diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2015-03-18 08:26:29 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2015-03-18 08:26:29 +0000 |
commit | 3f6536436bc8e0d379f0c685b155049cbbf35ae4 (patch) | |
tree | 756834fae45a56edad9dbd8030842fa6a136e23d /main/cups | |
parent | 9858cf87912aadf8d2123398e690ca6bf8715f78 (diff) | |
download | aports-3f6536436bc8e0d379f0c685b155049cbbf35ae4.tar.bz2 aports-3f6536436bc8e0d379f0c685b155049cbbf35ae4.tar.xz |
main/cups: security fix for CVE-2014-9679
fixes #3992
Diffstat (limited to 'main/cups')
-rw-r--r-- | main/cups/APKBUILD | 12 | ||||
-rw-r--r-- | main/cups/CVE-2014-9679.patch | 35 |
2 files changed, 43 insertions, 4 deletions
diff --git a/main/cups/APKBUILD b/main/cups/APKBUILD index 23f1fc4de7..46d029b80c 100644 --- a/main/cups/APKBUILD +++ b/main/cups/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=cups pkgver=1.6.2 -pkgrel=3 +pkgrel=4 pkgdesc="The CUPS Printing System" url="http://www.cups.org/" arch="all" @@ -21,6 +21,7 @@ source="http://www.cups.org/software/$pkgver/$pkgname-$pkgver-source.tar.bz2 CVE-2014-2856.patch CVE-2014-3537.patch CVE-2014-5029_5030_5031.patch + CVE-2014-9679.patch " @@ -122,16 +123,19 @@ f861b18f4446c43918c8643dcbbd7f6d cups.logrotate 1154ed66fdcfa0523f929a369079f43c cupsd.initd 09c0def850cf68d5f0bd4adcb39192ba CVE-2014-2856.patch e7b557c8515d17bda174caf39dc774ad CVE-2014-3537.patch -749673017347dacc336a60555e6c7a58 CVE-2014-5029_5030_5031.patch" +749673017347dacc336a60555e6c7a58 CVE-2014-5029_5030_5031.patch +405bbe44191c628d7f1f1cbd30e242fa CVE-2014-9679.patch" sha256sums="37a3ebd305e76cfd4c9c53013e89c0f7a4dcb04b2e9da61029a29faa57e0f10d cups-1.6.2-source.tar.bz2 b3308353504bc1cc0d5203ad3609bc98639ad9655b52e8ec8257286877532796 cups.logrotate 3ea71f13cf925736847ca44aa0f1a9ed944fb3d303c34af923140b20fd587e2b cupsd.initd 1066ddc97764e55f1cf98c742c59a3296adf9a9acb5d1a5d7d4ef80cba519755 CVE-2014-2856.patch 8898d80602eff060cf595b1e671b657930968c029614715f050aa6802bb8d080 CVE-2014-3537.patch -c90152101ea215b34b9a483538c31902f683bea452a91e74733b41a1a1d7aa25 CVE-2014-5029_5030_5031.patch" +c90152101ea215b34b9a483538c31902f683bea452a91e74733b41a1a1d7aa25 CVE-2014-5029_5030_5031.patch +9a2ae9590348aea7d6c383a1ce5f2b08d259b44a1e0eb3ddb2201b81148c9fb9 CVE-2014-9679.patch" sha512sums="08b7ae95af9c19a1bb72f851b801d55a51360a4c2993c34878d18a605bf1d9381eada5a8f51653c4467738f0509bb8ad713b79e78c8d2a80f1aa86f1d2196038 cups-1.6.2-source.tar.bz2 162fe69ee46962f7ce07a9a2a75154682088895c4749c9bcfc54bb2aa861f48d7d1a8e3223f78a197319a3a405626ffe996615f6eb23168afcefabab343d5be0 cups.logrotate 3c5f4017cb1faf3e63551db53da4cb8305601adf65358bc53e982c5a0dfdd2b455a8ce735760ae3cc5ef81cdfa2a3cfe4be4107d1858d7ab9d91b4b97d3bc73b cupsd.initd c365b6e85b180c839f15d9945fb5597c21a0b2f5fd9b941f162b4582767fff7e8b8306d8c3fcb74d160f47a1e795fb69b0f2d32776b49e3971d0090fe624d6fa CVE-2014-2856.patch 146c85e595f66a339852fc7e79bfde0e9329704d412dfc85130f94f946a78481827261236acea9502bddd538c0db84a7905040f777fd123cc7e983c3f1c13930 CVE-2014-3537.patch -4261de408769cf24b7f32044ac606145c28fa879aa268c084b2b6119efaa8b53b6f4a455d21195e94c7fd5f099cde2b8f7915c2458873ed90f80613937d246b3 CVE-2014-5029_5030_5031.patch" +4261de408769cf24b7f32044ac606145c28fa879aa268c084b2b6119efaa8b53b6f4a455d21195e94c7fd5f099cde2b8f7915c2458873ed90f80613937d246b3 CVE-2014-5029_5030_5031.patch +69220ed540e9871ada0c94e7ceecca0a0d2f3236ed7263e0941f468091544343ff1866fb97d499c14b509f2b93e15b228861acf9c1d457ea2803d7be2ec1c037 CVE-2014-9679.patch" diff --git a/main/cups/CVE-2014-9679.patch b/main/cups/CVE-2014-9679.patch new file mode 100644 index 0000000000..7dba792275 --- /dev/null +++ b/main/cups/CVE-2014-9679.patch @@ -0,0 +1,35 @@ +Index: filter/raster.c +=================================================================== +--- a/filter/raster.c (revision 12451) ++++ b/filter/raster.c (working copy) +@@ -256,7 +256,10 @@ + */ + + if (!cups_raster_read_header(r)) ++ { ++ memset(h, 0, sizeof(cups_page_header_t)); + return (0); ++ } + + /* + * Copy the header to the user-supplied buffer... +@@ -285,7 +288,10 @@ + */ + + if (!cups_raster_read_header(r)) ++ { ++ memset(h, 0, sizeof(cups_page_header2_t)); + return (0); ++ } + + /* + * Copy the header to the user-supplied buffer... +@@ -964,7 +970,7 @@ + + cups_raster_update(r); + +- return (r->header.cupsBytesPerLine != 0 && r->header.cupsHeight != 0); ++ return (r->header.cupsBytesPerLine != 0 && r->header.cupsHeight != 0 && (r->header.cupsBytesPerLine % r->bpp) == 0); + } + + |