mirror of
https://gitee.com/openharmony/third_party_cups
synced 2024-11-26 19:40:32 +00:00
!99 [sync] PR-95: fix CVE-2023-32324
From: @openeuler-sync-bot Reviewed-by: @t_feng Signed-off-by: @t_feng
This commit is contained in:
commit
e5c91747fa
37
backport-CVE-2023-32324.patch
Normal file
37
backport-CVE-2023-32324.patch
Normal file
@ -0,0 +1,37 @@
|
||||
From fd8bc2d32589d1fd91fe1c0521be2a7c0462109e Mon Sep 17 00:00:00 2001
|
||||
From: Zdenek Dohnal <zdohnal@redhat.com>
|
||||
Date: Thu, 1 Jun 2023 12:04:00 +0200
|
||||
Subject: [PATCH] cups/string.c: Return if `size` is 0 (fixes CVE-2023-32324)
|
||||
|
||||
Reference:https://github.com/OpenPrinting/cups/commit/fd8bc2d32589d1fd91fe1c0521be2a7c0462109e
|
||||
Conflict:NA
|
||||
|
||||
---
|
||||
cups/string.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/cups/string.c b/cups/string.c
|
||||
index 93cdad1..5def888 100644
|
||||
--- a/cups/string.c
|
||||
+++ b/cups/string.c
|
||||
@@ -1,6 +1,7 @@
|
||||
/*
|
||||
* String functions for CUPS.
|
||||
*
|
||||
+ * Copyright © 2023 by OpenPrinting.
|
||||
* Copyright © 2007-2019 by Apple Inc.
|
||||
* Copyright © 1997-2007 by Easy Software Products.
|
||||
*
|
||||
@@ -730,6 +731,9 @@ _cups_strlcpy(char *dst, /* O - Destination string */
|
||||
size_t srclen; /* Length of source string */
|
||||
|
||||
|
||||
+ if (size == 0)
|
||||
+ return (0);
|
||||
+
|
||||
/*
|
||||
* Figure out how much room is needed...
|
||||
*/
|
||||
--
|
||||
2.27.0
|
||||
|
@ -3,7 +3,7 @@
|
||||
Name: cups
|
||||
Epoch: 1
|
||||
Version: 2.4.0
|
||||
Release: 5
|
||||
Release: 6
|
||||
Summary: CUPS is the standards-based, open source printing system for linux operating systems.
|
||||
License: GPLv2+ and LGPLv2+ with exceptions and AML
|
||||
Url: https://openprinting.github.io/cups/
|
||||
@ -27,6 +27,7 @@ Patch10: cups-web-devices-timeout.patch
|
||||
Patch6000: backport-CVE-2022-26691.patch
|
||||
Patch6001: backport-Remove-legacy-code-for-RIP_MAX_CACHE-environment-variable.patch
|
||||
Patch6002: backport-Also-fix-cupsfilter.patch
|
||||
Patch6003: backport-CVE-2023-32324.patch
|
||||
|
||||
BuildRequires: pam-devel pkgconf-pkg-config pkgconfig(gnutls) libacl-devel openldap-devel pkgconfig(libusb-1.0)
|
||||
BuildRequires: krb5-devel pkgconfig(avahi-client) systemd pkgconfig(libsystemd) pkgconfig(dbus-1) python3-cups
|
||||
@ -448,6 +449,9 @@ rm -f %{_exec_prefix}/lib/cups/backend/smb
|
||||
%doc %{_datadir}/%{name}/www/apple-touch-icon.png
|
||||
|
||||
%changelog
|
||||
* Sat Jun 3 2023 zhouwenpei <zhouwenpei@h-partners.com> - 1:2.4.0-6
|
||||
- fix CVE-2023-32324
|
||||
|
||||
* Tue Feb 21 2023 zhouwenpei <zhouwenpei@h-partners.com> - 2.4.0-5
|
||||
- fix update conflict of devel and help
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user