pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/print/cups Security fix for CAN-2005-2097.
details: https://anonhg.NetBSD.org/pkgsrc/rev/31dc35434499
branches: trunk
changeset: 498047:31dc35434499
user: salo <salo%pkgsrc.org@localhost>
date: Wed Aug 10 23:37:08 2005 +0000
description:
Security fix for CAN-2005-2097.
"A vulnerability has been reported in CUPS, which can be exploited by malicious
people to cause a DoS (Denial of Service) on a vulnerable system.
When processing a PDF file, bounds checking was not correctly performed on
some fields. This could cause the pdftops filter (running as user "lp") to
crash."
http://secunia.com/advisories/16380/
http://rhn.redhat.com/errata/RHSA-2005-706.html
Patch from RedHat.
diffstat:
print/cups/Makefile | 4 ++--
print/cups/buildlink3.mk | 4 ++--
print/cups/distinfo | 3 ++-
print/cups/patches/patch-aw | 24 ++++++++++++++++++++++++
4 files changed, 30 insertions(+), 5 deletions(-)
diffs (78 lines):
diff -r 1a66e67c00b4 -r 31dc35434499 print/cups/Makefile
--- a/print/cups/Makefile Wed Aug 10 22:57:24 2005 +0000
+++ b/print/cups/Makefile Wed Aug 10 23:37:08 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.94 2005/06/01 20:08:01 jlam Exp $
+# $NetBSD: Makefile,v 1.95 2005/08/10 23:37:08 salo Exp $
#
# The CUPS author is very good about taking back changes into the main
# CUPS distribution. The correct place to send patches or bug-fixes is:
@@ -6,7 +6,7 @@
DISTNAME= cups-${DIST_VERS}-source
PKGNAME= cups-${VERS}
-PKGREVISION= 2
+PKGREVISION= 3
BASE_VERS= 1.1.23
DIST_VERS= ${BASE_VERS}
VERS= ${DIST_VERS:S/-/./g}
diff -r 1a66e67c00b4 -r 31dc35434499 print/cups/buildlink3.mk
--- a/print/cups/buildlink3.mk Wed Aug 10 22:57:24 2005 +0000
+++ b/print/cups/buildlink3.mk Wed Aug 10 23:37:08 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.12 2005/01/11 00:09:21 salo Exp $
+# $NetBSD: buildlink3.mk,v 1.13 2005/08/10 23:37:08 salo Exp $
BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+
CUPS_BUILDLINK3_MK:= ${CUPS_BUILDLINK3_MK}+
@@ -12,7 +12,7 @@
.if !empty(CUPS_BUILDLINK3_MK:M+)
BUILDLINK_DEPENDS.cups+= cups>=1.1.19nb3
-BUILDLINK_RECOMMENDED.cups+= cups>=1.1.23
+BUILDLINK_RECOMMENDED.cups+= cups>=1.1.23nb3
BUILDLINK_PKGSRCDIR.cups?= ../../print/cups
.endif # CUPS_BUILDLINK3_MK
diff -r 1a66e67c00b4 -r 31dc35434499 print/cups/distinfo
--- a/print/cups/distinfo Wed Aug 10 22:57:24 2005 +0000
+++ b/print/cups/distinfo Wed Aug 10 23:37:08 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.31 2005/03/02 18:33:02 drochner Exp $
+$NetBSD: distinfo,v 1.32 2005/08/10 23:37:08 salo Exp $
SHA1 (cups-1.1.23-source.tar.bz2) = 32d5bfb44c4edc1b54ccb014b5a44499295c6c5c
RMD160 (cups-1.1.23-source.tar.bz2) = 255ec4c22422b14f2367d69f3ec7e590dc46bea5
@@ -11,3 +11,4 @@
SHA1 (patch-at) = aa36ec591164675b889d2cf32e4d754e9b6db94f
SHA1 (patch-au) = ab43911c1b27b250a257c67d1d34066237e4da98
SHA1 (patch-av) = 33437f71e0b6443b172246f1962f9d2eebbd8f11
+SHA1 (patch-aw) = fbfe7c89952b5aadd48ee84b7d0502fa4e280870
diff -r 1a66e67c00b4 -r 31dc35434499 print/cups/patches/patch-aw
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/print/cups/patches/patch-aw Wed Aug 10 23:37:08 2005 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-aw,v 1.3 2005/08/10 23:37:08 salo Exp $
+
+Fix for CAN-2005-2097, from RedHat.
+
+--- pdftops/FontFile.cxx.orig 2004-02-02 23:41:09.000000000 +0100
++++ pdftops/FontFile.cxx 2005-08-10 22:30:54.000000000 +0200
+@@ -18,6 +18,7 @@
+ #include <stdarg.h>
+ #include <string.h>
+ #include <ctype.h>
++#include <error.h>
+ #include "gmem.h"
+ #include "GHash.h"
+ #include "Error.h"
+@@ -3572,6 +3573,9 @@
+ } else {
+ origLocaTable[i].pos = 2 * getUShort(pos + 2*i);
+ }
++
++ if (origLocaTable[i].pos < 0 || origLocaTable[i].pos > len)
++ error (1, 0, "bad loca table pos value");
+ }
+ qsort(origLocaTable, nGlyphs + 1, sizeof(TrueTypeLoca), &cmpTrueTypeLocaPos);
+ for (i = 0; i < nGlyphs; ++i) {
Home |
Main Index |
Thread Index |
Old Index