diff options
author | Timo Gurr <tgurr@gentoo.org> | 2011-08-25 01:02:49 +0000 |
---|---|---|
committer | Timo Gurr <tgurr@gentoo.org> | 2011-08-25 01:02:49 +0000 |
commit | 44e6df3efcf4df9dd1b73f98230ee9f17cddfe38 (patch) | |
tree | b5496cbc44cf3a477fc74a5610b2a6b25c47934c /net-print | |
parent | Version bump (diff) | |
download | gentoo-2-44e6df3efcf4df9dd1b73f98230ee9f17cddfe38.tar.gz gentoo-2-44e6df3efcf4df9dd1b73f98230ee9f17cddfe38.tar.bz2 gentoo-2-44e6df3efcf4df9dd1b73f98230ee9f17cddfe38.zip |
Revbumps fixing security issue CVE-2011-2896. Remove old.
(Portage version: 2.2.0_alpha51/cvs/Linux x86_64)
Diffstat (limited to 'net-print')
-rw-r--r-- | net-print/cups/ChangeLog | 12 | ||||
-rw-r--r-- | net-print/cups/cups-1.4.8-r1.ebuild (renamed from net-print/cups/cups-1.4.6-r21.ebuild) | 59 | ||||
-rw-r--r-- | net-print/cups/cups-1.4.8-r21.ebuild (renamed from net-print/cups/cups-1.4.8.ebuild) | 4 | ||||
-rw-r--r-- | net-print/cups/cups-1.5.0-r1.ebuild (renamed from net-print/cups/cups-1.5.0.ebuild) | 4 | ||||
-rw-r--r-- | net-print/cups/files/cups-1.4.8-CVE-2011-2896.patch | 37 |
5 files changed, 69 insertions, 47 deletions
diff --git a/net-print/cups/ChangeLog b/net-print/cups/ChangeLog index 2994faeb25bc..d0a39b73103c 100644 --- a/net-print/cups/ChangeLog +++ b/net-print/cups/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for net-print/cups # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.427 2011/08/17 20:28:56 dilfridge Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.428 2011/08/25 01:02:49 tgurr Exp $ + +*cups-1.5.0-r1 (25 Aug 2011) +*cups-1.4.8-r21 (25 Aug 2011) +*cups-1.4.8-r1 (25 Aug 2011) + + 25 Aug 2011; Timo Gurr <tgurr@gentoo.org> -cups-1.4.6-r21.ebuild, + -cups-1.4.8.ebuild, +cups-1.4.8-r1.ebuild, +cups-1.4.8-r21.ebuild, + +files/cups-1.4.8-CVE-2011-2896.patch, -cups-1.5.0.ebuild, + +cups-1.5.0-r1.ebuild: + Revbumps fixing security issue CVE-2011-2896. Remove old. *cups-1.5.0 (17 Aug 2011) *cups-1.4.8 (17 Aug 2011) diff --git a/net-print/cups/cups-1.4.6-r21.ebuild b/net-print/cups/cups-1.4.8-r1.ebuild index 6d4343ac78cf..8a6f59700875 100644 --- a/net-print/cups/cups-1.4.6-r21.ebuild +++ b/net-print/cups/cups-1.4.8-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.4.6-r21.ebuild,v 1.2 2011/06/06 21:54:07 dilfridge Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.4.8-r1.ebuild,v 1.1 2011/08/25 01:02:49 tgurr Exp $ EAPI=3 @@ -17,7 +17,7 @@ SRC_URI="mirror://easysw/${PN}/${PV}/${MY_P}-source.tar.bz2" LICENSE="GPL-2" SLOT="0" KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd" -IUSE="acl dbus debug gnutls java +jpeg kerberos ldap pam perl php +png python samba slp +ssl static-libs +threads +tiff usb X xinetd" +IUSE="acl dbus debug gnutls java +jpeg kerberos ldap pam perl php +png python samba slp +ssl static-libs +threads +tiff X xinetd" LANGS="da de es eu fi fr id it ja ko nl no pl pt pt_BR ru sv zh zh_TW" for X in ${LANGS} ; do @@ -50,7 +50,6 @@ RDEPEND=" !gnutls? ( >=dev-libs/openssl-0.9.8g ) ) tiff? ( >=media-libs/tiff-3.5.5 ) - usb? ( virtual/libusb:0 ) X? ( x11-misc/xdg-utils ) xinetd? ( sys-apps/xinetd ) !net-print/cupsddk @@ -81,49 +80,21 @@ pkg_setup() { python_pkg_setup fi - if use usb; then - elog "You are going to use new libusb backed to access your usb printer." - elog "This interface has quite few known issues and does not report all" - elog "issues and just refuses to print." - elog "Please consider disabling usb useflag if you are having issues." - elog - elog "Please note that if you disable the usb useflag your device will be" - elog "still working using kernel usblp interface instead of libusb." - echo - fi - linux-info_pkg_setup if ! linux_config_exists; then ewarn "Can't check the linux kernel configuration." ewarn "You might have some incompatible options enabled." else - # recheck that we don't have usblp to collide with libusb - if use usb; then - if linux_chkconfig_present USB_PRINTER; then - eerror "Your usb printers will be managed via libusb which collides with kernel module." - eerror "${P} requires the USB_PRINTER support disabled." - eerror "Please disable it:" - eerror " CONFIG_USB_PRINTER=n" - eerror "in /usr/src/linux/.config or" - eerror " Device Drivers --->" - eerror " USB support --->" - eerror " [ ] USB Printer support" - eerror "Alternatively, just disable the usb useflag for cups (your printer will still work)." - die "USB_PRINTER module enabled" - fi - else - #here we should warn user that he should enable it so he can print - if ! linux_chkconfig_present USB_PRINTER; then - ewarn "If you plan to use USB printers you should enable the USB_PRINTER" - ewarn "support in your kernel." - ewarn "Please enable it:" - ewarn " CONFIG_USB_PRINTER=y" - ewarn "in /usr/src/linux/.config or" - ewarn " Device Drivers --->" - ewarn " USB support --->" - ewarn " [*] USB Printer support" - ewarn "Alternatively, enable the usb useflag for cups and use the new, less-tested libusb code." - fi + #here we should warn user that he should enable it so he can print + if ! linux_chkconfig_present USB_PRINTER; then + ewarn "If you plan to use USB printers you should enable the USB_PRINTER" + ewarn "support in your kernel." + ewarn "Please enable it:" + ewarn " CONFIG_USB_PRINTER=y" + ewarn "in /usr/src/linux/.config or" + ewarn " Device Drivers --->" + ewarn " USB support --->" + ewarn " [*] USB Printer support" fi fi } @@ -139,8 +110,8 @@ src_prepare() { epatch "${FILESDIR}/${PN}-1.4.4-perl-includes.patch" epatch "${FILESDIR}/${PN}-1.4.6-force-gnutls.patch" epatch "${FILESDIR}/${PN}-1.4.6-serialize-gnutls.patch" - # interface hangs using some browsers, bug #325871 - epatch "${FILESDIR}/${PN}-1.4.6-web-hang.patch" + # security fixes + epatch "${FILESDIR}/${PN}-1.4.8-CVE-2011-2896.patch" AT_M4DIR=config-scripts eaclocal eautoconf @@ -199,13 +170,13 @@ src_configure() { $(use_enable slp) \ $(use_enable static-libs static) \ $(use_enable tiff) \ - $(use_enable usb libusb) \ $(use_with java) \ $(use_with perl) \ $(use_with php) \ $(use_with python) \ $(use_with xinetd xinetd /etc/xinetd.d) \ --enable-libpaper \ + --disable-libusb \ --disable-dnssd \ ${myconf} diff --git a/net-print/cups/cups-1.4.8.ebuild b/net-print/cups/cups-1.4.8-r21.ebuild index c781a10b3356..a0c72859940b 100644 --- a/net-print/cups/cups-1.4.8.ebuild +++ b/net-print/cups/cups-1.4.8-r21.