summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHeinrich Wendel <lanius@gentoo.org>2004-11-01 14:37:18 +0000
committerHeinrich Wendel <lanius@gentoo.org>2004-11-01 14:37:18 +0000
commitf8d9782d96968bb97be12667cea4f4dd2cf9f695 (patch)
tree8235522ba248d71835d4dc52f43cf2a07887b33b /net-print/cups
parentarm stable (diff)
downloadhistorical-f8d9782d96968bb97be12667cea4f4dd2cf9f695.tar.gz
historical-f8d9782d96968bb97be12667cea4f4dd2cf9f695.tar.bz2
historical-f8d9782d96968bb97be12667cea4f4dd2cf9f695.zip
fix secrutiy issue in pdftops, bug #69662
Diffstat (limited to 'net-print/cups')
-rw-r--r--net-print/cups/ChangeLog8
-rw-r--r--net-print/cups/Manifest11
-rw-r--r--net-print/cups/cups-1.1.20-r5.ebuild124
-rw-r--r--net-print/cups/cups-1.1.22.ebuild (renamed from net-print/cups/cups-1.1.21-r2.ebuild)6
-rw-r--r--net-print/cups/files/cups-1.1.20-xpdf2-underflow.patch81
-rw-r--r--net-print/cups/files/cups-1.1.22-xpdf2-underflow.patch81
-rw-r--r--net-print/cups/files/digest-cups-1.1.20-r51
-rw-r--r--net-print/cups/files/digest-cups-1.1.21-r21
-rw-r--r--net-print/cups/files/digest-cups-1.1.221
-rw-r--r--net-print/cups/files/xpdf-goo-sizet.patch57
10 files changed, 363 insertions, 8 deletions
diff --git a/net-print/cups/ChangeLog b/net-print/cups/ChangeLog
index 4d6c484aaab3..fb297743111d 100644
--- a/net-print/cups/ChangeLog
+++ b/net-print/cups/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for net-print/cups
# Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.93 2004/10/21 14:02:38 lanius Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-print/cups/ChangeLog,v 1.94 2004/11/01 14:37:18 lanius Exp $
+
+*cups-1.1.22 (01 Nov 2004)
+
+ 01 Nov 2004; <heino@gentoo.org> +files/xpdf-goo-sizet.patch,
+ +cups-1.1.20-r5.ebuild, -cups-1.1.21-r2.ebuild, +cups-1.1.22.ebuild:
+ fix secrutiy issue in pdftops, bug #69662
*cups-1.1.21-r2 (21 Oct 2004)
diff --git a/net-print/cups/Manifest b/net-print/cups/Manifest
index f07a366c9033..02e78bd6ebbf 100644
--- a/net-print/cups/Manifest
+++ b/net-print/cups/Manifest
@@ -1,18 +1,23 @@
MD5 f27f8d0bb2f59bb9b52e827c5106959a cups-1.1.20-r4.ebuild 3534
+MD5 7b0b1fe6e058c12e37293d58503c3d7f cups-1.1.22.ebuild 3886
MD5 e270118520bdf5e46c568047cea6eb0d cups-1.1.20-r3.ebuild 3460
-MD5 6c2fc017ffacc66b52650b522cc90eda cups-1.1.21-r2.ebuild 3872
-MD5 239e69686923c7a89b86b6ff78e7c9f9 ChangeLog 12335
+MD5 b22861e9295dce3cff78f2f69fa9ab7a cups-1.1.20-r5.ebuild 3659
+MD5 d2d38298608218cd5d9edd914460b77f ChangeLog 12542
MD5 26b4b081d538c195dc39bcb2ec8e6f3a metadata.xml 161
