rpms/cups/devel cups-CAN-2005-2097.patch, NONE, 1.1 cups.spec, 1.104, 1.105

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Fri Sep 2 16:45:03 UTC 2005 

Author: twaugh

Update of /cvs/dist/rpms/cups/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv27418

Modified Files:
	cups.spec 
Added Files:
	cups-CAN-2005-2097.patch 
Log Message:
* Fri Sep  2 2005 Tim Waugh <twaugh at redhat.com> 1:1.1.23-17
- Fixed CAN-2005-2097 (bug #164510).


cups-CAN-2005-2097.patch:
 FontFile.cxx |    4 ++++
 1 files changed, 4 insertions(+)

--- NEW FILE cups-CAN-2005-2097.patch ---
--- cups-1.1.22rc1/pdftops/FontFile.cxx.CAN-2005-2097	2005-07-29 16:19:40.000000000 +0100
+++ cups-1.1.22rc1/pdftops/FontFile.cxx	2005-07-29 16:33:40.000000000 +0100
@@ -18,6 +18,7 @@
 #include <stdarg.h>
 #include <string.h>
 #include <ctype.h>
+#include <error.h>
 #include "gmem.h"
 #include "GHash.h"
 #include "Error.h"
@@ -3572,6 +3573,9 @@
     } else {
       origLocaTable[i].pos = 2 * getUShort(pos + 2*i);
     }
+
+    if (origLocaTable[i].pos < 0 || origLocaTable[i].pos > len)
+      error (1, 0, "bad loca table pos value");
   }
   qsort(origLocaTable, nGlyphs + 1, sizeof(TrueTypeLoca), &cmpTrueTypeLocaPos);
   for (i = 0; i < nGlyphs; ++i) {


Index: cups.spec
===================================================================
RCS file: /cvs/dist/rpms/cups/devel/cups.spec,v
retrieving revision 1.104
retrieving revision 1.105
diff -u -r1.104 -r1.105
--- cups.spec	16 Jun 2005 12:04:34 -0000	1.104
+++ cups.spec	2 Sep 2005 16:45:00 -0000	1.105
@@ -6,7 +6,7 @@
 Summary: Common Unix Printing System
 Name: cups
 Version: 1.1.23
-Release: 16
+Release: 17
 License: GPL
 Group: System Environment/Daemons
 Source: ftp://ftp.easysw.com/pub/cups/test/cups-%{version}-source.tar.bz2
@@ -48,7 +48,8 @@
 Patch30: cups-session-printing.patch
 Patch32: cups-pid.patch
 Patch33: cups-CAN-2004-0888.patch
-Patch34: cups-dbus.patch
+Patch34: cups-CAN-2005-2097.patch
+Patch35: cups-dbus.patch
 Epoch: 1
 Url: http://www.cups.org/
 BuildRoot: %{_tmppath}/%{name}-root
@@ -141,8 +142,9 @@
 #%patch30 -p1 -b .session-printing
 %patch32 -p1 -b .pid
 %patch33 -p1 -b .CAN-2004-0888
+%patch34 -p1 -b .CAN-2005-2097
 %if %use_dbus
-%patch34 -p1 -b .dbus
+%patch35 -p1 -b .dbus
 %endif
 perl -pi -e 's,^#(Printcap\s+/etc/printcap),$1,' conf/cupsd.conf.in
 aclocal -I config-scripts
@@ -407,6 +409,9 @@
 %{_libdir}/cups/daemon/cups-lpd
 
 %changelog
+* Fri Sep  2 2005 Tim Waugh <twaugh at redhat.com> 1:1.1.23-17
+- Fixed CAN-2005-2097 (bug #164510).
+
 * Thu Jun 16 2005 Tim Waugh <twaugh at redhat.com> 1:1.1.23-16
 - Make DeletePrinterFromClass faster (bug #160620).

More information about the fedora-cvs-commits mailing list