packages/cups
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2023-34241

Browse Source
This commit is contained in:
zhouwenpei 2023-06-26 06:56:53 +00:00
parent 85cddf94fd
commit 161ac53c83
2 changed files with 68 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
backport-CVE-2023-34241.patch Normal file
View File

@ -0,0 +1,63 @@
From 450b6ba5f3785d18095a56eb9fbd5bbdaad43d1a Mon Sep 17 00:00:00 2001
From: Rose <83477269+AtariDreams@users.noreply.github.com>
Date: Thu, 1 Jun 2023 11:33:39 -0400
Subject: [PATCH] Log result of httpGetHostname BEFORE closing the connection
httpClose frees the memory of con->http. This is problematic because httpGetHostname then tries to access the memory it points to.
We have to log the hostname first.
---
scheduler/client.c | 16 +++++++---------
1 file changed, 7 insertions(+), 9 deletions(-)
diff --git a/scheduler/client.c b/scheduler/client.c
index 236355a..d76e1e0 100644
--- a/scheduler/client.c
+++ b/scheduler/client.c
@@ -203,13 +203,11 @@ cupsdAcceptClient(cupsd_listener_t *lis)/* I - Listener socket */
/*
* Can't have an unresolved IP address with double-lookups enabled...
*/
-
- httpClose(con->http);
-
cupsdLogClient(con, CUPSD_LOG_WARN,
- "Name lookup failed - connection from %s closed!",
+ "Name lookup failed - closing connection from %s!",
httpGetHostname(con->http, NULL, 0));
+ httpClose(con->http);
free(con);
return;
}
@@ -245,11 +243,11 @@ cupsdAcceptClient(cupsd_listener_t *lis)/* I - Listener socket */
* with double-lookups enabled...
*/
- httpClose(con->http);
-
cupsdLogClient(con, CUPSD_LOG_WARN,
- "IP lookup failed - connection from %s closed!",
+ "IP lookup failed - closing connection from %s!",
httpGetHostname(con->http, NULL, 0));
+
+ httpClose(con->http);
free(con);
return;
}
@@ -266,11 +264,11 @@ cupsdAcceptClient(cupsd_listener_t *lis)/* I - Listener socket */
if (!hosts_access(&wrap_req))
{
- httpClose(con->http);
-
cupsdLogClient(con, CUPSD_LOG_WARN,
"Connection from %s refused by /etc/hosts.allow and "
"/etc/hosts.deny rules.", httpGetHostname(con->http, NULL, 0));
+
+ httpClose(con->http);
free(con);
return;
}
--
2.33.0

6
cups.spec
View File

@ -1,7 +1,7 @@
Name: cups
Epoch: 1
Version: 2.2.13
Release: 16
Release: 17
Summary: CUPS is the standards-based, open source printing system for linux operating systems.
License: GPLv2+ and LGPLv2+ with exceptions and AML
Url: http://www.cups.org/
@ -40,6 +40,7 @@ Patch6002: backport-CVE-2022-26691.patch
Patch6003: CVE-2019-8842.patch
Patch6004: backport-CVE-2023-32324.patch
Patch6005: fix-httpAddrGetList-test-case-fail.patch
Patch6006: backport-CVE-2023-34241.patch
Provides: cupsddk cupsddk-drivers cups-filesystem cups-client cups-ipptool cups-lpd
Provides: lpd lpr /usr/bin/lpq /usr/bin/lpr /usr/bin/lp /usr/bin/cancel /usr/bin/lprm /usr/bin/lpstat
@ -334,6 +335,9 @@ rm -f %{_exec_prefix}/lib/cups/backend/smb
%doc %{_datadir}/%{name}/www/apple-touch-icon.png
%changelog
* Mon Jun 26 2023 zhouwenpei <zhouwenpei@h-partners.com> - 1:2.2.13-17
- fix CVE-2023-34241
* Fri Jun 9 2023 zhangpan <zhangpan103@h-partners.com> - 1:2.2.13-16
- fix build error