[packages/cups] - up to 2.3.6 (fixes CVE-2020-10001 CVE-2022-26691)
baggins
baggins at pld-linux.org
Sun May 19 14:04:29 CEST 2024
commit ba9f57fdffeba7a7028a1ef9cf21202a1614e753
Author: Jan Rękorajski <baggins at pld-linux.org>
Date: Sun May 19 14:03:14 2024 +0200
- up to 2.3.6 (fixes CVE-2020-10001 CVE-2022-26691)
cups-backroot-readable.patch | 11 -----------
cups-hp-deviceid-oid.patch | 21 ---------------------
cups-ricoh-deviceid-oid.patch | 21 ---------------------
cups.spec | 16 ++++++----------
4 files changed, 6 insertions(+), 63 deletions(-)
---
diff --git a/cups.spec b/cups.spec
index eefd92f..7ebfd21 100644
--- a/cups.spec
+++ b/cups.spec
@@ -12,13 +12,13 @@
Summary(pl.UTF-8): Ogólny system druku dla Uniksa
Summary(pt_BR.UTF-8): Sistema Unix de Impressão
Name: cups
-Version: 2.3.3
-Release: 4
+Version: 2.3.6
+Release: 1
Epoch: 1
License: LGPL v2 (libraries), GPL v2 (the rest)
Group: Applications/Printing
-Source0: https://github.com/apple/cups/releases/download/v%{version}/%{name}-%{version}-source.tar.gz
-# Source0-md5: 412434ceefbdf3ec71bc9188a035f589
+Source0: https://github.com/apple/cups/archive/v%{version}/%{name}-%{version}.tar.gz
+# Source0-md5: 1bfba624d19092b20db4807323417efe
Source1: %{name}.init
Source2: %{name}.pamd
Source3: %{name}.logrotate
@@ -38,7 +38,6 @@ Patch10: %{name}-peercred.patch
Patch11: %{name}-usb.patch
Patch12: %{name}-desktop.patch
Patch13: %{name}-systemd-socket.patch
-Patch14: %{name}-backroot-readable.patch
Patch15: reactivate_recommended_driver.patch
Patch16: read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch
Patch18: %{name}-final-content-type.patch
@@ -52,9 +51,7 @@ Patch105: cups-driverd-timeout.patch
Patch106: cups-logrotate.patch
Patch107: cups-res_init.patch
Patch108: cups-filter-debug.patch
-Patch109: cups-hp-deviceid-oid.patch
Patch110: cups-dnssd-deviceid.patch
-Patch111: cups-ricoh-deviceid-oid.patch
Patch113: cups-dymo-deviceid.patch
Patch114: cups-freebind.patch
@@ -284,7 +281,6 @@ bibliotecas do CUPS.
#%patch11 -p1
%patch12 -p1
%patch13 -p1
-%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch18 -p1
@@ -301,9 +297,7 @@ bibliotecas do CUPS.
%patch106 -p1
%patch107 -p1
%patch108 -p1
-%patch109 -p1
%patch110 -p1
-%patch111 -p1
%patch113 -p1
%patch114 -p1
@@ -467,11 +461,13 @@ fi
%endif
%attr(600,root,lp) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/classes.conf
%attr(640,root,lp) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/cups-files.conf
+%attr(640,root,lp) %{_sysconfdir}/%{name}/cups-files.conf.default
%attr(640,root,lp) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/cupsd.conf
%attr(640,root,lp) %{_sysconfdir}/%{name}/cupsd.conf.default
%attr(600,root,lp) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/printers.conf
%attr(600,root,lp) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/mailto.conf
%attr(600,root,lp) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/snmp.conf
+%attr(640,root,lp) %{_sysconfdir}/%{name}/snmp.conf.default
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/blacklist.cups
%dir %attr(700,root,lp) %{_sysconfdir}/%{name}/ssl
%dir %attr(755,root,lp) %{_sysconfdir}/%{name}/ppd
diff --git a/cups-backroot-readable.patch b/cups-backroot-readable.patch
deleted file mode 100644
index 5e3cb14..0000000
