diff options
| author |   Markus Volk <f_l_k@t-online.de> | 2023-11-13 21:31:57 +0100 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-11-20 15:30:46 +0000 |
| commit | 0e33d6fc646e76390e5bf8a0f7b38bd15c83729c (patch) | |
| tree | 569daf1db3ff5cc457ca1473c48be66ace7039e5 /meta/recipes-extended/cups/cups/CVE-2023-4504.patch | |
| parent | cedee02e1acaffd8932809ceb5b6f9bd4f861283 (diff) | |
| download | openembedded-core-contrib-0e33d6fc646e76390e5bf8a0f7b38bd15c83729c.tar.gz | |
cups: Upgrade 2.4.6 -> 2.4.7
- enable tls by default to fix:
| hash.c:16:12: fatal error: gnutls/crypto.h: No such file or directory
| 16 | # include <gnutls/crypto.h>
Changes in CUPS v2.4.7 (2023-09-20)
-----------------------------------
- CVE-2023-4504 - Fixed Heap-based buffer overflow when reading Postscript
in PPD files
- Added OpenSSL support for cupsHashData (Issue #762)
- Fixed delays in lpd backend (Issue #741)
- Fixed extensive logging in scheduler (Issue #604)
- Fixed hanging of `lpstat` on IBM AIX (Issue #773)
- Fixed hanging of `lpstat` on Solaris (Issue #156)
- Fixed printing to stderr if we can't open cups-files.conf (Issue #777)
- Fixed purging job files via `cancel -x` (Issue #742)
- Fixed RFC 1179 port reserving behavior in LPD backend (Issue #743)
- Fixed a bug in the PPD command interpretation code (Issue #768)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Diffstat (limited to 'meta/recipes-extended/cups/cups/CVE-2023-4504.patch')
| -rw-r--r-- | meta/recipes-extended/cups/cups/CVE-2023-4504.patch | 42 |
1 files changed, 0 insertions, 42 deletions
diff --git a/meta/recipes-extended/cups/cups/CVE-2023-4504.patch b/meta/recipes-extended/cups/cups/CVE-2023-4504.patch deleted file mode 100644 index e52e43a209..0000000000 --- a/meta/recipes-extended/cups/cups/CVE-2023-4504.patch +++ /dev/null @@ -1,42 +0,0 @@ -CVE: CVE-2023-4504 -Upstream-Status: Backport [https://github.com/OpenPrinting/cups/commit/2431caddb7e6a87f04ac90b5c6366ad268b6ff31 ] -Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> - -From 2431caddb7e6a87f04ac90b5c6366ad268b6ff31 Mon Sep 17 00:00:00 2001 -From: Zdenek Dohnal <zdohnal@redhat.com> -Date: Wed, 20 Sep 2023 14:45:17 +0200 -Subject: [PATCH] raster-interpret.c: Fix CVE-2023-4504 - -We didn't check for end of buffer if it looks there is an escaped -character - check for NULL terminator there and if found, return NULL -as return value and in `ptr`, because a lone backslash is not -a valid PostScript character. ---- - cups/raster-interpret.c | 14 +++++++++++++- - 1 files changed, 13 insertions(+), 1 deletion(-) - -diff --git a/cups/raster-interpret.c b/cups/raster-interpret.c -index 6fcf731b5..b8655c8c6 100644 ---- a/cups/raster-interpret.c -+++ b/cups/raster-interpret.c -@@ -1116,7 +1116,19 @@ scan_ps(_cups_ps_stack_t *st, /* I - Stack */ - - cur ++; - -- if (*cur == 'b') -+ /* -+ * Return NULL if we reached NULL terminator, a lone backslash -+ * is not a valid character in PostScript. -+ */ -+ -+ if (!*cur) -+ { -+ *ptr = NULL; -+ -+ return (NULL); -+ } -+ -+ if (*cur == 'b') - *valptr++ = '\b'; - else if (*cur == 'f') - *valptr++ = '\f'; |