+MD5 85bc20d893f097ef0f13947179c3838c files/cups-1.1.22-xpdf2-underflow.patch 2301
MD5 1219d8139b95119054d7744f6dea85a6 files/str920.patch 5795
MD5 ff2fde0af36236ae1813438275525fa2 files/cups-1.1.21-xpdf-CESA-2004-007.patch.bz2 966
MD5 d7e6454c7e8062203b324c5f6a1a2c65 files/cupsd.rc6 515
MD5 fbd28fb7593c247a7151704df5a253ea files/cups-1.1.20-zero-len-udp-dos.patch 965
MD5 7242b8a2000fe4c5a2b398e6602f7f1c files/cups.pam 234
+MD5 bef8c5e9724acac435ca092c232685f8 files/digest-cups-1.1.22 72
MD5 baaa1e0bc63f959779998f5e57de6f9d files/digest-cups-1.1.20-r3 72
MD5 baaa1e0bc63f959779998f5e57de6f9d files/digest-cups-1.1.20-r4 72
-MD5 91e81d96543dd250e610b0d542becb3a files/digest-cups-1.1.21-r2 72
+MD5 baaa1e0bc63f959779998f5e57de6f9d files/digest-cups-1.1.20-r5 72
MD5 7bce495a238ee9dbebb61496f3b3ae51 files/disable-strip.patch 422
MD5 152f70bcd644a5da56756b8b82193d10 files/cups-1.1.20-str633.patch 268
MD5 04f90143ff0dc0329b242a1f955af20e files/cups-1.1.20-xpdf-CESA-2004-007.patch.bz2 968
MD5 e8608b3605ae84d0f10dbc635d65292a files/cupsd.conf-1.1.18 20538
+MD5 2fce5bedd61300fad1566a41f991a782 files/xpdf-goo-sizet.patch 1424
+MD5 ef32d65c7ec41690574a92d2436366df files/cups-1.1.20-xpdf2-underflow.patch 2295
MD5 b041836e6ee51876ca7ec86869643018 files/cups.xinetd 368
diff --git a/net-print/cups/cups-1.1.20-r5.ebuild b/net-print/cups/cups-1.1.20-r5.ebuild
new file mode 100644
index 000000000000..4d9d0172530d
--- /dev/null
+++ b/net-print/cups/cups-1.1.20-r5.ebuild
@@ -0,0 +1,124 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.1.20-r5.ebuild,v 1.1 2004/11/01 14:37:18 lanius Exp $
+
+inherit eutils flag-o-matic
+
+DESCRIPTION="The Common Unix Printing System"
+HOMEPAGE="http://www.cups.org/"
+SRC_URI="ftp://ftp.easysw.com/pub/cups/${PV}/${P}-source.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="x86 ~ppc ~sparc ~mips ~alpha ~arm ~hppa ~amd64 ~ia64 ~s390 ~ppc64"
+IUSE="ssl slp pam"
+
+DEP="virtual/libc
+ pam? ( >=sys-libs/pam-0.75 )
+ ssl? ( >=dev-libs/openssl-0.9.6b )
+ slp? ( >=net-libs/openslp-1.0.4 )
+ >=media-libs/libpng-1.2.1
+ >=media-libs/tiff-3.5.5
+ >=media-libs/jpeg-6b"
+DEPEND="${DEP}
+ >=sys-devel/autoconf-2.58"
+RDEPEND="${DEP}
+ !virtual/lpr"
+PROVIDE="virtual/lpr"
+
+src_unpack() {
+ unpack ${A}
+ cd ${S}
+ epatch ${FILESDIR}/disable-strip.patch
+ epatch ${FILESDIR}/${P}-str633.patch
+ epatch ${FILESDIR}/${P}-zero-len-udp-dos.patch
+ epatch ${FILESDIR}/str920.patch
+ ( cd pdftops; epatch ${FILESDIR}/${P}-xpdf-CESA-2004-007.patch.bz2 )
+ ( cd pdftops; epatch ${FILESDIR}/xpdf-goo-sizet.patch )
+ ( cd pdftops; epatch ${FILESDIR}/${P}-xpdf2-underflow.patch )
