diff --git a/.gitignore b/.gitignore index 15db994..38558af 100644 --- a/.gitignore +++ b/.gitignore @@ -61,3 +61,4 @@ cups-1.4.4-source.tar.bz2 /cups-1.7.2-source.tar.bz2 /cups-1.7.3-source.tar.bz2 /cups-1.7.4-source.tar.bz2 +/cups-1.7.5-source.tar.bz2 diff --git a/cups-1.7.4-source.tar.bz2.sig b/cups-1.7.4-source.tar.bz2.sig deleted file mode 100644 index 52c02ac..0000000 Binary files a/cups-1.7.4-source.tar.bz2.sig and /dev/null differ diff --git a/cups-1.7.5-source.tar.bz2.sig b/cups-1.7.5-source.tar.bz2.sig new file mode 100644 index 0000000..f165df5 Binary files /dev/null and b/cups-1.7.5-source.tar.bz2.sig differ diff --git a/cups-CVE-2014-5029-5030-5031.patch b/cups-CVE-2014-5029-5030-5031.patch deleted file mode 100644 index 44c11b7..0000000 --- a/cups-CVE-2014-5029-5030-5031.patch +++ /dev/null @@ -1,99 +0,0 @@ -From d40220801eec992804cb728d51228d19496fffd9 Mon Sep 17 00:00:00 2001 -From: msweet -Date: Tue, 22 Jul 2014 14:03:19 +0000 -Subject: [PATCH] Mirror changes from trunk. - -git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/branches/branch-1.7@12057 a1ca3aef-8c08-0410-bb20-df032aa958be ---- -diff --git a/scheduler/client.c b/scheduler/client.c -index e5959fa..366b351 100644 ---- a/scheduler/client.c -+++ b/scheduler/client.c -@@ -3310,7 +3310,7 @@ get_file(cupsd_client_t *con, /* I - Client connection */ - * then fallback to the default one... - */ - -- if ((status = stat(filename, filestats)) != 0 && language[0] && -+ if ((status = lstat(filename, filestats)) != 0 && language[0] && - strncmp(con->uri, "/icons/", 7) && - strncmp(con->uri, "/ppd/", 5) && - strncmp(con->uri, "/rss/", 5) && -@@ -3408,13 +3408,13 @@ get_file(cupsd_client_t *con, /* I - Client connection */ - plen = len - (ptr - filename); - - strlcpy(ptr, "index.html", plen); -- status = stat(filename, filestats); -+ status = lstat(filename, filestats); - - #ifdef HAVE_JAVA - if (status) - { - strlcpy(ptr, "index.class", plen); -- status = stat(filename, filestats); -+ status = lstat(filename, filestats); - } - #endif /* HAVE_JAVA */ - -@@ -3422,7 +3422,7 @@ get_file(cupsd_client_t *con, /* I - Client connection */ - if (status) - { - strlcpy(ptr, "index.pl", plen); -- status = stat(filename, filestats); -+ status = lstat(filename, filestats); - } - #endif /* HAVE_PERL */ - -@@ -3430,7 +3430,7 @@ get_file(cupsd_client_t *con, /* I - Client connection */ - if (status) - { - strlcpy(ptr, "index.php", plen); -- status = stat(filename, filestats); -+ status = lstat(filename, filestats); - } - #endif /* HAVE_PHP */ - -@@ -3438,18 +3438,39 @@ get_file(cupsd_client_t *con, /* I - Client connection */ - if (status) - { - strlcpy(ptr, "index.pyc", plen); -- status = stat(filename, filestats); -+ status = lstat(filename, filestats); - } - - if (status) - { - strlcpy(ptr, "index.py", plen); -- status = stat(filename, filestats); -+ status = lstat(filename, filestats); - } - #endif /* HAVE_PYTHON */ - - } - while (status && language[0]); -+ -+ /* -+ * If we've found a symlink, 404 the sucker to avoid disclosing information. -+ */ -+ -+ if (!status && S_ISLNK(filestats->st_mode)) -+ { -+ cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Symlinks such as \"%s\" are not allowed.", con->http.fd, filename); -+ return (NULL); -+ } -+ -+ /* -+ * Similarly, if the file/directory does not have world read permissions, do -+ * not allow access... -+ */ -+ -+ if (!status && !(filestats->st_mode & S_IROTH)) -+ { -+ cupsdLogMessage(CUPSD_LOG_INFO, "[Client %d] Files/directories such as \"%s\" must be world-readable.", con->http.fd, filename); -+ return (NULL); -+ } - } - - cupsdLogMessage(CUPSD_LOG_DEBUG2, --- -1.9.3 - diff --git a/cups-cgi.patch b/cups-cgi.patch deleted file mode 100644 index 3e92757..0000000 --- a/cups-cgi.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff -up cups-1.7.4/scheduler/client.c~ cups-1.7.4/scheduler/client.c ---- cups-1.7.4/scheduler/client.c~ 2014-07-18 13:34:25.243248601 +0100 -+++ cups-1.7.4/scheduler/client.c 2014-07-18 14:50:55.356614243 +0100 -@@ -3980,12 +3980,7 @@ pipe_command(cupsd_client_t *con, /* I - - argv[0] = command; - - if (options) -- { -- commptr = options; -- if (*commptr == ' ') -- commptr ++; -- strlcpy(argbuf, commptr, sizeof(argbuf)); -- } -+ strlcpy(argbuf, options, sizeof(argbuf)); - else - argbuf[0] = '\0'; - diff --git a/cups.spec b/cups.spec index c7abc06..a0b5127 100644 --- a/cups.spec +++ b/cups.spec @@ -10,8 +10,8 @@ Summary: CUPS printing system Name: cups Epoch: 1 -Version: 1.7.4 -Release: 3%{?dist} +Version: 1.7.5 +Release: 1%{?dist} License: GPLv2 Url: http://www.cups.org/ Source: http://www.cups.org/software/%{version}/cups-%{version}-source.tar.bz2 @@ -65,8 +65,6 @@ Patch36: cups-web-devices-timeout.patch Patch37: cups-final-content-type.patch Patch38: cups-journal.patch Patch39: cups-synconclose.patch -Patch40: cups-cgi.patch -Patch41: cups-CVE-2014-5029-5030-5031.patch Patch100: cups-lspp.patch @@ -254,10 +252,6 @@ Sends IPP requests to the specified URI and tests and/or displays the results. %patch38 -p1 -b .journal # Set the default for SyncOnClose to Yes. %patch39 -p1 -b .synconclose -# Fix CGI handling (STR #4454). -%patch40 -p1 -b .cgi -# CVE-2014-5029, CVE-2014-5030, CVE-2014-5031 (#1122601) -%patch41 -p1 -b .CVE-2014-5029-5030-5031 %if %lspp # LSPP support. @@ -646,6 +640,9 @@ rm -f %{cups_serverbin}/backend/smb %{_mandir}/man5/ipptoolfile.5.gz %changelog +* Fri Aug 01 2014 Jiri Popelka - 1:1.7.5-1 +- 1.7.5 + * Wed Jul 23 2014 Jiri Popelka - 1:1.7.4-3 - CVE-2014-5029, CVE-2014-5030, CVE-2014-5031 (#1122601) diff --git a/sources b/sources index 9310299..b992fc5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1a2295c2b2d2f422db2e50f40ed2fb99 cups-1.7.4-source.tar.bz2 +5d893edc2957005f78e2b2423fdace2e cups-1.7.5-source.tar.bz2