- 1.3.7. No longer need str2715, str2727, or CVE-2008-0047 patches.

2008-04-02 11:33:34 +00:00 · 2008-04-02 11:33:34 +00:00 · d7cf31ad81
commit d7cf31ad81
parent a5bf04c3a5
4 changed files with 5 additions and 88 deletions
--- a/cups-CVE-2008-0047.patch
+++ b/cups-CVE-2008-0047.patch
@ -1,14 +0,0 @@
-diff -up cups-1.3.6/cgi-bin/search.c.CVE-2008-0047 cups-1.3.6/cgi-bin/search.c
--- cups-1.3.6/cgi-bin/search.c.CVE-2008-0047	2008-01-16 22:20:33.000000000 +0000
-+++ cups-1.3.6/cgi-bin/search.c	2008-04-01 16:41:30.000000000 +0100
-@@ -167,7 +167,9 @@ cgiCompileSearch(const char *query)	/* I
-       * string + RE overhead...
-       */
- 
-      wlen = (sptr - s) + 4 * wlen + 2 * strlen(prefix) + 4;
-+      wlen = (sptr - s) + 2 * 4 * wlen + 2 * strlen(prefix) + 11;
-+      if (lword)
-+        wlen += strlen(lword);
- 
-       if (wlen > slen)
-       {
--- a/cups-str2715.patch
+++ b/cups-str2715.patch
@ -1,12 +0,0 @@
-diff -up cups-1.3.6/cups/encode.c.str2715 cups-1.3.6/cups/encode.c
--- cups-1.3.6/cups/encode.c.str2715	2008-01-28 23:10:10.000000000 +0000
-+++ cups-1.3.6/cups/encode.c	2008-02-23 12:16:50.000000000 +0000
-@@ -67,6 +67,8 @@ static const _ipp_option_t ipp_options[]
-   { 0, "job-page-limit",	IPP_TAG_INTEGER,	IPP_TAG_JOB },
-   { 0, "job-priority",		IPP_TAG_INTEGER,	IPP_TAG_JOB },
-   { 0, "job-quota-period",	IPP_TAG_INTEGER,	IPP_TAG_JOB },
-+  { 1, "job-sheets",		IPP_TAG_NAME,		IPP_TAG_JOB },
-+  { 1, "job-sheets-default",	IPP_TAG_NAME,		IPP_TAG_PRINTER },
-   { 0, "job-uuid",		IPP_TAG_URI,		IPP_TAG_JOB },
-   { 0, "landscape",		IPP_TAG_BOOLEAN,	IPP_TAG_JOB },
-   { 1, "media",			IPP_TAG_KEYWORD,	IPP_TAG_JOB },
--- a/cups-str2727.patch
+++ b/cups-str2727.patch
@ -1,54 +0,0 @@
-diff -up cups-1.3.6/filter/image-jpeg.c.str2727 cups-1.3.6/filter/image-jpeg.c
--- cups-1.3.6/filter/image-jpeg.c.str2727	2007-07-11 22:46:42.000000000 +0100
-+++ cups-1.3.6/filter/image-jpeg.c	2008-02-28 22:28:45.000000000 +0000
-@@ -47,8 +47,8 @@ _cupsImageReadJPEG(
-   struct jpeg_error_mgr	jerr;		/* Error handler info */
-   cups_ib_t		*in,		/* Input pixels */
- 			*out;		/* Output pixels */
-  char			header[16];	/* Photoshop JPEG header */
-  int			psjpeg;		/* Non-zero if Photoshop JPEG */
-+  jpeg_saved_marker_ptr	marker;		/* Pointer to marker data */
-+  int			psjpeg = 0;	/* Non-zero if Photoshop CMYK JPEG */
-   static const char	*cspaces[] =
- 			{		/* JPEG colorspaces... */
- 			  "JCS_UNKNOWN",
-@@ -61,23 +61,30 @@ _cupsImageReadJPEG(
- 
- 
-  /*
-  * Read the first 16 bytes to determine if this is a Photoshop JPEG file...
-  */
-
-  fread(header, sizeof(header), 1, fp);
-  rewind(fp);
-
-  psjpeg = memcmp(header + 6, "Photoshop ", 10) == 0;
-
- /*
-   * Read the JPEG header...
-   */
- 
-   cinfo.err = jpeg_std_error(&jerr);
-   jpeg_create_decompress(&cinfo);
-+  jpeg_save_markers(&cinfo, JPEG_APP0 + 14, 0xffff); /* Adobe JPEG */
-   jpeg_stdio_src(&cinfo, fp);
-   jpeg_read_header(&cinfo, 1);
- 
-+ /*
-+  * Parse any Adobe APPE data embedded in the JPEG file.  Since Adobe doesn't
-+  * bother following standards, we have to invert the CMYK JPEG data written by
-+  * Adobe apps...
-+  */
-+
-+  for (marker = cinfo.marker_list; marker; marker = marker->next)
-+    if (marker->marker == (JPEG_APP0 + 14) && marker->data_length >= 12 &&
-+        !memcmp(marker->data, "Adobe", 5) && marker->data[11] == 2)
-+    {
-+      fputs("DEBUG: Adobe CMYK JPEG detected (inverting color values)\n",
-+	    stderr);
-+      psjpeg = 1;
-+    }
-+
-   cinfo.quantize_colors = 0;
- 
-   fprintf(stderr, "DEBUG: num_components = %d\n", cinfo.num_components);
--- a/cups.spec
+++ b/cups.spec
@ -6,8 +6,8 @@

 Summary: Common Unix Printing System
 Name: cups
-Version: 1.3.6
-Release: 9%{?svn:.svn%{svn}}%{?dist}
+Version: 1.3.7
+Release: 1%{?svn:.svn%{svn}}%{?dist}
 License: GPLv2
 Group: System Environment/Daemons
 Source: ftp://ftp.easysw.com/pub/cups/test//cups-%{version}%{?svn:svn-r%{svn}}-source.tar.bz2
@ -46,9 +46,6 @@ Patch21: cups-driverd-timeout.patch
 Patch22: cups-strict-ppd-line-length.patch
 Patch23: cups-logrotate.patch
 Patch25: cups-usb-paperout.patch
-Patch26: cups-str2715.patch
-Patch27: cups-str2727.patch
-Patch28: cups-CVE-2008-0047.patch
 Patch29: cups-CVE-2008-1373.patch
 Patch100: cups-lspp.patch
 Epoch: 1
@ -165,9 +162,6 @@ lpd emulation.
 %patch22 -p1 -b .strict-ppd-line-length
 %patch23 -p1 -b .logrotate
 %patch25 -p1 -b .usb-paperout
-%patch26 -p1 -b .str2715
-%patch27 -p1 -b .str2727
-%patch28 -p1 -b .CVE-2008-0047
 %patch29 -p1 -b .CVE-2008-1373

 %if %lspp
@ -445,6 +439,9 @@ rm -rf $RPM_BUILD_ROOT
 %{cups_serverbin}/daemon/cups-lpd

 %changelog
+* Wed Apr  2 2008 Tim Waugh <twaugh@redhat.com> 1:1.3.7-1
+- 1.3.7.  No longer need str2715, str2727, or CVE-2008-0047 patches.
+
 * Thu Apr  1 2008 Tim Waugh <twaugh@redhat.com> 1:1.3.6-9
 - Applied patch to fix CVE-2008-1373 (GIF overflow, bug #438303).
 - Applied patch to prevent heap-based buffer overflow in CUPS helper