[foomatic/f14] Another fix for CVE-2011-2924 (bug #726426).
Tim Waugh
twaugh at fedoraproject.org
Thu Aug 18 16:01:02 UTC 2011
commit 230343e540f420dc9e2d37f36adcc99a8f021f17
Author: Tim Waugh <twaugh at redhat.com>
Date: Thu Aug 18 16:36:01 2011 +0100
Another fix for CVE-2011-2924 (bug #726426).
foomatic-filters-CVE-2011-2924.patch | 22 +++++++++++++++++++++-
foomatic.spec | 5 ++++-
2 files changed, 25 insertions(+), 2 deletions(-)
---
diff --git a/foomatic-filters-CVE-2011-2924.patch b/foomatic-filters-CVE-2011-2924.patch
index 236b2c9..f5fb659 100644
--- a/foomatic-filters-CVE-2011-2924.patch
+++ b/foomatic-filters-CVE-2011-2924.patch
@@ -1,6 +1,26 @@
+diff -up foomatic-filters-4.0.8/foomaticrip.c.CVE-2011-2924 foomatic-filters-4.0.8/foomaticrip.c
+--- foomatic-filters-4.0.8/foomaticrip.c.CVE-2011-2924 2011-08-18 16:27:57.277636643 +0100
++++ foomatic-filters-4.0.8/foomaticrip.c 2011-08-18 16:33:37.680136675 +0100
+@@ -1188,9 +1188,13 @@ int main(int argc, char** argv)
+ if (arglist_remove_flag(arglist, "--debug"))
+ debug = 1;
+
+- if (debug)
+- logh = fopen(LOG_FILE ".log", "w"); /* insecure, use for debugging only */
+- else if (quiet && !verbose)
++ if (debug) {
++ int fd = mkstemp (LOG_FILE "-XXXXXX.log");
++ if (fd != -1)
++ logh = fdopen(fd, "w");
++ else
++ logh = stderr;
++ } else if (quiet && !verbose)
+ logh = NULL; /* Quiet mode, do not log */
+ else
+ logh = stderr; /* Default: log to stderr */
diff -up foomatic-filters-4.0.8/renderer.c.CVE-2011-2924 foomatic-filters-4.0.8/renderer.c
--- foomatic-filters-4.0.8/renderer.c.CVE-2011-2924 2011-07-25 10:50:57.000000000 +0100
-+++ foomatic-filters-4.0.8/renderer.c 2011-08-18 12:12:36.758458765 +0100
++++ foomatic-filters-4.0.8/renderer.c 2011-08-18 14:36:14.120153309 +0100
@@ -434,7 +434,7 @@ int exec_kid3(FILE *in, FILE *out, void
}
diff --git a/foomatic.spec b/foomatic.spec
index 700a904..921dcec 100644
--- a/foomatic.spec
+++ b/foomatic.spec
@@ -4,7 +4,7 @@
Summary: Tools for using the foomatic database of printers and printer drivers
Name: foomatic
Version: %{enginever}
-Release: 2%{?dist}
+Release: 3%{?dist}
License: GPLv2+
Group: System Environment/Libraries
@@ -184,6 +184,9 @@ rm -fr %buildroot $RPM_BUILD_DIR/%{name}
%{_mandir}/man1/foomatic-rip.1*
%changelog
+* Tue Aug 18 2011 Tim Waugh <twaugh at redhat.com> - 4.0.8-3
+- Another fix for CVE-2011-2924 (bug #726426).
+
* Tue Aug 18 2011 Tim Waugh <twaugh at redhat.com> - 4.0.8-2
- Use mktemp when creating debug log file in foomatic-rip
(CVE-2011-2924, bug #726426).
More information about the scm-commits
mailing list