packages/cups
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix regression of fixing CVE-2024-35235 (upstream issue#985)

Browse Source 
(cherry picked from commit 15f5a582b453d062f26d0cf0e6cef10a4f15488d)
This commit is contained in:
Funda Wang 2024-08-30 16:09:39 +08:00 committed by openeuler-sync-bot
parent 8c8652ff4e
commit 1aa59514f2
2 changed files with 57 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
backport-Fix-CVE-2024-35235-regression.patch Normal file
View File

@ -0,0 +1,52 @@
From 6131f6a73c188f3db0ec94ae488991ce80cfd7ea Mon Sep 17 00:00:00 2001
From: Michael R Sweet <msweet@msweet.org>
Date: Fri, 14 Jun 2024 15:10:21 -0400
Subject: [PATCH] Don't abort early if there are no listen sockets after
loading cupsd.conf (Issue #985)
---
scheduler/conf.c | 2 +-
scheduler/main.c | 17 +++++++++++++++++
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/scheduler/conf.c b/scheduler/conf.c
index ebf8ca8ccd..34b30e56d1 100644
--- a/scheduler/conf.c
+++ b/scheduler/conf.c
@@ -1048,7 +1048,7 @@ cupsdReadConfiguration(void)
* as an error and exit!
*/
- if (cupsArrayCount(Listeners) == 0)
+ if (cupsArrayCount(Listeners) == 0 && !OnDemand)
{
/*
* No listeners!
diff --git a/scheduler/main.c b/scheduler/main.c
index 4472863081..70f3159df6 100644
--- a/scheduler/main.c
+++ b/scheduler/main.c
@@ -2036,6 +2036,23 @@ service_checkin(void)
service_add_listener(fd, 0);
}
#endif /* HAVE_LAUNCHD */
+
+ if (cupsArrayCount(Listeners) == 0)
+ {
+ /*
+ * No listeners!
+ */
+
+ cupsdLogMessage(CUPSD_LOG_EMERG,
+ "No valid Listen or Port lines were found in the "
+ "configuration file.");
+
+ /*
+ * Commit suicide...
+ */
+
+ cupsdEndProcess(getpid(), 0);
+ }
}

6
cups.spec
View File

@ -3,7 +3,7 @@
Name: cups Name: cups
Epoch: 1 Epoch: 1
Version: 2.4.0 Version: 2.4.0
Release: 11 Release: 12
Summary: CUPS is the standards-based, open source printing system for linux operating systems. Summary: CUPS is the standards-based, open source printing system for linux operating systems.
License: Apache-2.0 WITH LLVM-exception License: Apache-2.0 WITH LLVM-exception
Url: https://openprinting.github.io/cups/ Url: https://openprinting.github.io/cups/
@ -32,6 +32,7 @@ Patch6004: fix-httpAddrGetList-test-case-fail.patch
Patch6005: backport-CVE-2023-34241.patch Patch6005: backport-CVE-2023-34241.patch
Patch6006: backport-CVE-2023-4504.patch Patch6006: backport-CVE-2023-4504.patch
Patch6007: backport-Fix-CVE-2024-35235.patch Patch6007: backport-Fix-CVE-2024-35235.patch
Patch6008: backport-Fix-CVE-2024-35235-regression.patch
BuildRequires: pam-devel pkgconf-pkg-config pkgconfig(gnutls) libacl-devel openldap-devel pkgconfig(libusb-1.0) BuildRequires: pam-devel pkgconf-pkg-config pkgconfig(gnutls) libacl-devel openldap-devel pkgconfig(libusb-1.0)
BuildRequires: krb5-devel pkgconfig(avahi-client) systemd pkgconfig(libsystemd) pkgconfig(dbus-1) python3-cups BuildRequires: krb5-devel pkgconfig(avahi-client) systemd pkgconfig(libsystemd) pkgconfig(dbus-1) python3-cups
@ -453,6 +454,9 @@ rm -f %{_exec_prefix}/lib/cups/backend/smb
%doc %{_datadir}/%{name}/www/apple-touch-icon.png %doc %{_datadir}/%{name}/www/apple-touch-icon.png
%changelog %changelog
* Wed Aug 14 2024 Funda Wang <fundawang@yeah.net> - 1:2.4.0-12
- Fix regression of fixing CVE-2024-35235 (upstream issue#985)
* Wed Jun 12 2024 baiguo <baiguo@kylinos.cn> - 1:2.4.0-11 * Wed Jun 12 2024 baiguo <baiguo@kylinos.cn> - 1:2.4.0-11
- fix CVE-2024-35235 - fix CVE-2024-35235