diff --git a/cups-helpcgi-segfault.patch b/cups-helpcgi-segfault.patch new file mode 100644 index 0000000..67f48cc --- /dev/null +++ b/cups-helpcgi-segfault.patch @@ -0,0 +1,13 @@ +diff --git a/cgi-bin/help-index.c b/cgi-bin/help-index.c +index ce97e47..3da1010 100644 +--- a/cgi-bin/help-index.c ++++ b/cgi-bin/help-index.c +@@ -579,7 +579,7 @@ helpSearchIndex(help_index_t *hi, /* I - Index */ + */ + + for (; node; node = (help_node_t *)cupsArrayNext(hi->nodes)) +- if (section && strcmp(node->section, section)) ++ if (node->section && section && strcmp(node->section, section)) + continue; + else if (filename && strcmp(node->filename, filename)) + continue; diff --git a/cups.spec b/cups.spec index 15c4a4e..1a1a338 100644 --- a/cups.spec +++ b/cups.spec @@ -69,7 +69,12 @@ Patch100: cups-lspp.patch %endif #### UPSTREAM PATCHES (starts with 1000) #### +# backported from upstream Patch1000: cve-2020-10001-ippReadIO-buffer.patch +# 1921881 - [abrt] cups: __strcmp_avx2(): help.cgi killed by SIGSEGV +# help.cgi segfaulted because it compared NULL in strcmp() +# backported from upstream https://github.com/OpenPrinting/cups/pull/81 +Patch1001: cups-helpcgi-segfault.patch ##### Patches removed because IMHO they aren't no longer needed ##### but still I'll leave them in git in case their removal @@ -270,7 +275,11 @@ to CUPS daemon. This solution will substitute printer drivers and raw queues in %patch13 -p1 -b .dymo-deviceid # UPSTREAM PATCHES +# cve-2020-10001 %patch1000 -p1 -b .cve2020-10001 +# 1921881 - [abrt] cups: __strcmp_avx2(): help.cgi killed by SIGSEGV +%patch1001 -p1 -b .helpcgi-segfault + %if %{lspp} # LSPP support. @@ -679,6 +688,7 @@ rm -f %{cups_serverbin}/backend/smb * Mon Feb 01 2021 Zdenek Dohnal - 1:2.3.3op1-4 - fix for CVE-2020-10001 - recommend nss-mdns for Fedora to have a working default for now +- 1921881 - [abrt] cups: __strcmp_avx2(): help.cgi killed by SIGSEGV * Thu Jan 28 2021 Zdenek Dohnal - 1:2.3.3op1-3 - remove nss-mdns dependency - let the user decide whether use resolved or nss-mdns