rpms/cups/F-11 cups-CVE-2010-0302.patch, NONE, 1.1 cups.spec, 1.568, 1.569
Tim Waugh
twaugh at fedoraproject.org
Fri Mar 5 10:51:40 UTC 2010
Author: twaugh
Update of /cvs/pkgs/rpms/cups/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv10473
Modified Files:
cups.spec
Added Files:
cups-CVE-2010-0302.patch
Log Message:
* Fri Mar 5 2010 Tim Waugh <twaugh at redhat.com> - 1:1.4.2-26
- Applied patch for CVE-2010-0302 (incomplete fix for CVE-2009-3553,
bug #557775).
cups-CVE-2010-0302.patch:
select.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
--- NEW FILE cups-CVE-2010-0302.patch ---
diff -up cups-1.4.2/scheduler/select.c.CVE-2010-0302 cups-1.4.2/scheduler/select.c
--- cups-1.4.2/scheduler/select.c.CVE-2010-0302 2010-03-05 10:37:49.990476887 +0000
+++ cups-1.4.2/scheduler/select.c 2010-03-05 10:38:01.803478081 +0000
@@ -454,7 +454,8 @@ cupsdDoSelect(long timeout) /* I - Time
if (fdptr->read_cb && event->filter == EVFILT_READ)
(*(fdptr->read_cb))(fdptr->data);
- if (fdptr->use > 1 && fdptr->write_cb && event->filter == EVFILT_WRITE)
+ if (fdptr->use > 1 && fdptr->write_cb && event->filter == EVFILT_WRITE &&
+ !cupsArrayFind(cupsd_inactive_fds, fdptr))
(*(fdptr->write_cb))(fdptr->data);
release_fd(fdptr);
@@ -499,7 +500,9 @@ cupsdDoSelect(long timeout) /* I - Time
if (fdptr->read_cb && (event->events & (EPOLLIN | EPOLLERR | EPOLLHUP)))
(*(fdptr->read_cb))(fdptr->data);
- if (fdptr->use > 1 && fdptr->write_cb && (event->events & (EPOLLOUT | EPOLLERR | EPOLLHUP)))
+ if (fdptr->use > 1 && fdptr->write_cb &&
+ (event->events & (EPOLLOUT | EPOLLERR | EPOLLHUP)) &&
+ !cupsArrayFind(cupsd_inactive_fds, fdptr))
(*(fdptr->write_cb))(fdptr->data);
release_fd(fdptr);
Index: cups.spec
===================================================================
RCS file: /cvs/pkgs/rpms/cups/F-11/cups.spec,v
retrieving revision 1.568
retrieving revision 1.569
diff -u -p -r1.568 -r1.569
--- cups.spec 2 Mar 2010 12:59:26 -0000 1.568
+++ cups.spec 5 Mar 2010 10:51:40 -0000 1.569
@@ -9,7 +9,7 @@
Summary: Common Unix Printing System
Name: cups
Version: 1.4.2
-Release: 25%{?dist}
+Release: 26%{?dist}
License: GPLv2
Group: System Environment/Daemons
Source: http://ftp.easysw.com/pub/cups/%{version}/cups-%{version}-source.tar.bz2
@@ -79,6 +79,7 @@ Patch63: cups-gnutls-gcrypt-threads.patc
Patch64: cups-str3458.patch
Patch65: cups-EAI_AGAIN.patch
Patch66: cups-str3505.patch
+Patch67: cups-CVE-2010-0302.patch
Patch100: cups-lspp.patch
Epoch: 1
@@ -262,6 +263,7 @@ module.
%patch64 -p1 -b .str3458
%patch65 -p1 -b .EAI_AGAIN
%patch66 -p1 -b .str3505
+%patch67 -p1 -b .CVE-2010-0302
%if %lspp
%patch100 -p1 -b .lspp
@@ -553,6 +555,10 @@ rm -rf $RPM_BUILD_ROOT
%{php_extdir}/phpcups.so
%changelog
+* Fri Mar 5 2010 Tim Waugh <twaugh at redhat.com> - 1:1.4.2-26
+- Applied patch for CVE-2010-0302 (incomplete fix for CVE-2009-3553,
+ bug #557775).
+
* Tue Mar 2 2010 Tim Waugh <twaugh at redhat.com> - 1:1.4.2-25
- Don't own filesystem locale directories (bug #569403).
- Don't apply gcrypt threading patch (bug #553834).
More information about the scm-commits
mailing list