+ WANT_AUTOCONF=2.5 autoconf || die
+}
+
+src_compile() {
+ filter-flags -fomit-frame-pointer
+
+ local myconf
+ use amd64 && replace-flags -Os -O2
+ use pam || myconf="${myconf} --disable-pam"
+ use ssl || myconf="${myconf} --disable-ssl"
+ use slp || myconf="${myconf} --disable-slp"
+
+ ./configure \
+ --with-cups-user=lp \
+ --with-cups-group=lp \
+ --host=${CHOST} ${myconf} || die "bad ./configure"
+
+ make || die "compile problem"
+}
+
+src_install() {
+ dodir /var/spool /var/log/cups /etc/cups
+
+ make \
+ LOCALEDIR=${D}/usr/share/locale \
+ DOCDIR=${D}/usr/share/cups/docs \
+ REQUESTS=${D}/var/spool/cups \
+ SERVERBIN=${D}/usr/$(get_libdir)/cups \
+ DATADIR=${D}/usr/share/cups \
+ INCLUDEDIR=${D}/usr/include \
+ AMANDIR=${D}/usr/share/man \
+ PMANDIR=${D}/usr/share/man \
+ MANDIR=${D}/usr/share/man \
+ SERVERROOT=${D}/etc/cups \
+ LOGDIR=${D}/var/log/cups \
+ SBINDIR=${D}/usr/sbin \
+ PAMDIR=${D}/etc/pam.d \
+ EXEC_PREFIX=${D}/usr \
+ LIBDIR=${D}/usr/$(get_libdir) \
+ BINDIR=${D}/usr/bin \
+ bindir=${D}/usr/bin \
+ INITDIR=${D}/etc \
+ PREFIX=${D} \
+ install || die "install problem"
+
+ dodoc {CHANGES,CREDITS,ENCRYPTION,LICENSE,README}.txt
+ dosym /usr/share/cups/docs /usr/share/doc/${PF}/html
+
+ #seems nobody installs it like this anymore.. security risk?
+ #fowners lp.root /usr/bin/lppasswd
+ #fperms 4755 /usr/bin/lppasswd
+
+ # cleanups
+ rm -rf ${D}/etc/init.d
+ rm -rf ${D}/etc/pam.d
+ rm -rf ${D}/etc/rc*
+ rm -rf ${D}/usr/share/man/cat*
+ rm -rf ${D}/etc/cups/{certs,interfaces,ppd}
+ rm -rf ${D}/var
+
+ sed -i -e "s:^#\(DocumentRoot\).*:\1 /usr/share/cups/docs:" \
+ -e "s:^#\(SystemGroup\).*:\1 lp:" \
+ -e "s:^#\(User\).*:\1 lp:" \
+ -e "s:^#\(Group\).*:\1 lp:" \
+ ${D}/etc/cups/cupsd.conf
+
+ insinto /etc/pam.d ; newins ${FILESDIR}/cups.pam cups
+ exeinto /etc/init.d ; newexe ${FILESDIR}/cupsd.rc6 cupsd
+ insinto /etc/xinetd.d ; newins ${FILESDIR}/cups.xinetd cups-lpd
+
+ #insinto /etc/cups; newins ${FILESDIR}/cupsd.conf-1.1.18 cupsd.conf
+}
+
+pkg_postinst() {
+ install -d -m0755 ${ROOT}/var/log/cups
+ install -d -m0755 ${ROOT}/var/spool
+ install -m0700 -o lp -d ${ROOT}/var/spool/cups
+ install -m1700 -o lp -d ${ROOT}/var/spool/cups/tmp
+ install -m0711 -o lp -d ${ROOT}/etc/cups/certs
+ install -d -m0755 ${ROOT}/etc/cups/{interfaces,ppd}
+
+ einfo "If you're using a USB printer, \"emerge hotplug; rc-update add"
+ einfo "hotplug default\" is something you should probably do. This"
+ einfo "will allow any USB kernel modules (if present) to be loaded"
+ einfo "automatically at boot."
