main/cups: security fix (CVE-2014-2856). Fixes #2949

2 files changed, 24 insertions, 3 deletions

diff --git a/main/cups/APKBUILD b/main/cups/APKBUILD
index 1cf3effc38..20a723615e 100644
--- a/main/cups/APKBUILD
+++ b/main/cups/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=cups
 pkgver=1.6.1
-pkgrel=0
+pkgrel=1
 pkgdesc="The CUPS Printing System"
 url="http://www.cups.org/"
 arch="all"
@@ -15,9 +15,10 @@ install="cups.pre-install"
 pkggroups="lp lpadmin"
 pkgusers="lp"
 replaces="cups-doc"
-source="ftp://ftp.easysw.com/pub/$pkgname/$pkgver/$pkgname-$pkgver-source.tar.bz2
+source="http://www.cups.org/software/$pkgver/$pkgname-$pkgver-source.tar.bz2
 	$pkgname.logrotate
 	cupsd.initd
+	CVE-2014-2856.patch
 	"
 
 
@@ -113,4 +114,5 @@ client() {
 
 md5sums="87ade07e3d1efd03c9c3add949cf9c00  cups-1.6.1-source.tar.bz2
 f861b18f4446c43918c8643dcbbd7f6d  cups.logrotate
-1154ed66fdcfa0523f929a369079f43c  cupsd.initd"
+1154ed66fdcfa0523f929a369079f43c  cupsd.initd
+09c0def850cf68d5f0bd4adcb39192ba  CVE-2014-2856.patch"
diff --git a/main/cups/CVE-2014-2856.patch b/main/cups/CVE-2014-2856.patch
new file mode 100644
index 0000000000..977d2fcafc
--- /dev/null
+++ b/main/cups/CVE-2014-2856.patch
@@ -0,0 +1,19 @@
+Index: scheduler/client.c
+===================================================================
+--- a/scheduler/client.c	(revision 11597)
++++ b/scheduler/client.c	(working copy)
+@@ -3316,6 +3316,14 @@
+     return (0);
+ 
+  /*
++  * Check for "<" or quotes in the path and reject since this is probably
++  * someone trying to inject HTML...
++  */
++
++  if (strchr(path, '<') != NULL || strchr(path, '\"') != NULL || strchr(path, '\'') != NULL)
++    return (0);
++
++ /*
+   * Check for "/.." in the path...
+   */
+