03 tron Exp $ + +Add str3648.patch by Mike Sweet to address CVE-2010-2941. +Obtained from https://bugzilla.redhat.com/show_bug.cgi?id=624438 +as Cups STR#3648 (http://www.cups.org/str.php?L3648) is not public yet! + +--- cups/ipp.c.orig 2010-04-23 18:56:34.000000000 +0000 ++++ cups/ipp.c +@@ -1275,7 +1275,9 @@ ippReadIO(void *src, /* I - Data + + attr->value_tag = tag; + } +- else if ((value_tag >= IPP_TAG_TEXTLANG && ++ else if (value_tag == IPP_TAG_TEXTLANG || ++ value_tag == IPP_TAG_NAMELANG || ++ (value_tag >= IPP_TAG_TEXT && + value_tag <= IPP_TAG_MIMETYPE)) + { + /* +@@ -1283,8 +1285,9 @@ ippReadIO(void *src, /* I - Data + * forms; accept sets of differing values... + */ + +- if ((tag < IPP_TAG_TEXTLANG || tag > IPP_TAG_MIMETYPE) && +- tag != IPP_TAG_NOVALUE) ++ if (tag != IPP_TAG_TEXTLANG && tag != IPP_TAG_NAMELANG && ++ (tag < IPP_TAG_TEXT || tag > IPP_TAG_MIMETYPE) && ++ tag != IPP_TAG_NOVALUE) + { + DEBUG_printf(("1ippReadIO: 1setOf value tag %x(%s) != %x(%s)", + value_tag, ippTagString(value_tag), tag, +@@ -2766,6 +2769,7 @@ _ippFreeAttr(ipp_attribute_t *attr) /* I + { + case IPP_TAG_TEXT : + case IPP_TAG_NAME : ++ case IPP_TAG_RESERVED_STRING : + case IPP_TAG_KEYWORD : + case IPP_TAG_URI : + case IPP_TAG_URISCHEME : |