rpms/cups/F-10 cups-CVE-2008-5286.patch, NONE, 1.1 cups.spec, 1.448, 1.449

Tim Waugh twaugh at fedoraproject.org
Wed Dec 3 12:44:09 UTC 2008 

Author: twaugh

Update of /cvs/pkgs/rpms/cups/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv32277

Modified Files:
	cups.spec 
Added Files:
	cups-CVE-2008-5286.patch 
Log Message:
1:1.3.9-4

cups-CVE-2008-5286.patch:

--- NEW FILE cups-CVE-2008-5286.patch ---
diff -up cups-1.3.9/filter/image-png.c.CVE-2008-5286 cups-1.3.9/filter/image-png.c
--- cups-1.3.9/filter/image-png.c.CVE-2008-5286	2008-07-11 23:48:49.000000000 +0100
+++ cups-1.3.9/filter/image-png.c	2008-12-03 12:23:14.000000000 +0000
@@ -178,7 +178,7 @@ _cupsImageReadPNG(
     {
       bufsize = img->xsize * img->ysize;
 
-      if ((bufsize / img->ysize) != img->xsize)
+      if ((bufsize / img->xsize) != img->ysize)
       {
 	fprintf(stderr, "DEBUG: PNG image dimensions (%ux%u) too large!\n",
 		(unsigned)width, (unsigned)height);
@@ -190,7 +190,7 @@ _cupsImageReadPNG(
     {
       bufsize = img->xsize * img->ysize * 3;
 
-      if ((bufsize / (img->ysize * 3)) != img->xsize)
+      if ((bufsize / (img->xsize * 3)) != img->ysize)
       {
 	fprintf(stderr, "DEBUG: PNG image dimensions (%ux%u) too large!\n",
 		(unsigned)width, (unsigned)height);


Index: cups.spec
===================================================================
RCS file: /cvs/pkgs/rpms/cups/F-10/cups.spec,v
retrieving revision 1.448
retrieving revision 1.449
diff -u -r1.448 -r1.449
--- cups.spec	3 Dec 2008 12:19:42 -0000	1.448
+++ cups.spec	3 Dec 2008 12:43:38 -0000	1.449
@@ -7,7 +7,7 @@
 Summary: Common Unix Printing System
 Name: cups
 Version: 1.3.9
-Release: 3%{?svn:.svn%{svn}}%{?dist}
+Release: 4%{?svn:.svn%{svn}}%{?dist}
 License: GPLv2
 Group: System Environment/Daemons
 Source: ftp://ftp.easysw.com/pub/cups/test//cups-%{version}%{?svn:svn-r%{svn}}-source.tar.bz2
@@ -52,6 +52,7 @@
 Patch25: cups-str2988.patch
 Patch26: cups-str3023.patch
 Patch27: cups-CVE-2008-5183.patch
+Patch28: cups-CVE-2008-5286.patch
 Patch100: cups-lspp.patch
 Epoch: 1
 Url: http://www.cups.org/
@@ -192,6 +193,7 @@
 %patch25 -p1 -b .str2988
 %patch26 -p1 -b .str3023
 %patch27 -p1 -b .CVE-2008-5183
+%patch28 -p1 -b .CVE-2008-5286
 
 %if %lspp
 %patch100 -p1 -b .lspp
@@ -483,11 +485,11 @@
 %{_libdir}/php/modules/*.so
 
 %changelog
-* Wed Dec  3 2008 Tim Waugh <twaugh at redhat.com>
+* Wed Dec  3 2008 Tim Waugh <twaugh at redhat.com> 1:1.3.9-4
+- Applied patch to fix STR #2974 (bug #473905, CVE-2008-5286,
+  CVE-2008-1722).
 - Applied patch to fix RSS subscription limiting (bug #473901,
   CVE-2008-5183).
-
-* Wed Nov 26 2008 Tim Waugh <twaugh at redhat.com>
 - Fixed cups-polld again for res_init (STR #3023, bug #354071).
 - Added patch to avoid polling busy loop (STR #2988).

More information about the fedora-extras-commits mailing list