+}
diff --git a/net-print/cups/cups-1.1.21-r2.ebuild b/net-print/cups/cups-1.1.22.ebuild
index 0f936acbe4dd..c93e4ac6713c 100644
--- a/net-print/cups/cups-1.1.21-r2.ebuild
+++ b/net-print/cups/cups-1.1.22.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.1.21-r2.ebuild,v 1.1 2004/10/21 14:02:38 lanius Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-print/cups/cups-1.1.22.ebuild,v 1.1 2004/11/01 14:37:18 lanius Exp $
inherit eutils flag-o-matic
@@ -35,8 +35,8 @@ src_unpack() {
unpack ${A}
cd ${S}
epatch ${FILESDIR}/disable-strip.patch
- epatch ${FILESDIR}/str920.patch
- ( cd pdftops; epatch ${FILESDIR}/${P}-xpdf-CESA-2004-007.patch.bz2 )
+ ( cd pdftops; epatch ${FILESDIR}/xpdf-goo-sizet.patch )
+ ( cd pdftops; epatch ${FILESDIR}/${P}-xpdf2-underflow.patch )
WANT_AUTOCONF=2.5 autoconf || die
}
diff --git a/net-print/cups/files/cups-1.1.20-xpdf2-underflow.patch b/net-print/cups/files/cups-1.1.20-xpdf2-underflow.patch
new file mode 100644
index 000000000000..ba6b9d498d7f
--- /dev/null
+++ b/net-print/cups/files/cups-1.1.20-xpdf2-underflow.patch
@@ -0,0 +1,81 @@
+diff -ru XRef.cxx XRef.cxx
+--- XRef.cxx 2004-10-29 15:16:45.790089001 +0200
++++ XRef.cxx 2004-10-29 15:11:54.132168025 +0200
+@@ -66,6 +66,8 @@
+ start = str->getStart();
+ pos = readTrailer();
+
++ entries = NULL;
++
+ // if there was a problem with the trailer,
+ // try to reconstruct the xref table
+ if (pos == 0) {
+@@ -76,7 +78,7 @@
+
+ // trailer is ok - read the xref table
+ } else {
+- if (size*sizeof(XRefEntry)/sizeof(XRefEntry) != size) {
++ if ((size < 0) || (size*sizeof(XRefEntry)/sizeof(XRefEntry) != size)) {
+ error(-1, "Invalid 'size' inside xref table.");
+ ok = gFalse;
+ errCode = errDamaged;
+@@ -181,7 +183,7 @@
+ n = atoi(p);
+ while ('0' <= *p && *p <= '9') ++p;
+ while (isspace(*p)) ++p;
+- if (p == buf)
++ if ((p == buf) || (n < 0)) /* must make progress */
+ return 0;
+ pos1 += (p - buf) + n * 20;
+ }
+@@ -255,6 +257,10 @@
+ }
+ s[i] = '\0';
+ first = atoi(s);
++ if (first < 0) {
++ error(-1, "Invalid 'first'");
++ goto err2;
++ }
+ while ((c = str->lookChar()) != EOF && isspace(c)) {
+ str->getChar();
+ }
+@@ -266,6 +272,10 @@
+ }
+ s[i] = '\0';
+ n = atoi(s);
++ if (n<=0) {
++ error(-1, "Invalid 'n'");
++ goto err2;
++ }
+ while ((c = str->lookChar()) != EOF && isspace(c)) {
+ str->getChar();
+ }
+@@ -273,7 +283,7 @@
+ // table size
+ if (first + n > size) {
+ newSize = size + 256;
+- if (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize) {
++ if ((newSize < 0) || (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize)) {
+ error(-1, "Invalid 'newSize'");
+ goto err2;
+ }
+@@ -406,6 +416,10 @@
+ // look for object
+ } else if (isdigit(*p)) {