--- a/cups-backroot-readable.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- cups-2.3.1/scheduler/job.c.orig 2020-04-13 22:03:43.447639630 +0200
-+++ cups-2.3.1/scheduler/job.c 2020-04-14 06:17:15.043886518 +0200
-@@ -1340,7 +1340,7 @@
- else if (stat(command, &backinfo))
- backroot = 0;
- else
-- backroot = !(backinfo.st_mode & (S_IWGRP | S_IRWXO));
-+ backroot = !(backinfo.st_mode & (S_IWGRP | S_IWOTH | S_IXOTH));
-
- argv[0] = job->printer->sanitized_device_uri;
-
diff --git a/cups-hp-deviceid-oid.patch b/cups-hp-deviceid-oid.patch
deleted file mode 100644
index da5136a..0000000
--- a/cups-hp-deviceid-oid.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-diff -up cups-1.5b1/backend/snmp.c.hp-deviceid-oid cups-1.5b1/backend/snmp.c
---- cups-1.5b1/backend/snmp.c.hp-deviceid-oid 2011-05-20 05:49:49.000000000 +0200
-+++ cups-1.5b1/backend/snmp.c 2011-05-24 17:24:48.000000000 +0200
-@@ -187,6 +187,7 @@ static const int UriOID[] = { CUPS_OID_p
- static const int LexmarkProductOID[] = { 1,3,6,1,4,1,641,2,1,2,1,2,1,-1 };
- static const int LexmarkProductOID2[] = { 1,3,6,1,4,1,674,10898,100,2,1,2,1,2,1,-1 };
- static const int LexmarkDeviceIdOID[] = { 1,3,6,1,4,1,641,2,1,2,1,3,1,-1 };
-+static const int HPDeviceIdOID[] = { 1,3,6,1,4,1,11,2,3,9,1,1,7,0,-1 };
- static const int XeroxProductOID[] = { 1,3,6,1,4,1,128,2,1,3,1,2,0,-1 };
- static cups_array_t *DeviceURIs = NULL;
- static int HostNameLookups = 0;
-@@ -1006,6 +1007,9 @@ read_snmp_response(int fd) /* I - SNMP
- _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1,
- packet.community, CUPS_ASN1_GET_REQUEST,
- DEVICE_PRODUCT, XeroxProductOID);
-+ _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1,
-+ packet.community, CUPS_ASN1_GET_REQUEST,
-+ DEVICE_ID, HPDeviceIdOID);
- break;
-
- case DEVICE_DESCRIPTION :
diff --git a/cups-ricoh-deviceid-oid.patch b/cups-ricoh-deviceid-oid.patch
deleted file mode 100644
index c148f95..0000000
--- a/cups-ricoh-deviceid-oid.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-diff -up cups-1.5b1/backend/snmp.c.ricoh-deviceid-oid cups-1.5b1/backend/snmp.c
---- cups-1.5b1/backend/snmp.c.ricoh-deviceid-oid 2011-05-24 17:29:48.000000000 +0200
-+++ cups-1.5b1/backend/snmp.c 2011-05-24 17:29:48.000000000 +0200
-@@ -188,6 +188,7 @@ static const int LexmarkProductOID[] = {
- static const int LexmarkProductOID2[] = { 1,3,6,1,4,1,674,10898,100,2,1,2,1,2,1,-1 };
- static const int LexmarkDeviceIdOID[] = { 1,3,6,1,4,1,641,2,1,2,1,3,1,-1 };
- static const int HPDeviceIdOID[] = { 1,3,6,1,4,1,11,2,3,9,1,1,7,0,-1 };
-+static const int RicohDeviceIdOID[] = { 1,3,6,1,4,1,367,3,2,1,1,1,11,0,-1 };
- static const int XeroxProductOID[] = { 1,3,6,1,4,1,128,2,1,3,1,2,0,-1 };
- static cups_array_t *DeviceURIs = NULL;
- static int HostNameLookups = 0;
-@@ -1005,6 +1006,9 @@ read_snmp_response(int fd) /* I - SNMP
- packet.community, CUPS_ASN1_GET_REQUEST,
- DEVICE_ID, LexmarkDeviceIdOID);
- _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1,
-+ packet.community, CUPS_ASN1_GET_REQUEST,
-+ DEVICE_ID, RicohDeviceIdOID);
-+ _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1,
- packet.community, CUPS_ASN1_GET_REQUEST,
- DEVICE_PRODUCT, XeroxProductOID);
- _cupsSNMPWrite(fd, &(packet.address), CUPS_SNMP_VERSION_1,
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/cups.git/commitdiff/ba9f57fdffeba7a7028a1ef9cf21202a1614e753
More information about the pld-cvs-commit
mailing list