Trang chủ Khám phá Trợ giúp
Đăng nhập
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Các tập tin
Browse Source

package/cups: add upstream security fix for CVE-2023-4504

Fixes CVE-2023-4504: Postscript Parsing Heap Overflow

https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h
https://takeonme.org/cves/CVE-2023-4504.html

There is a 2.4.7 release with this fix, but upstream unfortunately broke
!gnutls builds, so backport the security fix instead:

https://github.com/OpenPrinting/cups/issues/762

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b9d9497019f0caa3388f51c458a2469fdeefd146)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard 1 năm trước cách đây
mục cha
5f56122cd0
commit
ff02d18d29
2 tập tin đã thay đổi với 48 bổ sung0 xóa
Split View Hiển thị tình trạng sai khác
  1. 45 0
      package/cups/0005-raster-interpret.c-Fix-CVE-2023-4504.patch
  2. 3 0
      package/cups/cups.mk

+ 45 - 0
package/cups/0005-raster-interpret.c-Fix-CVE-2023-4504.patch
Xem Tập Tin 

@@ -0,0 +1,45 @@
 
+From 2431caddb7e6a87f04ac90b5c6366ad268b6ff31 Mon Sep 17 00:00:00 2001
 
+From: Zdenek Dohnal <zdohnal@redhat.com>
 
+Date: Wed, 20 Sep 2023 14:45:17 +0200
 
+Subject: [PATCH] raster-interpret.c: Fix CVE-2023-4504
 
+
 
+We didn't check for end of buffer if it looks there is an escaped
 
+character - check for NULL terminator there and if found, return NULL
 
+as return value and in `ptr`, because a lone backslash is not
 
+a valid PostScript character.
 
+
 
+Upstream: https://github.com/OpenPrinting/cups/commit/2431caddb7e6a87f04ac90b5c6366ad268b6ff31
 
+[Peter: drop CHANGES hunk]
 
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 
+---
 
+ cups/raster-interpret.c | 14 +++++++++++++-
 
+ 1 file changed, 14 insertions(+), 1 deletion(-)
 
+
 
+diff --git a/cups/raster-interpret.c b/cups/raster-interpret.c
 
+index 6fcf731b5..b8655c8c6 100644
 
+--- a/cups/raster-interpret.c
 
++++ b/cups/raster-interpret.c
 
+@@ -1116,7 +1116,19 @@ scan_ps(_cups_ps_stack_t *st,		/* I  - Stack */
 
+ 
+ 	    cur ++;
 
+ 
+-            if (*cur == 'b')
 
++	   /*
 
++	    * Return NULL if we reached NULL terminator, a lone backslash
 
++	    * is not a valid character in PostScript.
 
++	    */
 
++
 
++	    if (!*cur)
 
++	    {
 
++	      *ptr = NULL;
 
++
 
++	      return (NULL);
 
++	    }
 
++
 
++	    if (*cur == 'b')
 
+ 	      *valptr++ = '\b';
 
+ 	    else if (*cur == 'f')
 
+ 	      *valptr++ = '\f';
 
+-- 
+2.30.2
 
+

+ 3 - 0
package/cups/cups.mk
Xem Tập Tin 

@@ -13,6 +13,9 @@ CUPS_CPE_ID_VENDOR = openprinting
 
 CUPS_SELINUX_MODULES = cups
 
 CUPS_INSTALL_STAGING = YES
 
 
+# 0005-raster-interpret.c-Fix-CVE-2023-4504.patch
 
+CUPS_IGNORE_CVES += CVE-2023-4504
 
+
 
 # Using autoconf, not autoheader, so we cannot use AUTORECONF = YES.
 
 define CUPS_RUN_AUTOCONF
 
 	cd $(@D); $(AUTOCONF) -f