#2 Apply proper upstream patch instead of master for better maintainability
Merged 4 years ago by thozza. Opened 4 years ago by landgraf.
rpms/ landgraf/cups CVE-2017-18248-f28_master  into  master

@@ -0,0 +1,28 @@ 

+ diff --git a/scheduler/ipp.c b/scheduler/ipp.c

+ index 02dc392..9aa8b80 100644

+ --- a/scheduler/ipp.c

+ +++ b/scheduler/ipp.c

+ @@ -1636,6 +1636,14 @@ add_job(cupsd_client_t  *con,		/* I - Client connection */

+      return (NULL);

+    }

+  

+ +  if (attr && !ippValidateAttribute(attr))

+ +  {

+ +    send_ipp_status(con, IPP_ATTRIBUTES, _("Bad requesting-user-name value: %s"), cupsLastErrorString());

+ +    if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)

+ +      attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;

+ +    return (NULL);

+ +  }

+ +

+  #ifdef WITH_LSPP

+    if (is_lspp_config())

+    {

+ @@ -1736,6 +1744,8 @@ add_job(cupsd_client_t  *con,		/* I - Client connection */

+    }

+  #endif /* WITH_LSPP */

+  

+ +

+ +

+    if ((job = cupsdAddJob(priority, printer->name)) == NULL)

+    {

+      send_ipp_status(con, IPP_INTERNAL_ERROR,

@@ -1,54 +0,0 @@ 

- diff --git a/scheduler/ipp.c b/scheduler/ipp.c

- index 02dc392..0fc2d07 100644

- --- a/scheduler/ipp.c

- +++ b/scheduler/ipp.c

- @@ -1615,15 +1615,30 @@

-                      _("Bad job-name value: Wrong type or count."));

-      if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)

-        attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;

- +

- +    if (StrictConformance)

-      return (NULL);

- +

- +    /* Don't use invalid attribute */

- +    ippDeleteAttribute(con->request, attr);

- +

- +    ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "job-name", NULL, "Untitled");

-    }

-    else if (!ippValidateAttribute(attr))

-    {

-      send_ipp_status(con, IPP_ATTRIBUTES, _("Bad job-name value: %s"),

-                      cupsLastErrorString());

- +

-      if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)

-        attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;

- +

- +    if (StrictConformance)

-      return (NULL);

- +

- +    /* Don't use invalid attribute */

- +    ippDeleteAttribute(con->request, attr);

- +

- +    ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "job-name", NULL, "Untitled");

-    }

-  

-    attr = ippFindAttribute(con->request, "requesting-user-name", IPP_TAG_NAME);

- @@ -1631,9 +1646,17 @@ add_job(cupsd_client_t  *con,		/* I - Client connection */

-    if (attr && !ippValidateAttribute(attr))

-    {

-      send_ipp_status(con, IPP_ATTRIBUTES, _("Bad requesting-user-name value: %s"), cupsLastErrorString());

- +

-      if ((attr = ippCopyAttribute(con->response, attr, 0)) != NULL)

-        attr->group_tag = IPP_TAG_UNSUPPORTED_GROUP;

- -    return (NULL);

- +

- +    if (StrictConformance)

- +      return (NULL);

- +

- +    /* Don't use invalid attribute */

- +    ippDeleteAttribute(con->request, attr);

- +

- +    attr = ippAddString(con->request, IPP_TAG_JOB, IPP_TAG_NAME, "reqeusting-user-name", NULL, "anonymous");

-    }

-  

-  #ifdef WITH_LSPP

file modified
+5 -3
@@ -15,7 +15,7 @@ 

  Name: cups

  Epoch: 1

  Version: 2.2.6

- Release: 12%{?dist}

+ Release: 13%{?dist}

  License: GPLv2

  Url: http://www.cups.org/

  Source0: https://github.com/apple/cups/releases/download/v%{VERSION}/cups-%{VERSION}-source.tar.gz
@@ -62,7 +62,7 @@ 

  Patch37: cups-synconclose.patch

  Patch38: cups-ypbind.patch

  Patch39: cups-moved-logs.patch

- Patch40: cups-delete_invalid_attrs.patch

+ Patch40: cups-dbus_crash.patch

  

  Patch100: cups-lspp.patch

  
@@ -190,7 +190,6 @@ 

  

  %prep

  %setup -q -n cups-%{VERSION}

- 

  # Don't gzip man pages in the Makefile, let rpmbuild do it.

  %patch1 -p1 -b .no-gzip-man

  # Use the system pam configuration.
@@ -660,6 +659,9 @@ 

  %{_mandir}/man5/ipptoolfile.5.gz

  

  %changelog

+ * Thu Mar 29 2018 Pavel Zhukov <pzhukov@redhat.com> - 1:2.2.6-13

+ - Use dbus fix instead of general attr delete (upstream)

+ 

  * Wed Mar 28 2018 Pavel Zhukov <pzhukov@redhat.com> - 1:2.2.6-12

  - Fix for CVE-2017-18248