pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2023Q1] pkgsrc/print/cups-base



Module Name:    pkgsrc
Committed By:   spz
Date:           Thu Jun  8 19:02:48 UTC 2023

Modified Files:
        pkgsrc/print/cups-base [pkgsrc-2023Q1]: Makefile distinfo
Added Files:
        pkgsrc/print/cups-base/patches [pkgsrc-2023Q1]: patch-cups_string.c

Log Message:
Pullup ticket #6761 - requested by bsiegert
print/cups-base: security fix

Revisions pulled up:
- print/cups-base/Makefile                                      1.57
- print/cups-base/distinfo                                      1.33
- print/cups-base/patches/patch-cups_string.c                   1.1

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Thu Jun  1 11:39:33 UTC 2023

   Modified Files:
           pkgsrc/print/cups-base: Makefile distinfo
   Added Files:
           pkgsrc/print/cups-base/patches: patch-cups_string.c

   Log Message:
   cups-base: fix security problem.

   Bump PKGREVISION.

   To generate a diff of this commit:
   cvs rdiff -u -r1.56 -r1.57 pkgsrc/print/cups-base/Makefile
   cvs rdiff -u -r1.32 -r1.33 pkgsrc/print/cups-base/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/print/cups-base/patches/patch-cups_string.c


To generate a diff of this commit:
cvs rdiff -u -r1.54 -r1.54.2.1 pkgsrc/print/cups-base/Makefile
cvs rdiff -u -r1.32 -r1.32.6.1 pkgsrc/print/cups-base/distinfo
cvs rdiff -u -r0 -r1.1.2.2 pkgsrc/print/cups-base/patches/patch-cups_string.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/print/cups-base/Makefile
diff -u pkgsrc/print/cups-base/Makefile:1.54 pkgsrc/print/cups-base/Makefile:1.54.2.1
--- pkgsrc/print/cups-base/Makefile:1.54        Tue Jan  3 17:36:30 2023
+++ pkgsrc/print/cups-base/Makefile     Thu Jun  8 19:02:47 2023
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.54 2023/01/03 17:36:30 wiz Exp $
+# $NetBSD: Makefile,v 1.54.2.1 2023/06/08 19:02:47 spz Exp $
 
 .include "../../print/cups/Makefile.common"
 
 PKGNAME=       cups-base-${CUPS_VERS}
-PKGREVISION=   6
+PKGREVISION=   7
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=OpenPrinting/}
 
 MAINTAINER=    sbd%NetBSD.org@localhost

Index: pkgsrc/print/cups-base/distinfo
diff -u pkgsrc/print/cups-base/distinfo:1.32 pkgsrc/print/cups-base/distinfo:1.32.6.1
--- pkgsrc/print/cups-base/distinfo:1.32        Sun Jul  3 10:26:55 2022
+++ pkgsrc/print/cups-base/distinfo     Thu Jun  8 19:02:47 2023
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.32 2022/07/03 10:26:55 wiz Exp $
+$NetBSD: distinfo,v 1.32.6.1 2023/06/08 19:02:47 spz Exp $
 
 BLAKE2s (cups-2.4.2-source.tar.gz) = e9da26d5d208e4620074abc6e394cd66777a853e6e4c57e04cfd3645d85a2177
 SHA512 (cups-2.4.2-source.tar.gz) = 07474643bffe11c79b3226b70d28f1bb803dc19daa10711938cea303feacdcce3945ba8ff0334d94fdd5922ea7d6bf37a28c1ea62cce8ce946c2f90a0faf002f
@@ -13,6 +13,7 @@ SHA1 (patch-config-scripts_cups-director
 SHA1 (patch-config-scripts_cups-gssapi.m4) = 8ccde86c99ad5ce96c38ec0c2f76a99dc7f29331
 SHA1 (patch-cups-tls.c) = b02bc528b6d551283373f271529d6f1956e1c7df
 SHA1 (patch-cups_http-addrlist.c) = b8558e6c9a646299e16d7d47ab43bc79f1a0baa0
+SHA1 (patch-cups_string.c) = 2c8d7f488785c731e0c0d95caf85a6737691bf8a
 SHA1 (patch-cups_thread.c) = 453f8bd9e13b7b824cc7add75ea9ef49b8e0c991
 SHA1 (patch-doc-help-man-cups-files.conf.html) = c26754104788eb619e69e49d6d51bf84ab047876
 SHA1 (patch-man-cups-files.conf.man.in) = 51c06d39e20bf8c39c784fec1f32f6c8100cf821

Added files:

Index: pkgsrc/print/cups-base/patches/patch-cups_string.c
diff -u /dev/null pkgsrc/print/cups-base/patches/patch-cups_string.c:1.1.2.2
--- /dev/null   Thu Jun  8 19:02:48 2023
+++ pkgsrc/print/cups-base/patches/patch-cups_string.c  Thu Jun  8 19:02:48 2023
@@ -0,0 +1,16 @@
+$NetBSD: patch-cups_string.c,v 1.1.2.2 2023/06/08 19:02:48 spz Exp $
+
+Fix denial-of-service using patch from Michael R Sweet.
+https://www.openwall.com/lists/oss-security/2023/06/01/1
+
+--- cups/string.c.orig 2022-05-26 06:17:21.000000000 +0000
++++ cups/string.c
+@@ -729,6 +729,8 @@ _cups_strlcpy(char       *dst,             /* O - D
+ {
+   size_t      srclen;                 /* Length of source string */
+ 
++  if (size == 0)                                                                                                                                                                                      
                                                                      
++    return (0);                                                                                                                                                                                       
                                                                      
+ 
+  /*
+   * Figure out how much room is needed...



Home | Main Index | Thread Index | Old Index