[cups/f20] Fix CGI handling (STR #4454).
Tim Waugh
twaugh at fedoraproject.org
Wed Jul 23 13:33:50 UTC 2014
commit 3c29b9339f8cf77540272da863ca48163a7b7f8e
Author: Tim Waugh <twaugh at redhat.com>
Date: Wed Jul 23 14:32:05 2014 +0100
Fix CGI handling (STR #4454).
cups-cgi.patch | 17 +++++++++++++++++
cups.spec | 8 +++++++-
2 files changed, 24 insertions(+), 1 deletions(-)
---
diff --git a/cups-cgi.patch b/cups-cgi.patch
new file mode 100644
index 0000000..3e92757
--- /dev/null
+++ b/cups-cgi.patch
@@ -0,0 +1,17 @@
+diff -up cups-1.7.4/scheduler/client.c~ cups-1.7.4/scheduler/client.c
+--- cups-1.7.4/scheduler/client.c~ 2014-07-18 13:34:25.243248601 +0100
++++ cups-1.7.4/scheduler/client.c 2014-07-18 14:50:55.356614243 +0100
+@@ -3980,12 +3980,7 @@ pipe_command(cupsd_client_t *con, /* I -
+ argv[0] = command;
+
+ if (options)
+- {
+- commptr = options;
+- if (*commptr == ' ')
+- commptr ++;
+- strlcpy(argbuf, commptr, sizeof(argbuf));
+- }
++ strlcpy(argbuf, options, sizeof(argbuf));
+ else
+ argbuf[0] = '\0';
+
diff --git a/cups.spec b/cups.spec
index 4b57885..b4b066d 100644
--- a/cups.spec
+++ b/cups.spec
@@ -11,7 +11,7 @@ Summary: CUPS printing system
Name: cups
Epoch: 1
Version: 1.7.4
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2
Url: http://www.cups.org/
Source: http://www.cups.org/software/%{version}/cups-%{version}-source.tar.bz2
@@ -65,6 +65,7 @@ Patch36: cups-web-devices-timeout.patch
Patch37: cups-final-content-type.patch
Patch38: cups-journal.patch
Patch39: cups-synconclose.patch
+Patch40: cups-cgi.patch
Patch100: cups-lspp.patch
@@ -252,6 +253,8 @@ Sends IPP requests to the specified URI and tests and/or displays the results.
%patch38 -p1 -b .journal
# Set the default for SyncOnClose to Yes.
%patch39 -p1 -b .synconclose
+# Fix CGI handling (STR #4454).
+%patch40 -p1 -b .cgi
%if %lspp
# LSPP support.
@@ -640,6 +643,9 @@ rm -f %{cups_serverbin}/backend/smb
%{_mandir}/man5/ipptoolfile.5.gz
%changelog
+* Wed Jul 23 2014 Tim Waugh <twaugh at redhat.com> - 1:1.7.4-2
+- Fix CGI handling (STR #4454).
+
* Mon Jul 14 2014 Jiri Popelka <jpopelka at redhat.com> - 1:1.7.4-1
- 1.7.4: CVE-2014-3537
More information about the scm-commits
mailing list