rpms/cups
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed string manipulation in the dbus notifier (bug #741833).

Browse Source
This commit is contained in:
Tim Waugh 2011-09-28 10:38:42 +01:00
parent aefd94790a
commit e5e9e3ba43
2 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
cups-str3947.patch Normal file
View File

@ -0,0 +1,26 @@
diff -up cups-1.4.8/notifier/dbus.c.str3947 cups-1.4.8/notifier/dbus.c
--- cups-1.4.8/notifier/dbus.c.str3947 2011-03-04 19:28:38.000000000 +0000
+++ cups-1.4.8/notifier/dbus.c 2011-09-28 10:37:30.443753266 +0100
@@ -4,7 +4,7 @@
* D-Bus notifier for the Common UNIX Printing System (CUPS).
*
* Copyright 2008 by Apple Inc.
- * Copyright (C) 2007 Red Hat, Inc.
+ * Copyright (C) 2011 Red Hat, Inc.
* Copyright (C) 2007 Tim Waugh <twaugh@redhat.com>
* Copyright 1997-2005 by Easy Software Products.
*
@@ -423,10 +423,11 @@ main(int argc, /* I - Number of comm
p = printer_reasons;
for (i = 0; i < attr->num_values; i++)
{
- strcpy(p, attr->values[i].string.text);
- p += strlen(p);
if (i)
*p++ = ',';
+
+ strcpy(p, attr->values[i].string.text);
+ p += strlen(p);
}
dbus_message_iter_append_string(&iter, &printer_reasons);
}

8
cups.spec
View File

@ -8,7 +8,7 @@
Summary: Common Unix Printing System
Name: cups
Version: 1.4.8
Release: 4%{?dist}
Release: 5%{?dist}
License: GPLv2
Group: System Environment/Daemons
Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2
@ -67,6 +67,7 @@ Patch32: cups-ricoh-deviceid-oid.patch
Patch33: cups-texttops-rotate-page.patch
Patch34: cups-polld-busy-loop.patch
Patch35: cups-CVE-2011-2896.patch
Patch36: cups-str3947.patch
Patch100: cups-lspp.patch
@ -269,6 +270,8 @@ module.
%patch34 -p1 -b .polld-busy-loop
# Avoid GIF reader loop (CVE-2011-2896, STR #3914, bug #727800).
%patch35 -p1 -b .CVE-2011-2896
# Fixed string manipulation in the dbus notifier (STR #3947, bug #741833).
%patch36 -p1 -b .str3947
%if %lspp
# LSPP support.
@ -577,6 +580,9 @@ rm -rf $RPM_BUILD_ROOT
%{php_extdir}/phpcups.so
%changelog
* Wed Sep 28 2011 Tim Waugh <twaugh@redhat.com> 1:1.4.8-5
- Fixed string manipulation in the dbus notifier (STR #3947, bug #741833).
* Wed Sep 14 2011 Tim Waugh <twaugh@redhat.com> 1:1.4.8-4
- Prevent libcups crash in cups-get-classes patch (bug #736698).