mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-07 16:59:22 +00:00
Code Issues Projects Releases Wiki Activity

cups: Upgrade 2.4.6 -> 2.4.7

Browse Source 
- enable tls by default to fix:
| hash.c:16:12: fatal error: gnutls/crypto.h: No such file or directory
|    16 | #  include <gnutls/crypto.h>

Changes in CUPS v2.4.7 (2023-09-20)
-----------------------------------

- CVE-2023-4504 - Fixed Heap-based buffer overflow when reading Postscript
  in PPD files
- Added OpenSSL support for cupsHashData (Issue #762)
- Fixed delays in lpd backend (Issue #741)
- Fixed extensive logging in scheduler (Issue #604)
- Fixed hanging of `lpstat` on IBM AIX (Issue #773)
- Fixed hanging of `lpstat` on Solaris (Issue #156)
- Fixed printing to stderr if we can't open cups-files.conf (Issue #777)
- Fixed purging job files via `cancel -x` (Issue #742)
- Fixed RFC 1179 port reserving behavior in LPD backend (Issue #743)
- Fixed a bug in the PPD command interpretation code (Issue #768)

(From OE-Core rev: 0e33d6fc646e76390e5bf8a0f7b38bd15c83729c)

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Markus Volk
2023-11-13 21:31:57 +01:00
committed by Richard Purdie
parent fc5cb5ce35
commit 35fa9488cb
3 changed files with 6 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-extended/cups/cups.inc
+5 -3
View File
@@ -15,7 +15,6 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/cups-${PV}-source.tar.gz \
file://0004-cups-fix-multilib-install-file-conflicts.patch \
file://volatiles.99_cups \
file://cups-volatiles.conf \
file://CVE-2023-4504.patch \
"
GITHUB_BASE_URI = "https://github.com/OpenPrinting/cups/releases"
@@ -38,10 +37,13 @@ GROUPADD_PARAM:${PN} = "--system lpadmin"
SYSTEMD_SERVICE:${PN} = "cups.socket cups.path cups.service cups-lpd.socket"
PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'zeroconf', 'avahi', '', d)} \
${@bb.utils.filter('DISTRO_FEATURES', 'pam systemd', d)}"
${@bb.utils.filter('DISTRO_FEATURES', 'pam systemd', d)} \
openssl \
"
PACKAGECONFIG[avahi] = "--with-dnssd=avahi,--with-dnssd=no,avahi"
PACKAGECONFIG[acl] = "--enable-acl,--disable-acl,acl"
PACKAGECONFIG[gnutls] = "--with-tls=gnutls,--with-tls=no,gnutls"
PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls,,,openssl"
PACKAGECONFIG[openssl] = "--with-tls=openssl,,openssl,,,gnutls"
PACKAGECONFIG[pam] = "--enable-pam --with-pam-module=unix, --disable-pam, libpam"
PACKAGECONFIG[systemd] = "--with-systemd=${systemd_system_unitdir},--without-systemd,systemd"
PACKAGECONFIG[xinetd] = "--with-xinetd=${sysconfdir}/xinetd.d,--without-xinetd,xinetd"
meta/recipes-extended/cups/cups/CVE-2023-4504.patch
-42
View File
@@ -1,42 +0,0 @@
CVE: CVE-2023-4504
Upstream-Status: Backport [https://github.com/OpenPrinting/cups/commit/2431caddb7e6a87f04ac90b5c6366ad268b6ff31 ]
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
From 2431caddb7e6a87f04ac90b5c6366ad268b6ff31 Mon Sep 17 00:00:00 2001
From: Zdenek Dohnal <zdohnal@redhat.com>
Date: Wed, 20 Sep 2023 14:45:17 +0200
Subject: [PATCH] raster-interpret.c: Fix CVE-2023-4504
We didn't check for end of buffer if it looks there is an escaped
character - check for NULL terminator there and if found, return NULL
as return value and in `ptr`, because a lone backslash is not
a valid PostScript character.
---
cups/raster-interpret.c | 14 +++++++++++++-
1 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/cups/raster-interpret.c b/cups/raster-interpret.c
index 6fcf731b5..b8655c8c6 100644
--- a/cups/raster-interpret.c
+++ b/cups/raster-interpret.c
@@ -1116,7 +1116,19 @@ scan_ps(_cups_ps_stack_t *st, /* I - Stack */
cur ++;
- if (*cur == 'b')
+ /*
+ * Return NULL if we reached NULL terminator, a lone backslash
+ * is not a valid character in PostScript.
+ */
+
+ if (!*cur)
+ {
+ *ptr = NULL;
+
+ return (NULL);
+ }
+
+ if (*cur == 'b')
*valptr++ = '\b';
else if (*cur == 'f')
*valptr++ = '\f';
meta/recipes-extended/cups/cups_2.4.6.bb → meta/recipes-extended/cups/cups_2.4.7.bb
+1 -1
View File
@@ -2,4 +2,4 @@ require cups.inc
LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
SRC_URI[sha256sum] = "58e970cf1955e1cc87d0847c32526d9c2ccee335e5f0e3882b283138ba0e7262"
SRC_URI[sha256sum] = "dd54228dd903526428ce7e37961afaed230ad310788141da75cebaa08362cf6c"