Merge branch 'f15' into f16

foomatic-filters-CVE-2011-2924.patch

@@ -1,6 +1,26 @@
+diff -up foomatic-filters-4.0.8/foomaticrip.c.CVE-2011-2924 foomatic-filters-4.0.8/foomaticrip.c
+--- foomatic-filters-4.0.8/foomaticrip.c.CVE-2011-2924	2011-08-18 16:27:57.277636643 +0100
++++ foomatic-filters-4.0.8/foomaticrip.c	2011-08-18 16:33:37.680136675 +0100
+@@ -1188,9 +1188,13 @@ int main(int argc, char** argv)
+     if (arglist_remove_flag(arglist, "--debug"))
+         debug = 1;
+ 
+-    if (debug)
+-        logh = fopen(LOG_FILE ".log", "w"); /* insecure, use for debugging only */
+-    else if (quiet && !verbose)
++    if (debug) {
++	int fd = mkstemp (LOG_FILE "-XXXXXX.log");
++	if (fd != -1)
++	    logh = fdopen(fd, "w");
++	else
++	    logh = stderr;
++    } else if (quiet && !verbose)
+         logh = NULL; /* Quiet mode, do not log */
+     else
+         logh = stderr; /* Default: log to stderr */
 diff -up foomatic-filters-4.0.8/renderer.c.CVE-2011-2924 foomatic-filters-4.0.8/renderer.c
 --- foomatic-filters-4.0.8/renderer.c.CVE-2011-2924	2011-07-25 10:50:57.000000000 +0100
-+++ foomatic-filters-4.0.8/renderer.c	2011-08-18 12:12:36.758458765 +0100
++++ foomatic-filters-4.0.8/renderer.c	2011-08-18 14:36:14.120153309 +0100
 @@ -434,7 +434,7 @@ int exec_kid3(FILE *in, FILE *out, void 
          }
  

foomatic.spec

@@ -4,7 +4,7 @@
 Summary: Tools for using the foomatic database of printers and printer drivers
 Name:       foomatic
 Version:    %{enginever}
-Release:    3%{?dist}
+Release:    4%{?dist}
 License:    GPLv2+
 Group: System Environment/Libraries
 
@@ -185,6 +185,9 @@ rm -fr %buildroot $RPM_BUILD_DIR/%{name}
 %{_mandir}/man1/foomatic-rip.1*
 
 %changelog
+* Tue Aug 18 2011 Tim Waugh <twaugh@redhat.com> - 4.0.8-4
+- Another fix for CVE-2011-2924 (bug #726426).
+
 * Tue Aug 18 2011 Tim Waugh <twaugh@redhat.com> - 4.0.8-3
 - Use mktemp when creating debug log file in foomatic-rip
   (CVE-2011-2924, bug #726426).