增加新的patch Signed-off-by:zhengzhihao3@huawei.com

Signed-off-by: zhengzhihao <zhengzhihao3@huawei.com>

README.OpenSource

@@ -3,9 +3,9 @@
         "Name"                  : "cups",
         "License"               : "Apache 2.0 License",
         "License File"          : "LICENSE",
-        "Version Number"        : "2.4.0-4.oe2203sp1",
-        "Owner"                 : "dongzhengkuan@huawei.com",
-        "Upstream URL"          : "https://repo.openeuler.org/openEuler-22.03-LTS-SP1/source/Packages/cups-2.4.0-4.oe2203sp1.src.rpm",
+        "Version Number"        : "2.4.0-10.oe2203sp3",
+        "Owner"                 : "caizihua1@huawei.com",
+        "Upstream URL"          : "https://repo.openeuler.org/openEuler-22.03-LTS-SP3/source/Packages/cups-2.4.0-10.oe2203sp3.src.rpm",
         "Description"           : "OpenPrinting CUPS is the most current version of CUPS, a standards-based, open source printing system for Linux® and other Unix®-like operating systems"
     }
 ]

backport-CVE-2023-4504.patch

@@ -1,8 +1,25 @@
+From 2431caddb7e6a87f04ac90b5c6366ad268b6ff31 Mon Sep 17 00:00:00 2001
+From: Zdenek Dohnal <zdohnal@redhat.com>
+Date: Wed, 20 Sep 2023 14:45:17 +0200
+Subject: [PATCH] raster-interpret.c: Fix CVE-2023-4504
+
+We didn't check for end of buffer if it looks there is an escaped
+character - check for NULL terminator there and if found, return NULL
+as return value and in `ptr`, because a lone backslash is not
+a valid PostScript character.
+
+Reference:https://github.com/OpenPrinting/cups/commit/2431caddb7e6a87f04ac90b5c6366ad268b6ff31
+Conflict:Patch context adaptation
+
+---
+ cups/raster-interpret.c | 14 +++++++++++++-
+ 1 files changed, 14 insertions(+)
+
 diff --git a/cups/raster-interpret.c b/cups/raster-interpret.c
-index fbe52f37..c24388d2 100644
+index 6fcf731b5..b8655c8c6 100644
 --- a/cups/raster-interpret.c
 +++ b/cups/raster-interpret.c
-@@ -1113,7 +1113,19 @@ scan_ps(_cups_ps_stack_t *st,		/* I  - Stack */
+@@ -1116,7 +1116,19 @@ scan_ps(_cups_ps_stack_t *st,		/* I  - Stack */
  
  	    cur ++;
  
@@ -23,3 +40,5 @@ index fbe52f37..c24388d2 100644
  	      *valptr++ = '\b';
  	    else if (*cur == 'f')
  	      *valptr++ = '\f';
+
+

cups.spec

@@ -16,9 +16,9 @@
 Name:    cups
 Epoch:   1
 Version: 2.4.0
-Release: 8
+Release: 10
 Summary: CUPS is the standards-based, open source printing system for linux operating systems.
-License: GPLv2+ and LGPLv2+ with exceptions and AML
+License: Apache-2.0 WITH LLVM-exception
 Url:     https://openprinting.github.io/cups/
 # Apple stopped uploading the new versions into github, use OpenPrinting fork
 Source0: https://github.com/OpenPrinting/cups/releases/download/v%{version}/cups-%{version}-source.tar.gz
@@ -43,6 +43,7 @@ Patch6002: backport-Also-fix-cupsfilter.patch
 Patch6003: backport-CVE-2023-32324.patch
 Patch6004: fix-httpAddrGetList-test-case-fail.patch
 Patch6005: backport-CVE-2023-34241.patch
+Patch6006: backport-CVE-2023-4504.patch
 
 BuildRequires: pam-devel pkgconf-pkg-config pkgconfig(gnutls) libacl-devel openldap-devel pkgconfig(libusb-1.0)
 BuildRequires: krb5-devel pkgconfig(avahi-client) systemd pkgconfig(libsystemd) pkgconfig(dbus-1) python3-cups
@@ -464,6 +465,12 @@ rm -f %{_exec_prefix}/lib/cups/backend/smb
 %doc %{_datadir}/%{name}/www/apple-touch-icon.png
 
 %changelog
+* Fri Sep 22 2023 zhouwenpei <zhouwenpei1@h-partners.com> - 1:2.4.0-10
+- fix CVE-2023-4504
+
+* Wed Jul 19 2023 haomimi <haomimi@uniontech.com> - 1:2.4.0-9
+- DESC:The license is changed to apache 2.0
+
 * Mon Jun 26 2023 zhouwenpei <zhouwenpei@h-partners.com> - 1:2.4.0-8
 - fix CVE-2023-34241