+ num = atoi(p);
++ if (num < 0) {
++ error(-1, "Invalid 'num' parameters.");
++ return gFalse;
++ }
+ do {
+ ++p;
+ } while (*p && isdigit(*p));
+@@ -425,7 +439,7 @@
+ if (!strncmp(p, "obj", 3)) {
+ if (num >= size) {
+ newSize = (num + 1 + 255) & ~255;
+- if (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize) {
++ if ((newSize < 0) || (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize)) {
+ error(-1, "Invalid 'obj' parameters.");
+ return gFalse;
+ }
diff --git a/net-print/cups/files/cups-1.1.22-xpdf2-underflow.patch b/net-print/cups/files/cups-1.1.22-xpdf2-underflow.patch
new file mode 100644
index 000000000000..6fffd57809f4
--- /dev/null
+++ b/net-print/cups/files/cups-1.1.22-xpdf2-underflow.patch
@@ -0,0 +1,81 @@
+diff -ru XRef.cxx XRef.cxx
+--- XRef.cxx 2004-10-29 15:16:45.790089001 +0200
++++ XRef.cxx 2004-10-29 15:11:54.132168025 +0200
+@@ -66,6 +66,8 @@
+ start = str->getStart();
+ pos = readTrailer();
+
++ entries = NULL;
++
+ // if there was a problem with the trailer,
+ // try to reconstruct the xref table
+ if (pos == 0) {
+@@ -76,7 +78,7 @@
+
+ // trailer is ok - read the xref table
+ } else {
+- if (size*sizeof(XRefEntry)/sizeof(XRefEntry) != size) {
++ if ((size < 0) || (size*sizeof(XRefEntry)/sizeof(XRefEntry) != size)) {
+ error(-1, "Invalid 'size' inside xref table.");
+ ok = gFalse;
+ errCode = errDamaged;
+@@ -181,7 +183,7 @@
+ n = atoi(p);
+ while ('0' <= *p && *p <= '9') ++p;
+ while (isspace(*p)) ++p;
+- if (p == buf) {
++ if ((p == buf) || (n < 0)) /* must make progress */ {
+ goto err1;
+ }
+ pos1 += (p - buf) + n * 20;
+@@ -255,6 +257,10 @@
+ }
+ s[i] = '\0';
+ first = atoi(s);
++ if (first < 0) {
++ error(-1, "Invalid 'first'");
++ goto err2;
++ }
+ while ((c = str->lookChar()) != EOF && isspace(c)) {
+ str->getChar();
+ }
+@@ -266,6 +272,10 @@
+ }
+ s[i] = '\0';
+ n = atoi(s);
++ if (n<=0) {
++ error(-1, "Invalid 'n'");
++ goto err2;
++ }
+ while ((c = str->lookChar()) != EOF && isspace(c)) {
+ str->getChar();
+ }
+@@ -273,7 +283,7 @@
+ // table size
+ if (first + n > size) {
+ newSize = first + n;
+- if (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize) {
++ if ((newSize < 0) || (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize)) {
+ error(-1, "Invalid 'newSize'");
+ goto err2;
+ }
+@@ -406,6 +416,10 @@
+ // look for object
+ } else if (isdigit(*p)) {
+ num = atoi(p);
++ if (num < 0) {
++ error(-1, "Invalid 'num' parameters.");
++ return gFalse;
++ }
+ do {
+ ++p;
+ } while (*p && isdigit(*p));
+@@ -425,7 +439,7 @@
+ if (!strncmp(p, "obj", 3)) {
+ if (num >= size) {
+ newSize = (num + 1 + 255) & ~255;
+- if (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize) {
