diff options
| author | Didier Raboud <odyx@debian.org> | 2019-12-31 13:53:44 +0100 |
|---|---|---|
| committer | Didier Raboud <odyx@debian.org> | 2019-12-31 13:53:57 +0100 |
| commit | 14385c26fcd208c136e46709564ac16554ec54d1 (patch) | |
| tree | 0b08da3f6ae70e4cfd9011092237abb9bf64ce0d | |
| parent | fceb447ed907b59e90a111abad6bade956f08b61 (diff) | |
| parent | 1b21a83376cee1f213faf7f4b4d89dd766c28975 (diff) | |
merge patched-debian/buster into debian/buster
| -rw-r--r-- | cups/ipp.c | 2 | ||||
| -rw-r--r-- | cups/ppd.c | 4 | ||||
| -rw-r--r-- | debian/.git-dpm | 4 | ||||
| -rw-r--r-- | debian/patches/0048-Fix-memory-leak-in-ppdOpen.patch | 32 | ||||
| -rw-r--r-- | debian/patches/0049-CVE-2019-2228-Fix-ippSetValueTag-validation-of-defau.patch | 23 | ||||
| -rw-r--r-- | debian/patches/series | 2 |
6 files changed, 64 insertions, 3 deletions
diff --git a/cups/ipp.c b/cups/ipp.c index cc9c6af50..98b499716 100644 --- a/cups/ipp.c +++ b/cups/ipp.c @@ -4563,7 +4563,7 @@ ippSetValueTag( return (0); if (ipp->attrs && ipp->attrs->next && ipp->attrs->next->name && - !strcmp(ipp->attrs->next->name, "attributes-natural-language")) + !strcmp(ipp->attrs->next->name, "attributes-natural-language") && (ipp->attrs->next->value_tag & IPP_TAG_CUPS_MASK) == IPP_TAG_LANGUAGE) { /* * Use the language code from the IPP message... diff --git a/cups/ppd.c b/cups/ppd.c index 435b992f4..b823d17b4 100644 --- a/cups/ppd.c +++ b/cups/ppd.c @@ -716,6 +716,8 @@ _ppdOpen( strncmp(ll, keyword, ll_len))) { DEBUG_printf(("2_ppdOpen: Ignoring localization: \"%s\"\n", keyword)); + free(string); + string = NULL; continue; } else if (localization == _PPD_LOCALIZATION_ICC_PROFILES) @@ -735,6 +737,8 @@ _ppdOpen( if (i >= (int)(sizeof(color_keywords) / sizeof(color_keywords[0]))) { DEBUG_printf(("2_ppdOpen: Ignoring localization: \"%s\"\n", keyword)); + free(string); + string = NULL; continue; } } diff --git a/debian/.git-dpm b/debian/.git-dpm index 7b63e9667..7a5dffa9d 100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm @@ -1,6 +1,6 @@ # see git-dpm(1) from git-dpm package -9af82602a9fe2523ceeef46f2d6e6378e2dc7eb7 -9af82602a9fe2523ceeef46f2d6e6378e2dc7eb7 +1b21a83376cee1f213faf7f4b4d89dd766c28975 +1b21a83376cee1f213faf7f4b4d89dd766c28975 25b2338346ef3abbb93ea88476887cba7b2b86f8 25b2338346ef3abbb93ea88476887cba7b2b86f8 cups_2.2.10.orig.tar.gz diff --git a/debian/patches/0048-Fix-memory-leak-in-ppdOpen.patch b/debian/patches/0048-Fix-memory-leak-in-ppdOpen.patch new file mode 100644 index 000000000..9fbf84cbe --- /dev/null +++ b/debian/patches/0048-Fix-memory-leak-in-ppdOpen.patch @@ -0,0 +1,32 @@ +From 545d46fb0bf1cd8414ab28148f3a3126c3cf75fe Mon Sep 17 00:00:00 2001 +From: Michael R Sweet <michael.r.sweet@gmail.com> +Date: Thu, 1 Aug 2019 13:02:35 -0400 +Subject: Fix memory leak in ppdOpen + +Closes: #946941 +--- + cups/ppd.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/cups/ppd.c b/cups/ppd.c +index 435b992f4..b823d17b4 100644 +--- a/cups/ppd.c ++++ b/cups/ppd.c +@@ -716,6 +716,8 @@ _ppdOpen( + strncmp(ll, keyword, ll_len))) + { + DEBUG_printf(("2_ppdOpen: Ignoring localization: \"%s\"\n", keyword)); ++ free(string); ++ string = NULL; + continue; + } + else if (localization == _PPD_LOCALIZATION_ICC_PROFILES) +@@ -735,6 +737,8 @@ _ppdOpen( + if (i >= (int)(sizeof(color_keywords) / sizeof(color_keywords[0]))) + { + DEBUG_printf(("2_ppdOpen: Ignoring localization: \"%s\"\n", keyword)); ++ free(string); ++ string = NULL; + continue; + } + } diff --git a/debian/patches/0049-CVE-2019-2228-Fix-ippSetValueTag-validation-of-defau.patch b/debian/patches/0049-CVE-2019-2228-Fix-ippSetValueTag-validation-of-defau.patch new file mode 100644 index 000000000..bbfc651ec --- /dev/null +++ b/debian/patches/0049-CVE-2019-2228-Fix-ippSetValueTag-validation-of-defau.patch @@ -0,0 +1,23 @@ +From 1b21a83376cee1f213faf7f4b4d89dd766c28975 Mon Sep 17 00:00:00 2001 +From: Michael R Sweet <michael.r.sweet@gmail.com> +Date: Fri, 13 Dec 2019 09:30:46 -0500 +Subject: CVE-2019-2228: Fix ippSetValueTag validation of default language + +Closes: #946782 +--- + cups/ipp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/cups/ipp.c b/cups/ipp.c +index cc9c6af50..98b499716 100644 +--- a/cups/ipp.c ++++ b/cups/ipp.c +@@ -4563,7 +4563,7 @@ ippSetValueTag( + return (0); + + if (ipp->attrs && ipp->attrs->next && ipp->attrs->next->name && +- !strcmp(ipp->attrs->next->name, "attributes-natural-language")) ++ !strcmp(ipp->attrs->next->name, "attributes-natural-language") && (ipp->attrs->next->value_tag & IPP_TAG_CUPS_MASK) == IPP_TAG_LANGUAGE) + { + /* + * Use the language code from the IPP message... diff --git a/debian/patches/series b/debian/patches/series index 019315ce4..89f9d0382 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -45,3 +45,5 @@ debianize_cups-config.patch 0045-Fix-an-issue-with-PreserveJobHistory-and-time-values.patch manpage-translations.patch 0047-Fix-multiple-security-disclosure-issues.patch +0048-Fix-memory-leak-in-ppdOpen.patch +0049-CVE-2019-2228-Fix-ippSetValueTag-validation-of-defau.patch |