PR#2: Apply proper upstream patch instead of master for better maintainability - rpms/cups

rpms / cups

#2 Apply proper upstream patch instead of master for better maintainability

Merged 6 years ago by thozza. Opened 6 years ago by landgraf.

rpms/ landgraf/cups CVE-2017-18248-f28_master into master

Apply proper patch

Pavel Zhukov • 6 years ago

103d634

cups-dbus_crash.patch

file added

+28

		`@@ -0,0 +1,28 @@`
		`+ diff --git a/scheduler/ipp.c b/scheduler/ipp.c`
		`+ index 02dc392..9aa8b80 100644`
		`+ --- a/scheduler/ipp.c`
		`+ +++ b/scheduler/ipp.c`
		`+ @@ -1636,6 +1636,14 @@ add_job(cupsd_client_t con, / I - Client connection */`
		`+ return (NULL);`
		`+ }`
		`+`
		`+ + if (attr && !ippValidateAttribute(attr))`
		`+ + {`
		`+ + send_ipp_status(con, IPP_ATTRIBUTES, _("Bad requesting-user-name value: %s"), cupsLastErrorString());`
		`+ + if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)`
		`+ + attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;`
		`+ + return (NULL);`
		`+ + }`
		`+ +`
		`+ #ifdef WITH_LSPP`
		`+ if (is_lspp_config())`
		`+ {`
		`+ @@ -1736,6 +1744,8 @@ add_job(cupsd_client_t con, / I - Client connection */`
		`+ }`
		`+ #endif /* WITH_LSPP */`
		`+`
		`+ +`
		`+ +`
		`+ if ((job = cupsdAddJob(priority, printer->name)) == NULL)`
		`+ {`
		`+ send_ipp_status(con, IPP_INTERNAL_ERROR,`

cups-delete_invalid_attrs.patch

file removed

-54

		`@@ -1,54 +0,0 @@`
		`- diff --git a/scheduler/ipp.c b/scheduler/ipp.c`
		`- index 02dc392..0fc2d07 100644`
		`- --- a/scheduler/ipp.c`
		`- +++ b/scheduler/ipp.c`
		`- @@ -1615,15 +1615,30 @@`
		`- _("Bad job-name value: Wrong type or count."));`
		`- if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)`
		`- attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;`
		`- +`
		`- + if (StrictConformance)`
		`- return (NULL);`
		`- +`
		`- + /* Don't use invalid attribute */`
		`- + ippDeleteAttribute(con->request, attr);`
		`- +`
		`- + ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "job-name", NULL, "Untitled");`
		`- }`
		`- else if (!ippValidateAttribute(attr))`
		`- {`
		`- send_ipp_status(con, IPP_ATTRIBUTES, _("Bad job-name value: %s"),`
		`- cupsLastErrorString());`
		`- +`
		`- if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)`
		`- attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;`
		`- +`
		`- + if (StrictConformance)`
		`- return (NULL);`
		`- +`
		`- + /* Don't use invalid attribute */`
		`- + ippDeleteAttribute(con->request, attr);`
		`- +`
		`- + ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "job-name", NULL, "Untitled");`
		`- }`
		`-`
		`- attr = ippFindAttribute(con->request, "requesting-user-name", IPP_TAG_NAME);`
		`- @@ -1631,9 +1646,17 @@ add_job(cupsd_client_t con, / I - Client connection */`
		`- if (attr && !ippValidateAttribute(attr))`
		`- {`
		`- send_ipp_status(con, IPP_ATTRIBUTES, _("Bad requesting-user-name value: %s"), cupsLastErrorString());`
		`- +`
		`- if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)`
		`- attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;`
		`- - return (NULL);`
		`- +`
		`- + if (StrictConformance)`
		`- + return (NULL);`
		`- +`
		`- + /* Don't use invalid attribute */`
		`- + ippDeleteAttribute(con->request, attr);`
		`- +`
		`- + attr = ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "reqeusting-user-name", NULL, "anonymous");`
		`- }`
		`-`
		`- #ifdef WITH_LSPP`

cups.spec

file modified

+5 -3

		`@@ -15,7 +15,7 @@`
		`Name: cups`
		`Epoch: 1`
		`Version: 2.2.6`
		`- Release: 12%{?dist}`
		`+ Release: 13%{?dist}`
		`License: GPLv2`
		`Url: http://www.cups.org/`
		`Source0: https://github.com/apple/cups/releases/download/v%{VERSION}/cups-%{VERSION}-source.tar.gz`
		`@@ -62,7 +62,7 @@`
		`Patch37: cups-synconclose.patch`
		`Patch38: cups-ypbind.patch`
		`Patch39: cups-moved-logs.patch`
		`- Patch40: cups-delete_invalid_attrs.patch`
		`+ Patch40: cups-dbus_crash.patch`

		`Patch100: cups-lspp.patch`

		`@@ -190,7 +190,6 @@`

		`%prep`
		`%setup -q -n cups-%{VERSION}`
		`-`
		`# Don't gzip man pages in the Makefile, let rpmbuild do it.`
		`%patch1 -p1 -b .no-gzip-man`
		`# Use the system pam configuration.`
		`@@ -660,6 +659,9 @@`
		`%{_mandir}/man5/ipptoolfile.5.gz`

		`%changelog`
		`+ * Thu Mar 29 2018 Pavel Zhukov <pzhukov@redhat.com> - 1:2.2.6-13`
		`+ - Use dbus fix instead of general attr delete (upstream)`
		`+`
		`* Wed Mar 28 2018 Pavel Zhukov <pzhukov@redhat.com> - 1:2.2.6-12`
		`- Fix for CVE-2017-18248`