guix-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

branch core-updates updated: gnu: Remove dead cups-CVE-2020-10001.patch.


From: guix-commits
Subject: branch core-updates updated: gnu: Remove dead cups-CVE-2020-10001.patch.
Date: Wed, 23 Jun 2021 12:53:41 -0400

This is an automated email from the git hooks/post-receive script.

nckx pushed a commit to branch core-updates
in repository guix.

The following commit(s) were added to refs/heads/core-updates by this push:
     new a3d9af5  gnu: Remove dead cups-CVE-2020-10001.patch.
a3d9af5 is described below

commit a3d9af5eb11cb4b85d011cea3c0da4a1a5aede2f
Author: Tobias Geerinckx-Rice <me@tobias.gr>
AuthorDate: Wed Jun 23 18:53:11 2021 +0200

    gnu: Remove dead cups-CVE-2020-10001.patch.
    
    * gnu/packages/patches/cups-CVE-2020-10001.patch: Delete file.
    * gnu/local.mk (dist_patch_DATA): Remove it.
---
 gnu/local.mk                                   |  1 -
 gnu/packages/patches/cups-CVE-2020-10001.patch | 47 --------------------------
 2 files changed, 48 deletions(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index 65f35a1..cbc835a 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -934,7 +934,6 @@ dist_patch_DATA =                                           
\
   %D%/packages/patches/crda-optional-gcrypt.patch              \
   %D%/packages/patches/clucene-contribs-lib.patch               \
   %D%/packages/patches/cube-nocheck.patch                      \
-  %D%/packages/patches/cups-CVE-2020-10001.patch               \
   %D%/packages/patches/curl-use-ssl-cert-env.patch             \
   %D%/packages/patches/curl-7.77-tls-priority-string.patch     \
   %D%/packages/patches/cursynth-wave-rand.patch                        \
diff --git a/gnu/packages/patches/cups-CVE-2020-10001.patch 
b/gnu/packages/patches/cups-CVE-2020-10001.patch
deleted file mode 100644
index 1b16c7d..0000000
--- a/gnu/packages/patches/cups-CVE-2020-10001.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From efbea1742bd30f842fbbfb87a473e5c84f4162f9 Mon Sep 17 00:00:00 2001
-From: Michael R Sweet <msweet@msweet.org>
-Date: Mon, 1 Feb 2021 15:02:32 -0500
-Subject: [PATCH] Fix a buffer (read) overflow in ippReadIO (CVE-2020-10001)
-
----
-
-diff --git a/cups/ipp.c b/cups/ipp.c
-index 3d529346c..adbb26fba 100644
---- a/cups/ipp.c
-+++ b/cups/ipp.c
-@@ -2866,7 +2866,8 @@ ippReadIO(void       *src,               /* I - Data 
source */
-   unsigned char               *buffer,        /* Data buffer */
-                       string[IPP_MAX_TEXT],
-                                       /* Small string buffer */
--                      *bufptr;        /* Pointer into buffer */
-+                      *bufptr,        /* Pointer into buffer */
-+                      *bufend;        /* End of buffer */
-   ipp_attribute_t     *attr;          /* Current attribute */
-   ipp_tag_t           tag;            /* Current tag */
-   ipp_tag_t           value_tag;      /* Current value tag */
-@@ -3441,6 +3442,7 @@ ippReadIO(void       *src,               /* I - Data 
source */
-               }
- 
-                 bufptr = buffer;
-+                bufend = buffer + n;
- 
-              /*
-               * text-with-language and name-with-language are composite
-@@ -3454,7 +3456,7 @@ ippReadIO(void       *src,               /* I - Data 
source */
- 
-               n = (bufptr[0] << 8) | bufptr[1];
- 
--              if ((bufptr + 2 + n) >= (buffer + IPP_BUF_SIZE) || n >= 
(int)sizeof(string))
-+              if ((bufptr + 2 + n + 2) > bufend || n >= (int)sizeof(string))
-               {
-                 _cupsSetError(IPP_STATUS_ERROR_INTERNAL,
-                               _("IPP language length overflows value."), 1);
-@@ -3481,7 +3483,7 @@ ippReadIO(void       *src,               /* I - Data 
source */
-                 bufptr += 2 + n;
-               n = (bufptr[0] << 8) | bufptr[1];
- 
--              if ((bufptr + 2 + n) >= (buffer + IPP_BUF_SIZE))
-+              if ((bufptr + 2 + n) > bufend)
-               {
-                 _cupsSetError(IPP_STATUS_ERROR_INTERNAL,
-                               _("IPP string length overflows value."), 1);



reply via email to

[Prev in Thread] Current Thread [Next in Thread]