diff --git a/cups-dbus_crash.patch b/cups-dbus_crash.patch new file mode 100644 index 0000000..42d8b22 --- /dev/null +++ b/cups-dbus_crash.patch @@ -0,0 +1,28 @@ +diff --git a/scheduler/ipp.c b/scheduler/ipp.c +index 02dc392..9aa8b80 100644 +--- a/scheduler/ipp.c ++++ b/scheduler/ipp.c +@@ -1636,6 +1636,14 @@ add_job(cupsd_client_t *con, /* I - Client connection */ + return (NULL); + } + ++ if (attr && !ippValidateAttribute(attr)) ++ { ++ send_ipp_status(con, IPP_ATTRIBUTES, _("Bad requesting-user-name value: %s"), cupsLastErrorString()); ++ if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL) ++ attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP; ++ return (NULL); ++ } ++ + #ifdef WITH_LSPP + if (is_lspp_config()) + { +@@ -1736,6 +1744,8 @@ add_job(cupsd_client_t *con, /* I - Client connection */ + } + #endif /* WITH_LSPP */ + ++ ++ + if ((job = cupsdAddJob(priority, printer->name)) == NULL) + { + send_ipp_status(con, IPP_INTERNAL_ERROR, diff --git a/cups-delete_invalid_attrs.patch b/cups-delete_invalid_attrs.patch deleted file mode 100644 index 574537e..0000000 --- a/cups-delete_invalid_attrs.patch +++ /dev/null @@ -1,54 +0,0 @@ -diff --git a/scheduler/ipp.c b/scheduler/ipp.c -index 02dc392..0fc2d07 100644 ---- a/scheduler/ipp.c -+++ b/scheduler/ipp.c -@@ -1615,15 +1615,30 @@ - _("Bad job-name value: Wrong type or count.")); - if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL) - attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP; -+ -+ if (StrictConformance) - return (NULL); -+ -+ /* Don't use invalid attribute */ -+ ippDeleteAttribute(con->request, attr); -+ -+ ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "job-name", NULL, "Untitled"); - } - else if (!ippValidateAttribute(attr)) - { - send_ipp_status(con, IPP_ATTRIBUTES, _("Bad job-name value: %s"), - cupsLastErrorString()); -+ - if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL) - attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP; -+ -+ if (StrictConformance) - return (NULL); -+ -+ /* Don't use invalid attribute */ -+ ippDeleteAttribute(con->request, attr); -+ -+ ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "job-name", NULL, "Untitled"); - } - - attr = ippFindAttribute(con->request, "requesting-user-name", IPP_TAG_NAME); -@@ -1631,9 +1646,17 @@ add_job(cupsd_client_t *con, /* I - Client connection */ - if (attr && !ippValidateAttribute(attr)) - { - send_ipp_status(con, IPP_ATTRIBUTES, _("Bad requesting-user-name value: %s"), cupsLastErrorString()); -+ - if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL) - attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP; -- return (NULL); -+ -+ if (StrictConformance) -+ return (NULL); -+ -+ /* Don't use invalid attribute */ -+ ippDeleteAttribute(con->request, attr); -+ -+ attr = ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "reqeusting-user-name", NULL, "anonymous"); - } - - #ifdef WITH_LSPP diff --git a/cups.spec b/cups.spec index 888a61f..6c2fcae 100644 --- a/cups.spec +++ b/cups.spec @@ -15,7 +15,7 @@ Summary: CUPS printing system Name: cups Epoch: 1 Version: 2.2.6 -Release: 12%{?dist} +Release: 13%{?dist} License: GPLv2 Url: http://www.cups.org/ Source0: https://github.com/apple/cups/releases/download/v%{VERSION}/cups-%{VERSION}-source.tar.gz @@ -62,7 +62,7 @@ Patch36: cups-web-devices-timeout.patch Patch37: cups-synconclose.patch Patch38: cups-ypbind.patch Patch39: cups-moved-logs.patch -Patch40: cups-delete_invalid_attrs.patch +Patch40: cups-dbus_crash.patch Patch100: cups-lspp.patch @@ -190,7 +190,6 @@ Sends IPP requests to the specified URI and tests and/or displays the results. %prep %setup -q -n cups-%{VERSION} - # Don't gzip man pages in the Makefile, let rpmbuild do it. %patch1 -p1 -b .no-gzip-man # Use the system pam configuration. @@ -660,6 +659,9 @@ rm -f %{cups_serverbin}/backend/smb %{_mandir}/man5/ipptoolfile.5.gz %changelog +* Thu Mar 29 2018 Pavel Zhukov - 1:2.2.6-13 +- Use dbus fix instead of general attr delete (upstream) + * Wed Mar 28 2018 Pavel Zhukov - 1:2.2.6-12 - Fix for CVE-2017-18248