rpms/cups/F-10 cups-CVE-2009-3553.patch, NONE, 1.1 cups.spec, 1.468, 1.469

Tim Waugh twaugh at fedoraproject.org
Thu Dec 3 11:10:41 UTC 2009 

Author: twaugh

Update of /cvs/pkgs/rpms/cups/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv3340

Modified Files:
	cups.spec 
Added Files:
	cups-CVE-2009-3553.patch 
Log Message:
* Thu Dec  3 2009 Tim Waugh <twaugh at redhat.com> - 1:1.3.11-4
- Applied patch to fix CVE-2009-3553 (bug #530111, STR #3200).


cups-CVE-2009-3553.patch:
 select.c |    8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

--- NEW FILE cups-CVE-2009-3553.patch ---
diff -up cups-1.3.11/scheduler/select.c.CVE-2009-3553 cups-1.3.11/scheduler/select.c
--- cups-1.3.11/scheduler/select.c.CVE-2009-3553	2008-07-11 23:48:49.000000000 +0100
+++ cups-1.3.11/scheduler/select.c	2009-12-03 10:50:45.928460205 +0000
@@ -483,7 +483,7 @@ cupsdDoSelect(long timeout)		/* I - Time
       (*(fdptr->read_cb))(fdptr->data);
     }
 
-    if (fdptr->write_cb && event->filter == EVFILT_WRITE)
+    if (fdptr->use > 1 && fdptr->write_cb && event->filter == EVFILT_WRITE)
     {
       cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdDoSelect: Write on fd %d...",
 	              fdptr->fd);
@@ -543,7 +543,7 @@ cupsdDoSelect(long timeout)		/* I - Time
 	  (*(fdptr->read_cb))(fdptr->data);
 	}
 
-	if (fdptr->write_cb && (event->events & (EPOLLOUT | EPOLLERR | EPOLLHUP)))
+	if (fdptr->use > 1 && fdptr->write_cb && (event->events & (EPOLLOUT | EPOLLERR | EPOLLHUP)))
 	{
 	  cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdDoSelect: Write on fd %d...",
 	        	  fdptr->fd);
@@ -655,7 +655,7 @@ cupsdDoSelect(long timeout)		/* I - Time
         (*(fdptr->read_cb))(fdptr->data);
       }
 
-      if (fdptr->write_cb && (pfd->revents & (POLLOUT | POLLERR | POLLHUP)))
+      if (fdptr->use > 1 && fdptr->write_cb && (pfd->revents & (POLLOUT | POLLERR | POLLHUP)))
       {
         cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdDoSelect: Write on fd %d...",
 	                fdptr->fd);
@@ -725,7 +725,7 @@ cupsdDoSelect(long timeout)		/* I - Time
         (*(fdptr->read_cb))(fdptr->data);
       }
 
-      if (fdptr->write_cb && FD_ISSET(fdptr->fd, &cupsd_current_output))
+      if (fdptr->use > 1 && fdptr->write_cb && FD_ISSET(fdptr->fd, &cupsd_current_output))
       {
         cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdDoSelect: Write on fd %d...",
 	                fdptr->fd);


Index: cups.spec
===================================================================
RCS file: /cvs/pkgs/rpms/cups/F-10/cups.spec,v
retrieving revision 1.468
retrieving revision 1.469
diff -u -p -r1.468 -r1.469
--- cups.spec	11 Nov 2009 09:53:50 -0000	1.468
+++ cups.spec	3 Dec 2009 11:10:41 -0000	1.469
@@ -7,7 +7,7 @@
 Summary: Common Unix Printing System
 Name: cups
 Version: 1.3.11
-Release: 3%{?svn:.svn%{svn}}%{?dist}
+Release: 4%{?svn:.svn%{svn}}%{?dist}
 License: GPLv2
 Group: System Environment/Daemons
 Source: ftp://ftp.easysw.com/pub/cups/test//cups-%{version}%{?svn:svn-r%{svn}}-source.tar.gz
@@ -55,6 +55,7 @@ Patch100: cups-lspp.patch
 
 # SECURITY PATCHES:
 Patch200: cups-CVE-2009-2820.patch
+Patch201: cups-CVE-2009-3553.patch
 
 Epoch: 1
 Url: http://www.cups.org/
@@ -198,6 +199,7 @@ module. 
 %endif
 
 %patch200 -p1 -b .CVE-2009-2820
+%patch201 -p1 -b .CVE-2009-3553
 
 sed -i -e '1iMaxLogSize 0' conf/cupsd.conf.in
 
@@ -514,6 +516,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/php/modules/*.so
 
 %changelog
+* Thu Dec  3 2009 Tim Waugh <twaugh at redhat.com> - 1:1.3.11-4
+- Applied patch to fix CVE-2009-3553 (bug #530111, STR #3200).
+
 * Wed Nov 11 2009 Jiri Popelka <jpopelka at redhat.com> 1:1.3.11-3
 - Fixed lspp-patch to avoid memory leak (bug #536741).

More information about the scm-commits mailing list