Andreas Radke pushed to branch main at Arch Linux / Packaging / Packages /
libcupsfilters
Commits:
2e843859 by Andreas Radke at 2024-10-18T19:17:45+02:00
upgpkg: 2.1.0-1
- - - - -
3 changed files:
- .SRCINFO
- − CVE-2024-47076.patch
- PKGBUILD
Changes:
=====================================
.SRCINFO
=====================================
@@ -1,7 +1,7 @@
pkgbase = libcupsfilters
pkgdesc = OpenPrinting CUPS Filters - contains all the code of the
filters of the former cups-filters package as library functions
- pkgver = 2.0.0
- pkgrel = 3
+ pkgver = 2.1.0
+ pkgrel = 1
url = https://github.com/OpenPrinting/libcupsfilters
arch = x86_64
license = Apache-2.0 WITH LLVM-exception
@@ -19,9 +19,7 @@ pkgbase = libcupsfilters
depends = glibc
depends = gcc-libs
depends = dbus
- source =
https://github.com/OpenPrinting/libcupsfilters/releases/download/2.0.0/libcupsfilters-2.0.0.tar.xz
- source = CVE-2024-47076.patch
- sha256sums =
542f2bfbc58136a4743c11dc8c86cee03c9aca705612654e36ac34aa0d9aa601
- sha256sums =
c3d24aacad3c5641c12a4371697cc6ca602e30604aa79ab2a061f1c8bbb65cf7
+ source =
https://github.com/OpenPrinting/libcupsfilters/releases/download/2.1.0/libcupsfilters-2.1.0.tar.xz
+ sha256sums =
cbe900c7783e4aab0b1681629fad7322d82d082a51e8bae7e1c741d26bdcd294
pkgname = libcupsfilters
=====================================
CVE-2024-47076.patch deleted
=====================================
@@ -1,33 +0,0 @@
-From 95576ec3d20c109332d14672a807353cdc551018 Mon Sep 17 00:00:00 2001
-From: Zdenek Dohnal <[email protected]>
-Date: Thu, 26 Sep 2024 23:09:29 +0200
-Subject: [PATCH] cfGetPrinterAttributes5(): Validate response attributes
- before return
-
-The destination can be corrupted or forged, so validate the response
-to strenghten security measures.
-
-Fixes CVE-2024-47076
----
- cupsfilters/ipp.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/cupsfilters/ipp.c b/cupsfilters/ipp.c
-index 8d6a9b3d..db10cb3f 100644
---- a/cupsfilters/ipp.c
-+++ b/cupsfilters/ipp.c
-@@ -404,6 +404,14 @@ cfGetPrinterAttributes5(http_t *http_printer,
- ippDelete(response2);
- }
- }
-+
-+ // Check if the response is valid
-+ if (!ippValidateAttributes(response))
-+ {
-+ ippDelete(response);
-+ response = NULL;
-+ }
-+
- if (have_http == 0) httpClose(http_printer);
- if (uri) free(uri);
- return (response);
=====================================
PKGBUILD
=====================================
@@ -1,30 +1,22 @@
# Maintainer: Andreas Radke <[email protected]>
pkgname=libcupsfilters
-pkgver=2.0.0
-pkgrel=3
+pkgver=2.1.0
+pkgrel=1
pkgdesc="OpenPrinting CUPS Filters - contains all the code of the filters of
the former cups-filters package as library functions"
arch=('x86_64')
url="https://github.com/OpenPrinting/libcupsfilters";
license=('Apache-2.0 WITH LLVM-exception')
depends=('libcups' 'libexif' 'qpdf' 'poppler'
- 'libjpeg-turbo' 'libpng' 'libtiff' 'lcms2' 'fontconfig' 'glibc'
'gcc-libs' 'dbus')
+ 'libjpeg-turbo' 'libpng' 'libtiff' 'lcms2'
+ 'fontconfig' 'glibc' 'gcc-libs' 'dbus')
makedepends=(
'ghostscript'
# 'mupdf-tools' ???
)
checkdepends=('ttf-dejavu') # ttf-dejavu for make check
-source=("https://github.com/OpenPrinting/libcupsfilters/releases/download/$pkgver/$pkgname-$pkgver.tar.xz";
- CVE-2024-47076.patch)
-sha256sums=('542f2bfbc58136a4743c11dc8c86cee03c9aca705612654e36ac34aa0d9aa601'
- 'c3d24aacad3c5641c12a4371697cc6ca602e30604aa79ab2a061f1c8bbb65cf7')
-
-prepare() {
- cd "$pkgname"-$pkgver
- # The destination can be corrupted or forged, so validate the response
- # to strenghten security measures.
- patch -Np1 -i ../CVE-2024-47076.patch
-}
+source=("https://github.com/OpenPrinting/libcupsfilters/releases/download/$pkgver/$pkgname-$pkgver.tar.xz";)
+sha256sums=('cbe900c7783e4aab0b1681629fad7322d82d082a51e8bae7e1c741d26bdcd294')
build() {
cd "$pkgname"-$pkgver
View it on GitLab:
https://gitlab.archlinux.org/archlinux/packaging/packages/libcupsfilters/-/commit/2e8438593862f4dc5450cae8e5c758f81afcf164
--
View it on GitLab:
https://gitlab.archlinux.org/archlinux/packaging/packages/libcupsfilters/-/commit/2e8438593862f4dc5450cae8e5c758f81afcf164
You're receiving this email because of your account on gitlab.archlinux.org.
