rpms/cups/F-9 cups-CVE-2008-5286.patch, NONE, 1.1 cups.spec, 1.429, 1.430
Tim Waugh
twaugh at fedoraproject.org
Wed Dec 3 12:49:03 UTC 2008
- Previous message (by thread): rpms/cegui/devel .cvsignore, 1.5, 1.6 cegui-0.6.0-release-as-so-ver.patch, 1.2, 1.3 cegui.spec, 1.17, 1.18 sources, 1.5, 1.6
- Next message (by thread): rpms/star/devel .cvsignore, 1.18, 1.19 sources, 1.19, 1.20 star-1.5-changewarnSegv.patch, 1.1, 1.2 star-1.5-selinux.patch, 1.7, 1.8 star.spec, 1.41, 1.42
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: twaugh
Update of /cvs/pkgs/rpms/cups/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv743
Modified Files:
cups.spec
Added Files:
cups-CVE-2008-5286.patch
Log Message:
* Wed Dec 3 2008 Tim Waugh <twaugh at redhat.com>
- Applied patch to fix STR #2974 (bug #473905, CVE-2008-5286,
CVE-2008-1722).
cups-CVE-2008-5286.patch:
--- NEW FILE cups-CVE-2008-5286.patch ---
diff -up cups-1.3.9/filter/image-png.c.CVE-2008-5286 cups-1.3.9/filter/image-png.c
--- cups-1.3.9/filter/image-png.c.CVE-2008-5286 2008-07-11 23:48:49.000000000 +0100
+++ cups-1.3.9/filter/image-png.c 2008-12-03 12:23:14.000000000 +0000
@@ -178,7 +178,7 @@ _cupsImageReadPNG(
{
bufsize = img->xsize * img->ysize;
- if ((bufsize / img->ysize) != img->xsize)
+ if ((bufsize / img->xsize) != img->ysize)
{
fprintf(stderr, "DEBUG: PNG image dimensions (%ux%u) too large!\n",
(unsigned)width, (unsigned)height);
@@ -190,7 +190,7 @@ _cupsImageReadPNG(
{
bufsize = img->xsize * img->ysize * 3;
- if ((bufsize / (img->ysize * 3)) != img->xsize)
+ if ((bufsize / (img->xsize * 3)) != img->ysize)
{
fprintf(stderr, "DEBUG: PNG image dimensions (%ux%u) too large!\n",
(unsigned)width, (unsigned)height);
Index: cups.spec
===================================================================
RCS file: /cvs/pkgs/rpms/cups/F-9/cups.spec,v
retrieving revision 1.429
retrieving revision 1.430
diff -u -r1.429 -r1.430
--- cups.spec 3 Dec 2008 12:45:30 -0000 1.429
+++ cups.spec 3 Dec 2008 12:48:31 -0000 1.430
@@ -51,6 +51,7 @@
Patch24: cups-str2988.patch
Patch25: cups-str3023.patch
Patch26: cups-CVE-2008-5183.patch
+Patch27: cups-CVE-2008-5286.patch
Patch100: cups-lspp.patch
Epoch: 1
Url: http://www.cups.org/
@@ -175,6 +176,7 @@
%patch24 -p1 -b .str2988
%patch25 -p1 -b .str3023
%patch26 -p1 -b .CVE-2008-5183
+%patch27 -p1 -b .CVE-2008-5286
%if %lspp
%patch100 -p1 -b .lspp
@@ -458,6 +460,8 @@
%changelog
* Wed Dec 3 2008 Tim Waugh <twaugh at redhat.com>
+- Applied patch to fix STR #2974 (bug #473905, CVE-2008-5286,
+ CVE-2008-1722).
- Applied patch to fix RSS subscription limiting (bug #473901,
CVE-2008-5183).
- Previous message (by thread): rpms/cegui/devel .cvsignore, 1.5, 1.6 cegui-0.6.0-release-as-so-ver.patch, 1.2, 1.3 cegui.spec, 1.17, 1.18 sources, 1.5, 1.6
- Next message (by thread): rpms/star/devel .cvsignore, 1.18, 1.19 sources, 1.19, 1.20 star-1.5-changewarnSegv.patch, 1.1, 1.2 star-1.5-selinux.patch, 1.7, 1.8 star.spec, 1.41, 1.42
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list