diff options
| author | Leo <thinkabit.ukim@gmail.com> | 2020-12-10 15:03:26 -0300 |
|---|---|---|
| committer | Leo <thinkabit.ukim@gmail.com> | 2020-12-10 15:04:14 -0300 |
| commit | e44a90b1e6c3308e5cbedaf5e3c8fb1b10882316 (patch) | |
| tree | d4f47c2f341adfa5c7eb2e1da24672a9a5529fe6 | |
| parent | ab6c8e84d1976b41f3648edf871090995620d1f1 (diff) | |
main/cups: fix CVE-2019-8842 and CVE-2020-3898
See: #11630
| -rw-r--r-- | main/cups/APKBUILD | 11 | ||||
| -rw-r--r-- | main/cups/CVE-2019-8842.patch | 13 | ||||
| -rw-r--r-- | main/cups/CVE-2020-3898.patch | 14 |
3 files changed, 36 insertions, 2 deletions
diff --git a/main/cups/APKBUILD b/main/cups/APKBUILD index de2f9c1808a..50353110eef 100644 --- a/main/cups/APKBUILD +++ b/main/cups/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=cups pkgver=2.2.12 -pkgrel=0 +pkgrel=1 pkgdesc="The CUPS Printing System" url="https://www.cups.org/" arch="all" @@ -20,9 +20,14 @@ source="https://github.com/apple/cups/releases/download/v$pkgver/cups-$pkgver-so cupsd.initd cups-no-export-ssllibs.patch default-config-no-gssapi.patch + CVE-2019-8842.patch + CVE-2020-3898.patch " # secfixes: +# 2.2.12-r1: +# - CVE-2019-8842 +# - CVE-2020-3898 # 2.2.12-r0: # - CVE-2019-8696 # - CVE-2019-8675 @@ -134,4 +139,6 @@ sha512sums="b8e7be512938ad388d469d093ad0c882ab42ea1408c27a91340f8424aa0e79e588df cf64211da59e79285f99d437c02fdd7db462855fb2920ec9563ba47bd8a9e5cbd10555094940ceedeb41ac805c4f0ddb9147481470112a11a76220d0298aef79 cups.logrotate 2c2683f755a220166b3a1653fdd1a6daa9718c8f0bbdff2e2d5e61d1133306260d63a83d3ff41619b5cf84c4913fae5822b79553e2822858f38fa3613f4c7082 cupsd.initd 7a8cd9ac33b0dd4627c72df4275db8ccd7cf8e201bce3833719b42f532f526bb347b842e3ea1ef0d61855b5c6e1088b5d20b68942f2c2c0acf504d8d9728efd3 cups-no-export-ssllibs.patch -98bb97f4af69ea286fc3d398b8e57c32440e6b2d49fb7f79b418a4fe7f13441f3a610f65d3433d10d971ade808233c0b29b4d66160623ccaae919179384be918 default-config-no-gssapi.patch" +98bb97f4af69ea286fc3d398b8e57c32440e6b2d49fb7f79b418a4fe7f13441f3a610f65d3433d10d971ade808233c0b29b4d66160623ccaae919179384be918 default-config-no-gssapi.patch +1a6dc3560c78eef28cad977abde076c02791e34fc05e53ce3137ac4ff1feb2f6bae5f64ba8733f44280ac4273d825372b29b15da6bb179776496f62a7d06462d CVE-2019-8842.patch +560466d3721cd105ef1e6aa03d0cb6c55964e94f06fe80e2f8570d481941cfd03ac6940d0108e111ea7f4bee55460b93423975410890e105902c5a4ce3b79d77 CVE-2020-3898.patch" diff --git a/main/cups/CVE-2019-8842.patch b/main/cups/CVE-2019-8842.patch new file mode 100644 index 00000000000..2e1a212239a --- /dev/null +++ b/main/cups/CVE-2019-8842.patch @@ -0,0 +1,13 @@ +diff --git a/cups/ipp.c b/cups/ipp.c +index b0762fd..dba4f31 100644 +--- a/cups/ipp.c ++++ b/cups/ipp.c +@@ -2960,7 +2960,7 @@ ippReadIO(void *src, /* I - Data source */ + * Read 32-bit "extension" tag... + */ + +- if ((*cb)(src, buffer, 4) < 1) ++ if ((*cb)(src, buffer, 4) < 4) + { + DEBUG_puts("1ippReadIO: Callback returned EOF/error"); + _cupsBufferRelease((char *)buffer); diff --git a/main/cups/CVE-2020-3898.patch b/main/cups/CVE-2020-3898.patch new file mode 100644 index 00000000000..d797a0be1a2 --- /dev/null +++ b/main/cups/CVE-2020-3898.patch @@ -0,0 +1,14 @@ +diff --git a/cups/ppd.c b/cups/ppd.c +index 58d92c1..5bc7939 100644 +--- a/cups/ppd.c ++++ b/cups/ppd.c +@@ -1730,8 +1730,7 @@ _ppdOpen( + constraint->choice1, constraint->option2, + constraint->choice2)) + { +- case 0 : /* Error */ +- case 1 : /* Error */ ++ default : /* Error */ + pg->ppd_status = PPD_BAD_UI_CONSTRAINTS; + goto error; + |