pool/hplip
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 58075 from Printing

Browse Source 
Accepted submit request 58075 from user jsmeix

OBS-URL: https://build.opensuse.org/request/show/58075
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/hplip?expand=0&rev=56
This commit is contained in:
Marcus Rückert 2011-01-14 03:01:56 +00:00 committed by Git OBS Bridge
commit 2c5c042dc5
3 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
hplip-3.9.8-CVE-2010-4267.patch Normal file
View File

@ -0,0 +1,11 @@
--- io/hpmud/pml.c.orig 2009-08-04 23:37:25.000000000 +0200
+++ io/hpmud/pml.c 2010-12-17 13:09:28.000000000 +0100
@@ -504,6 +504,8 @@ enum HPMUD_RESULT hpmud_get_pml(HPMUD_DE
p += 2; /* eat type and length */
}
+ if (dLen > buf_size)
+ dLen = buf_size;
memcpy(buf, p, dLen);
*bytes_read = dLen;
*type = dt;

6
hplip.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu Jan 13 16:29:01 CET 2011 - jsmeix@suse.de
- hplip-3.9.8-CVE-2010-4267.patch fixes a remote buffer overflow
(CVE-2010-4267 and Novell/Suse Bugzilla bnc#336658).
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Dec 29 15:52:56 UTC 2010 - gber@opensuse.org Wed Dec 29 15:52:56 UTC 2010 - gber@opensuse.org

5
hplip.spec
View File

@ -42,6 +42,8 @@ Source0: %{name}-%{version}.tar.bz2
# Patch10 fixes "... is used uninitialized ..." warnings: # Patch10 fixes "... is used uninitialized ..." warnings:
Patch10: fix-uninitialized-variables.diff Patch10: fix-uninitialized-variables.diff
# Patch11 fix_gcc44_glib.diff is obsolete since version 3.9.6b because it is fixed in the source. # Patch11 fix_gcc44_glib.diff is obsolete since version 3.9.6b because it is fixed in the source.
# Patch12 hplip-3.9.8-CVE-2010-4267.patch fixes a remote buffer overflow in hpmud/pml.c:
Patch12: hplip-3.9.8-CVE-2010-4267.patch
# Source100... is for special Suse sources: # Source100... is for special Suse sources:
# Source100 is the primary source for the suse_update_desktop_file stuff. # Source100 is the primary source for the suse_update_desktop_file stuff.
# It is found automatically in $RPM_SOURCE_DIR by 'suse_update_desktop_file -i hplip': # It is found automatically in $RPM_SOURCE_DIR by 'suse_update_desktop_file -i hplip':
@ -267,6 +269,9 @@ Authors:
# Patch10 fix-uninitialized-variables.diff # Patch10 fix-uninitialized-variables.diff
# fixes "... is used uninitialized ..." warnings: # fixes "... is used uninitialized ..." warnings:
%patch10 %patch10
# Patch12 hplip-3.9.8-CVE-2010-4267.patch
# fixes a remote buffer overflow in hpmud/pml.c:
%patch12
# Patch101 change-udev-rules.diff # Patch101 change-udev-rules.diff
# changes the udev rules files 55-hpmud.rules and 56-hpmud_support.rules: # changes the udev rules files 55-hpmud.rules and 56-hpmud_support.rules:
%patch101 %patch101