1 files changed, 0 insertions, 54 deletions

diff --git a/meta/recipes-extended/cups/cups/cups-CVE-2011-3170.patch b/meta/recipes-extended/cups/cups/cups-CVE-2011-3170.patch
deleted file mode 100644
index fd1b95847c..0000000000
--- a/meta/recipes-extended/cups/cups/cups-CVE-2011-3170.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-cups CVE-2011-3170
-
-the patch come from:
-http://cups.org/strfiles/3914/str3914.patch
-
-The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and
-earlier does not properly handle the first code word in an LZW stream,
-which allows remote attackers to trigger a heap-based buffer overflow,
-and possibly execute arbitrary code, via a crafted stream, a different
-vulnerability than CVE-2011-2896.
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3170
-
-Integrated-by: Li Wang <li.wang@windriver.com>
----
- filter/image-gif.c |   14 +++++++++-----
- 1 files changed, 9 insertions(+), 5 deletions(-)
-
-diff --git a/filter/image-gif.c b/filter/image-gif.c
-index 9542704..3857c21 100644
---- a/filter/image-gif.c
-+++ b/filter/image-gif.c
-@@ -654,11 +654,13 @@ gif_read_lzw(FILE *fp,			/* I - File to read from */
- 
-     if (code >= max_code)
-     {
--      *sp++ = firstcode;
--      code  = oldcode;
-+      if (sp < (stack + 8192))
-+	*sp++ = firstcode;
-+
-+      code = oldcode;
-     }
- 
--    while (code >= clear_code)
-+    while (code >= clear_code && sp < (stack + 8192))
-     {
-       *sp++ = table[1][code];
-       if (code == table[0][code])
-@@ -667,8 +669,10 @@ gif_read_lzw(FILE *fp,			/* I - File to read from */
-       code = table[0][code];
-     }
- 
--    *sp++ = firstcode = table[1][code];
--    code  = max_code;
-+    if (sp < (stack + 8192))
-+      *sp++ = firstcode = table[1][code];
-+
-+    code = max_code;
- 
-     if (code < 4096)
-     {
--- 
-1.7.0.5
-