[cups/f19] Scheduler now blocks URLs containing embedded HTML (bug #1087123, STR #4356).
Jiří Popelka
jpopelka at fedoraproject.org
Mon Apr 14 14:56:44 UTC 2014
commit e0f1ac261a754c93f1ab6ecc14d2c7bd97e4e027
Author: Jiri Popelka <jpopelka at redhat.com>
Date: Mon Apr 14 16:52:41 2014 +0200
Scheduler now blocks URLs containing embedded HTML (bug #1087123, STR #4356).
cups-str4356.patch | 29 +++++++++++++++++++++++++++++
cups.spec | 8 +++++++-
2 files changed, 36 insertions(+), 1 deletions(-)
---
diff --git a/cups-str4356.patch b/cups-str4356.patch
new file mode 100644
index 0000000..4cbb260
--- /dev/null
+++ b/cups-str4356.patch
@@ -0,0 +1,29 @@
+From 1216300668307015a88efc6267a521eeab51e8e8 Mon Sep 17 00:00:00 2001
+From: msweet <msweet at a1ca3aef-8c08-0410-bb20-df032aa958be>
+Date: Wed, 19 Feb 2014 19:56:56 +0000
+Subject: [PATCH] Protect against HTML in the URL (STR #4356)
+
+git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@11620 a1ca3aef-8c08-0410-bb20-df032aa958be
+---
+diff --git a/scheduler/client.c b/scheduler/client.c
+index 23fb713..9bb2305 100644
+--- a/scheduler/client.c
++++ b/scheduler/client.c
+@@ -3316,6 +3316,14 @@ is_path_absolute(const char *path) /* I - Input path */
+ return (0);
+
+ /*
++ * Check for "<" or quotes in the path and reject since this is probably
++ * someone trying to inject HTML...
++ */
++
++ if (strchr(path, '<') != NULL || strchr(path, '\"') != NULL || strchr(path, '\'') != NULL)
++ return (0);
++
++ /*
+ * Check for "/.." in the path...
+ */
+
+--
+1.9.0
+
diff --git a/cups.spec b/cups.spec
index 0ef2192..8ff2104 100644
--- a/cups.spec
+++ b/cups.spec
@@ -11,7 +11,7 @@ Summary: CUPS printing system
Name: cups
Epoch: 1
Version: 1.6.4
-Release: 4%{?dist}
+Release: 5%{?dist}
License: GPLv2
Group: System Environment/Daemons
Url: http://www.cups.org/
@@ -73,6 +73,7 @@ Patch42: cups-avahi-browse.patch
Patch43: cups-str4380.patch
Patch44: cups-str4366.patch
Patch45: cups-str4332.patch
+Patch46: cups-str4356.patch
Patch100: cups-lspp.patch
@@ -279,6 +280,8 @@ Sends IPP requests to the specified URI and tests and/or displays the results.
%patch44 -p1 -b .str4366
# Track local default in cupsEnumDests() (STR #4332).
%patch45 -p1 -b .str4332
+# Scheduler now blocks URLs containing embedded HTML (bug #1087123, STR #4356)
+%patch46 -p1 -b .str4356
%if %lspp
# LSPP support.
@@ -667,6 +670,9 @@ rm -f %{cups_serverbin}/backend/smb
%{_mandir}/man5/ipptoolfile.5.gz
%changelog
+* Mon Apr 14 2014 Jiri Popelka <jpopelka at redhat.com> - 1:1.6.4-5
+- Scheduler now blocks URLs containing embedded HTML (bug #1087123, STR #4356).
+
* Tue Mar 11 2014 Tim Waugh <twaugh at redhat.com> - 1:1.6.4-4
- Track local default in cupsEnumDests() (STR #4332).
- Prevent feedback loop when fetching error_log over HTTP (STR #4366).
More information about the scm-commits
mailing list