rpms/cups/F-8 cups-CVE-2008-5286.patch, NONE, 1.1 cups.spec, 1.400, 1.401
Tim Waugh
twaugh at fedoraproject.org
Wed Dec 3 12:54:10 UTC 2008
- Previous message (by thread): rpms/pdns/devel .cvsignore, 1.5, 1.6 pdns-fixinit.patch, 1.1, 1.2 pdns.spec, 1.13, 1.14 sources, 1.5, 1.6 pdns-avoid-version.patch, 1.2, NONE pdns-bz461768.patch, 1.1, NONE pdns-gcc43.patch, 1.1, NONE
- Next message (by thread): rpms/cups/F-8 cups.spec,1.401,1.402
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: twaugh
Update of /cvs/pkgs/rpms/cups/F-8
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv1889
Modified Files:
cups.spec
Added Files:
cups-CVE-2008-5286.patch
Log Message:
* Wed Dec 3 2008 Tim Waugh <twaugh at redhat.com>
- Applied patch to fix STR #2974 (bug #473905, CVE-2008-5286,
CVE-2008-1722).
cups-CVE-2008-5286.patch:
--- NEW FILE cups-CVE-2008-5286.patch ---
diff -up cups-1.3.9/filter/image-png.c.CVE-2008-5286 cups-1.3.9/filter/image-png.c
--- cups-1.3.9/filter/image-png.c.CVE-2008-5286 2008-07-11 23:48:49.000000000 +0100
+++ cups-1.3.9/filter/image-png.c 2008-12-03 12:23:14.000000000 +0000
@@ -178,7 +178,7 @@ _cupsImageReadPNG(
{
bufsize = img->xsize * img->ysize;
- if ((bufsize / img->ysize) != img->xsize)
+ if ((bufsize / img->xsize) != img->ysize)
{
fprintf(stderr, "DEBUG: PNG image dimensions (%ux%u) too large!\n",
(unsigned)width, (unsigned)height);
@@ -190,7 +190,7 @@ _cupsImageReadPNG(
{
bufsize = img->xsize * img->ysize * 3;
- if ((bufsize / (img->ysize * 3)) != img->xsize)
+ if ((bufsize / (img->xsize * 3)) != img->ysize)
{
fprintf(stderr, "DEBUG: PNG image dimensions (%ux%u) too large!\n",
(unsigned)width, (unsigned)height);
Index: cups.spec
===================================================================
RCS file: /cvs/pkgs/rpms/cups/F-8/cups.spec,v
retrieving revision 1.400
retrieving revision 1.401
diff -u -r1.400 -r1.401
--- cups.spec 3 Dec 2008 12:51:41 -0000 1.400
+++ cups.spec 3 Dec 2008 12:53:39 -0000 1.401
@@ -47,6 +47,7 @@
Patch22: cups-strict-ppd-line-length.patch
Patch25: cups-usb-paperout.patch
Patch26: cups-CVE-2008-5183.patch
+Patch27: cups-CVE-2008-5286.patch
Patch100: cups-lspp.patch
Epoch: 1
Url: http://www.cups.org/
@@ -161,6 +162,7 @@
%patch22 -p1 -b .strict-ppd-line-length
%patch25 -p1 -b .usb-paperout
%patch26 -p1 -b .CVE-2008-5183
+%patch27 -p1 -b .CVE-2008-5286
%if %lspp
%patch100 -p1 -b .lspp
@@ -455,6 +457,8 @@
%changelog
* Wed Dec 3 2008 Tim Waugh <twaugh at redhat.com>
+- Applied patch to fix STR #2974 (bug #473905, CVE-2008-5286,
+ CVE-2008-1722).
- Applied patch to fix RSS subscription limiting (bug #473901,
CVE-2008-5183).
- Previous message (by thread): rpms/pdns/devel .cvsignore, 1.5, 1.6 pdns-fixinit.patch, 1.1, 1.2 pdns.spec, 1.13, 1.14 sources, 1.5, 1.6 pdns-avoid-version.patch, 1.2, NONE pdns-bz461768.patch, 1.1, NONE pdns-gcc43.patch, 1.1, NONE
- Next message (by thread): rpms/cups/F-8 cups.spec,1.401,1.402
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list