commit: 8fb600024921589ab9b1179523e8eb60057ca9c2
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Sat Dec 8 12:26:04 2018 +0000
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Sat Dec 8 12:27:22 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8fb60002
net-print/cups: Security bump to versions 2.2.10 and 2.3_beta6
Fixes for CVE-2018-4700
Removed old beta release.
Package-Manager: Portage-2.3.52, Repoman-2.3.12
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>
net-print/cups/Manifest | 3 +-
...cups-2.3_beta5-r1.ebuild => cups-2.2.10.ebuild} | 29 +++++----
...s-2.3_beta5-r1.ebuild => cups-2.3_beta6.ebuild} | 4 +-
.../files/cups-2.3_beta5-validation_fixes.patch | 69 ----------------------
.../files/cups-2.3_beta6-usage_argument_fix.patch | 38 ++++++++++++
5 files changed, 59 insertions(+), 84 deletions(-)
diff --git a/net-print/cups/Manifest b/net-print/cups/Manifest
index 4a79a309841..28e73772df4 100644
--- a/net-print/cups/Manifest
+++ b/net-print/cups/Manifest
@@ -1,4 +1,5 @@
+DIST cups-2.2.10-source.tar.gz 10403568 BLAKE2B
42937088758893772545fff7bbfbf4610ae34764b1e962110b7ea88940ddcba92376e55f4665b9815278de566daec07190ad78e5f2b1e37f905447a7fd17bf4e
SHA512
1393987a263ebf20089dd3008ae4ed770a27a1f289032604eb9e18f2e863bd0e4215a70118f5a6d3940875625278b6798fbc9070e791ec559179c6cf7dc7b05f
DIST cups-2.2.7-source.tar.gz 10330296 BLAKE2B
015a64758ee8d2559f4259ff36bf702b93dc695a44e2170d4ecf71b80d5691b4d947decf0a84ff9433b43c6d47dc350a8769d1e230ceda276c13add67e5e8a20
SHA512
780a6a484f38967ff678456ec7b532aa8445a9562663e4e4f6f7a24aac6ec9e8eae36459ee3c025dff053d59ad1d9ecfb823e8a832bae9d384db3d1a10d8860e
DIST cups-2.2.8-source.tar.gz 10374921 BLAKE2B
3fc4d5cae3848cbb7fb1263b377210254dfa08d70a1218c7f20d5a277d0536791e071c50bac282ab2049e1cffddfe91438216ceb37ec279d7cb0ec7b57a315da
SHA512
6ed44c5e6f1c46c85b06691713ce476330c93834243720ad2c04fa983e20cde9f6ebfc2eb2ba8bb3700f11320471b99856d6402d3641038da690f89c49fbd261
DIST cups-2.2.9-source.tar.gz 10402885 BLAKE2B
6736a2f5efa6ee8eadeea6620b5750e16e3be2e1c46d6f5821146d21078d10cda8e993b111ae326863db93d0c36e55c26d1c91140f8a518759111bafc9c93996
SHA512
423d2a215a115d5f78ce73118e8a2e566662e5d7f8acbffea39e1bfefb2f48f94841c8b85d731b0786b682dc579df8dfb5508570225b5205a182fbb2cd6dd2a5
-DIST cups-2.3b5-source.tar.gz 10176856 BLAKE2B
beda07a64ef463371e4e1f25b397caa9487f7acdc982fcfa7edee736a41f6a6875747c772e4c59e2d2746c8c508a0cc87f8608227592f5e1d9c8c48d956ab97c
SHA512
48d45f090637bf32bdcc83106272efb8462ff609f74fbe4e82add7f851dcb9173126a1df186848c087d02e8c1441f31a70859faf2714b6ddb1f3738ef8dba60d
+DIST cups-2.3b6-source.tar.gz 10240934 BLAKE2B
16b7381617d97d5c68e7bdf971b2cbc81c8f33208e408e051fce9770cffebed3a9337296d3e9f95a9f0a4e76cffe3201b99207f83169b8397d11455964178f4f
SHA512
f9f79bbc694e4bb4f37906f6dffad7c5067d86e07878ca73953ebf519d2637c23fded18646bd086cbd397e49de6b629fe9323f57ccfb2c9bf912c3bfd20b345e
diff --git a/net-print/cups/cups-2.3_beta5-r1.ebuild
b/net-print/cups/cups-2.2.10.ebuild
similarity index 92%
copy from net-print/cups/cups-2.3_beta5-r1.ebuild
copy to net-print/cups/cups-2.2.10.ebuild
index f7c6d292fae..b5fcaa92de9 100644
--- a/net-print/cups/cups-2.3_beta5-r1.ebuild
+++ b/net-print/cups/cups-2.2.10.ebuild
@@ -1,15 +1,16 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=6
