From ef093c0b88f718fe4f5dfe37fe5b58a05fa9feaf Mon Sep 17 00:00:00 2001 From: Funda Wang Date: Fri, 30 Aug 2024 16:11:12 +0800 Subject: [PATCH] Fix regression of fixing CVE-2024-35235 (upstream issue#985) --- backport-Fix-CVE-2024-35235-regression.patch | 52 ++++++++++++++++++++ cups.spec | 6 ++- 2 files changed, 57 insertions(+), 1 deletion(-) create mode 100644 backport-Fix-CVE-2024-35235-regression.patch diff --git a/backport-Fix-CVE-2024-35235-regression.patch b/backport-Fix-CVE-2024-35235-regression.patch new file mode 100644 index 0000000..9482e7e --- /dev/null +++ b/backport-Fix-CVE-2024-35235-regression.patch @@ -0,0 +1,52 @@ +From 6131f6a73c188f3db0ec94ae488991ce80cfd7ea Mon Sep 17 00:00:00 2001 +From: Michael R Sweet +Date: Fri, 14 Jun 2024 15:10:21 -0400 +Subject: [PATCH] Don't abort early if there are no listen sockets after + loading cupsd.conf (Issue #985) + +--- + scheduler/conf.c | 2 +- + scheduler/main.c | 17 +++++++++++++++++ + 2 files changed, 18 insertions(+), 1 deletion(-) + +diff --git a/scheduler/conf.c b/scheduler/conf.c +index ebf8ca8ccd..34b30e56d1 100644 +--- a/scheduler/conf.c ++++ b/scheduler/conf.c +@@ -1048,7 +1048,7 @@ cupsdReadConfiguration(void) + * as an error and exit! + */ + +- if (cupsArrayCount(Listeners) == 0) ++ if (cupsArrayCount(Listeners) == 0 && !OnDemand) + { + /* + * No listeners! +diff --git a/scheduler/main.c b/scheduler/main.c +index 4472863081..70f3159df6 100644 +--- a/scheduler/main.c ++++ b/scheduler/main.c +@@ -2036,6 +2036,23 @@ service_checkin(void) + service_add_listener(fd, 0); + } + #endif /* HAVE_LAUNCHD */ ++ ++ if (cupsArrayCount(Listeners) == 0) ++ { ++ /* ++ * No listeners! ++ */ ++ ++ cupsdLogMessage(CUPSD_LOG_EMERG, ++ "No valid Listen or Port lines were found in the " ++ "configuration file."); ++ ++ /* ++ * Commit suicide... ++ */ ++ ++ cupsdEndProcess(getpid(), 0); ++ } + } + + diff --git a/cups.spec b/cups.spec index 8a6af68..df68c25 100644 --- a/cups.spec +++ b/cups.spec @@ -1,7 +1,7 @@ Name: cups Epoch: 1 Version: 2.2.13 -Release: 20 +Release: 21 Summary: CUPS is the standards-based, open source printing system for linux operating systems. License: GPLv2+ and LGPLv2+ with exceptions and AML Url: http://www.cups.org/ @@ -44,6 +44,7 @@ Patch6006: fix-verifying-that-history-still-exists-test-case-fail.patch Patch6007: backport-CVE-2023-34241.patch Patch6008: backport-CVE-2023-4504.patch Patch6009: backport-Fix-CVE-2024-35235.patch +Patch6010: backport-Fix-CVE-2024-35235-regression.patch Provides: cupsddk cupsddk-drivers cups-filesystem cups-client cups-ipptool cups-lpd Provides: lpd lpr /usr/bin/lpq /usr/bin/lpr /usr/bin/lp /usr/bin/cancel /usr/bin/lprm /usr/bin/lpstat @@ -338,6 +339,9 @@ rm -f %{_exec_prefix}/lib/cups/backend/smb %doc %{_datadir}/%{name}/www/apple-touch-icon.png %changelog +* Wed Aug 14 2024 Funda Wang - 1:2.2.13-21 +- Fix regression of fixing CVE-2024-35235 (upstream issue#985) + * Thu Jun 20 2024 baiguo - 1:2.2.13-20 - fix CVE-2024-35235