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.4.8.ebuild,v 1.1 2011/08/17 20:28:56 dilfridge Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.4.8-r21.ebuild,v 1.1 2011/08/25 01:02:49 tgurr Exp $ EAPI=3 @@ -139,6 +139,8 @@ src_prepare() { epatch "${FILESDIR}/${PN}-1.4.4-perl-includes.patch" epatch "${FILESDIR}/${PN}-1.4.6-force-gnutls.patch" epatch "${FILESDIR}/${PN}-1.4.6-serialize-gnutls.patch" + # security fixes + epatch "${FILESDIR}/${PN}-1.4.8-CVE-2011-2896.patch" AT_M4DIR=config-scripts eaclocal eautoconf diff --git a/net-print/cups/cups-1.5.0.ebuild b/net-print/cups/cups-1.5.0-r1.ebuild index 0714534d62b7..8f33d42a6464 100644 --- a/net-print/cups/cups-1.5.0.ebuild +++ b/net-print/cups/cups-1.5.0-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.5.0.ebuild,v 1.1 2011/08/17 20:28:56 dilfridge Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.5.0-r1.ebuild,v 1.1 2011/08/25 01:02:49 tgurr Exp $ # # See http://git.overlays.gentoo.org/gitweb/?p=dev/dilfridge.git;a=blob;f=net-print/cups/notes.txt;hb=HEAD @@ -141,6 +141,8 @@ src_prepare() { epatch "${FILESDIR}/${PN}-1.4.4-nostrip.patch" epatch "${FILESDIR}/${PN}-1.4.4-php-destdir.patch" epatch "${FILESDIR}/${PN}-1.4.4-perl-includes.patch" + # security fixes + epatch "${FILESDIR}/${PN}-1.4.8-CVE-2011-2896.patch" AT_M4DIR=config-scripts eaclocal eautoconf diff --git a/net-print/cups/files/cups-1.4.8-CVE-2011-2896.patch b/net-print/cups/files/cups-1.4.8-CVE-2011-2896.patch new file mode 100644 index 000000000000..843456f2eebd --- /dev/null +++ b/net-print/cups/files/cups-1.4.8-CVE-2011-2896.patch @@ -0,0 +1,37 @@ +Source: Upstream http://cups.org/str.php?L3914 +Reason: Avoid GIF reader loop (CVE-2011-2896) +Upstream: Fixed in trunk + +diff -up cups-1.4.8/filter/image-gif.c.CVE-2011-2896 cups-1.4.8/filter/image-gif.c +--- cups-1.4.8/filter/image-gif.c.CVE-2011-2896 2011-06-20 21:37:51.000000000 +0100 ++++ cups-1.4.8/filter/image-gif.c 2011-08-19 11:33:37.547911212 +0100 +@@ -648,11 +648,13 @@ gif_read_lzw(FILE *fp, /* I - File to + + if (code == max_code) + { +- *sp++ = firstcode; +- code = oldcode; ++ if (sp < (stack + 8192)) ++ *sp++ = firstcode; ++ ++ code = oldcode; + } + +- while (code >= clear_code) ++ while (code >= clear_code && sp < (stack + 8192)) + { + *sp++ = table[1][code]; + if (code == table[0][code]) +@@ -661,8 +663,10 @@ gif_read_lzw(FILE *fp, /* I - File to + code = table[0][code]; + } + +- *sp++ = firstcode = table[1][code]; +- code = max_code; ++ if (sp < (stack + 8192)) ++ *sp++ = firstcode = table[1][code]; ++ ++ code = max_code; + + if (code < 4096) + { |