SECURITY FIX for CVE-2009-3608, CVE-2009-3609.
CUPS "pdftops" Filter Data Handling Integer Overflow Vulnerabilities Patch from Ubuntu. ok ajacoutot@ (MAINTAINER)
This commit is contained in:
parent
104a083fec
commit
6a63c0cb29
@ -1,10 +1,10 @@
|
||||
# $OpenBSD: Makefile,v 1.58 2009/10/12 11:17:17 ajacoutot Exp $
|
||||
# $OpenBSD: Makefile,v 1.59 2009/10/25 16:04:34 jasper Exp $
|
||||
|
||||
COMMENT= Common Unix Printing System
|
||||
|
||||
VERSION= 1.3.11
|
||||
DISTNAME= cups-${VERSION}-source
|
||||
PKGNAME= cups-${VERSION}p1
|
||||
PKGNAME= cups-${VERSION}p2
|
||||
|
||||
CATEGORIES= print sysutils
|
||||
|
||||
|
22
print/cups/patches/patch-config-scripts_cups-pdf_m4
Normal file
22
print/cups/patches/patch-config-scripts_cups-pdf_m4
Normal file
@ -0,0 +1,22 @@
|
||||
$OpenBSD: patch-config-scripts_cups-pdf_m4,v 1.1 2009/10/25 16:04:34 jasper Exp $
|
||||
|
||||
Security fix for CVE-2009-3608, CVE-2009-3609.
|
||||
CUPS "pdftops" Filter Data Handling Integer Overflow Vulnerabilities
|
||||
|
||||
Patch from Ubuntu: poppler-based-pdftops-fixes.dpatch
|
||||
|
||||
--- config-scripts/cups-pdf.m4.orig Fri Oct 23 13:00:39 2009
|
||||
+++ config-scripts/cups-pdf.m4 Fri Oct 23 13:01:00 2009
|
||||
@@ -64,6 +64,12 @@ case "x$with_pdftops" in
|
||||
;;
|
||||
esac
|
||||
|
||||
+if test "x$CUPS_PDFTOPS" != x; then
|
||||
+ if `$CUPS_PDFTOPS -h 2>&1 | grep -q -- -origpagesizes 2>/dev/null`; then
|
||||
+ AC_DEFINE(HAVE_PDFTOPS_WITH_ORIGPAGESIZES)
|
||||
+ fi
|
||||
+fi
|
||||
+
|
||||
AC_DEFINE_UNQUOTED(CUPS_PDFTOPS, "$CUPS_PDFTOPS")
|
||||
AC_DEFINE_UNQUOTED(CUPS_GHOSTSCRIPT, "$CUPS_GHOSTSCRIPT")
|
||||
AC_SUBST(PDFTOPS)
|
17
print/cups/patches/patch-config_h_in
Normal file
17
print/cups/patches/patch-config_h_in
Normal file
@ -0,0 +1,17 @@
|
||||
$OpenBSD: patch-config_h_in,v 1.1 2009/10/25 16:04:34 jasper Exp $
|
||||
|
||||
Security fix for CVE-2009-3608, CVE-2009-3609.
|
||||
CUPS "pdftops" Filter Data Handling Integer Overflow Vulnerabilities
|
||||
|
||||
Patch from Ubuntu: poppler-based-pdftops-fixes.dpatch
|
||||
|
||||
--- config.h.in.orig Fri Oct 23 13:01:25 2009
|
||||
+++ config.h.in Fri Oct 23 13:01:39 2009
|
||||
@@ -440,6 +440,7 @@
|
||||
*/
|
||||
|
||||
#undef HAVE_PDFTOPS
|
||||
+#undef HAVE_PDFTOPS_WITH_ORIGPAGESIZES
|
||||
#define CUPS_PDFTOPS "/usr/bin/pdftops"
|
||||
|
||||
|
40
print/cups/patches/patch-filter_pdftops_c
Normal file
40
print/cups/patches/patch-filter_pdftops_c
Normal file
@ -0,0 +1,40 @@
|
||||
$OpenBSD: patch-filter_pdftops_c,v 1.1 2009/10/25 16:04:34 jasper Exp $
|
||||
|
||||
Security fix for CVE-2009-3608, CVE-2009-3609.
|
||||
CUPS "pdftops" Filter Data Handling Integer Overflow Vulnerabilities
|
||||
|
||||
Patch from Ubuntu: poppler-based-pdftops-fixes.dpatch
|
||||
|
||||
--- filter/pdftops.c.orig Fri Oct 23 13:02:31 2009
|
||||
+++ filter/pdftops.c Fri Oct 23 13:03:37 2009
|
||||
@@ -303,7 +303,9 @@ main(int argc, /* I - Number of command-line args
|
||||
}
|
||||
else
|
||||
#ifdef HAVE_PDFTOPS
|
||||
- pdf_argv[pdf_argc++] = (char *)"-level3";
|
||||
+ /* Do not emit PS Level 3 with Poppler, some HP PostScript printers
|
||||
+ do not like it. See https://bugs.launchpad.net/bugs/277404. */
|
||||
+ pdf_argv[pdf_argc++] = (char *)"-level2";
|
||||
#else
|
||||
pdf_argv[pdf_argc++] = (char *)"-dLanguageLevel=3";
|
||||
#endif /* HAVE_PDFTOPS */
|
||||
@@ -389,7 +391,19 @@ main(int argc, /* I - Number of command-line args
|
||||
pdf_argv[pdf_argc++] = pdf_width;
|
||||
pdf_argv[pdf_argc++] = pdf_height;
|
||||
#endif /* HAVE_PDFTOPS */
|
||||
+ }
|
||||
+#if defined(HAVE_PDFTOPS) && defined(HAVE_PDFTOPS_WITH_ORIGPAGESIZES)
|
||||
+ else
|
||||
+ {
|
||||
+ /*
|
||||
+ * Use the page sizes of the original PDF document, this way documents
|
||||
+ * which contain pages of different sizes can be printed correctly
|
||||
+ */
|
||||
+
|
||||
+ pdf_argv[pdf_argc++] = (char *)"-origpagesizes";
|
||||
+
|
||||
}
|
||||
+#endif /* HAVE_PDFTOPS && HAVE_PDFTOPS_WITH_ORIGPAGESIZES */
|
||||
}
|
||||
|
||||
#ifdef HAVE_PDFTOPS
|
Loading…
Reference in New Issue
Block a user