++ if ((newSize < 0) || (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize)) {
+ error(-1, "Invalid 'obj' parameters.");
+ return gFalse;
+ }
diff --git a/net-print/cups/files/digest-cups-1.1.20-r5 b/net-print/cups/files/digest-cups-1.1.20-r5
new file mode 100644
index 000000000000..002ebb34be36
--- /dev/null
+++ b/net-print/cups/files/digest-cups-1.1.20-r5
@@ -0,0 +1 @@
+MD5 09d0be2bad1b0617bc0eba6eef81f6e9 cups-1.1.20-source.tar.bz2 3741510
diff --git a/net-print/cups/files/digest-cups-1.1.21-r2 b/net-print/cups/files/digest-cups-1.1.21-r2
deleted file mode 100644
index 71015b6895ef..000000000000
--- a/net-print/cups/files/digest-cups-1.1.21-r2
+++ /dev/null
@@ -1 +0,0 @@
-MD5 54e9b0d9c0bdb45b956f88c14793ef65 cups-1.1.21-source.tar.bz2 8549181
diff --git a/net-print/cups/files/digest-cups-1.1.22 b/net-print/cups/files/digest-cups-1.1.22
new file mode 100644
index 000000000000..dae8de805e2e
--- /dev/null
+++ b/net-print/cups/files/digest-cups-1.1.22
@@ -0,0 +1 @@
+MD5 fe0a1b0fedccfe8b2e35e0cea1e5f0a9 cups-1.1.22-source.tar.bz2 8527045
diff --git a/net-print/cups/files/xpdf-goo-sizet.patch b/net-print/cups/files/xpdf-goo-sizet.patch
new file mode 100644
index 000000000000..5d90c5120bd4
--- /dev/null
+++ b/net-print/cups/files/xpdf-goo-sizet.patch
@@ -0,0 +1,57 @@
+diff -ru xpdf-2.02pl1/goo/gmem.c xpdf-2.02pl1/goo/gmem.c
+--- xpdf-2.02pl1/goo/gmem.c 2003-06-16 22:01:26.000000000 +0200
++++ xpdf-2.02pl1/goo/gmem.c 2004-10-29 15:13:34.866919791 +0200
+@@ -53,9 +53,9 @@
+
+ #endif /* DEBUG_MEM */
+
+-void *gmalloc(int size) {
++void *gmalloc(size_t size) {
+ #ifdef DEBUG_MEM
+- int size1;
++ size_t size1;
+ char *mem;
+ GMemHdr *hdr;
+ void *data;
+@@ -94,11 +94,11 @@
+ #endif
+ }
+
+-void *grealloc(void *p, int size) {
++void *grealloc(void *p, size_t size) {
+ #ifdef DEBUG_MEM
+ GMemHdr *hdr;
+ void *q;
+- int oldSize;
++ size_t oldSize;
+
+ if (size == 0) {
+ if (p)
+@@ -137,7 +137,7 @@
+
+ void gfree(void *p) {
+ #ifdef DEBUG_MEM
+- int size;
++ size_t size;
+ GMemHdr *hdr;
+ GMemHdr *prevHdr, *q;
+ int lst;
+diff -ru xpdf-2.02pl1/goo/gmem.h xpdf-2.02pl1/goo/gmem.h
+--- xpdf-2.02pl1/goo/gmem.h 2003-06-16 22:01:26.000000000 +0200
++++ xpdf-2.02pl1/goo/gmem.h 2004-10-29 15:13:50.864027201 +0200
+@@ -19,13 +19,13 @@
+ * Same as malloc, but prints error message and exits if malloc()
+ * returns NULL.
+ */
+-extern void *gmalloc(int size);
++extern void *gmalloc(size_t size);
+
+ /*
+ * Same as realloc, but prints error message and exits if realloc()
+ * returns NULL. If <p> is NULL, calls malloc instead of realloc().
+ */
+-extern void *grealloc(void *p, int size);
++extern void *grealloc(void *p, size_t size);
+
+ /*
+ * Same as free, but checks for and ignores NULL pointers.