PYTHON_COMPAT=( python2_7 )
-inherit autotools eapi7-ver gnome2-utils flag-o-matic linux-info xdg-utils
multilib multilib-minimal pam user systemd toolchain-funcs
+inherit autotools eapi7-ver gnome2-utils flag-o-matic linux-info xdg-utils
multilib multilib-minimal pam python-single-r1 user java-pkg-opt-2 systemd
toolchain-funcs
+MY_P="${P/_rc/rc}"
+MY_P="${MY_P/_beta/b}"
MY_PV="${PV/_rc/rc}"
MY_PV="${MY_PV/_beta/b}"
-MY_P="${PN}-${MY_PV}"
if [[ ${PV} == *9999 ]]; then
inherit git-r3
@@ -19,18 +20,16 @@ if [[ ${PV} == *9999 ]]; then
fi
else
#SRC_URI="https://github.com/apple/${PN}/archive/v${PV}.tar.gz ->
${P}.tar.gz"
-
SRC_URI="https://github.com/apple/cups/releases/download/v${MY_PV}/${MY_P}-source.tar.gz";
- if [[ "${PV}" != *_beta* ]] && [[ "${PV}" != *_rc* ]] ; then
- KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc
~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~m68k-mint"
- fi
+
SRC_URI="https://github.com/apple/cups/releases/download/v${PV}/${P}-source.tar.gz";
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390
~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~m68k-mint"
fi
DESCRIPTION="The Common Unix Printing System"
HOMEPAGE="https://www.cups.org/";
-LICENSE="Apache-2.0"
+LICENSE="GPL-2"
SLOT="0"
-IUSE="acl dbus debug kerberos lprng-compat pam selinux +ssl static-libs
systemd +threads usb X xinetd zeroconf"
+IUSE="acl dbus debug java kerberos lprng-compat pam python selinux +ssl
static-libs systemd +threads usb X xinetd zeroconf"
CDEPEND="
app-text/libpaper
@@ -42,9 +41,11 @@ CDEPEND="
)
)
dbus? ( >=sys-apps/dbus-1.6.18-r1[${MULTILIB_USEDEP}] )
+ java? ( >=virtual/jre-1.6:* )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
!lprng-compat? ( !net-print/lprng )
pam? ( virtual/pam )
+ python? ( ${PYTHON_DEPS} )
ssl? ( >=net-libs/gnutls-2.12.23-r6:0=[${MULTILIB_USEDEP}] )
systemd? ( sys-apps/systemd )
usb? ( virtual/libusb:1 )
@@ -64,6 +65,7 @@ RDEPEND="${CDEPEND}
PDEPEND=">=net-print/cups-filters-1.0.43"
REQUIRED_USE="
+ python? ( ${PYTHON_REQUIRED_USE} )
usb? ( threads )
"
@@ -77,20 +79,19 @@ PATCHES=(
"${FILESDIR}/${PN}-1.4.4-nostrip.patch"
"${FILESDIR}/${PN}-2.0.2-rename-systemd-service-files.patch"
"${FILESDIR}/${PN}-2.0.1-xinetd-installation-fix.patch"
- "${FILESDIR}/${P}-validation_fixes.patch" #657526
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/cups-config
)
-S="${WORKDIR}/${MY_P}"
-
pkg_setup() {
enewgroup lp
enewuser lp -1 -1 -1 lp
enewgroup lpadmin 106
+ use python && python-single-r1_pkg_setup
+
if use kernel_linux; then
linux-info_pkg_setup
if ! linux_config_exists; then
@@ -167,8 +168,10 @@ multilib_src_configure() {
$(use_enable debug)
$(use_enable debug debug-guards)
$(use_enable debug debug-printfs)
+ $(multilib_native_use_with java)
$(use_enable kerberos gssapi)
$(multilib_native_use_enable pam)
+ $(multilib_native_use_with python python "${PYTHON}")
$(use_enable static-libs static)
$(use_enable threads)
$(use_enable ssl gnutls)
@@ -176,6 +179,8 @@ multilib_src_configure() {
$(multilib_native_use_enable usb libusb)
$(use_enable zeroconf avahi)
--disable-dnssd
+ --without-perl
+ --without-php
$(multilib_is_native_abi && echo --enable-libpaper || echo
--disable-libpaper)
)
diff --git a/net-print/cups/cups-2.3_beta5-r1.ebuild
b/net-print/cups/cups-2.3_beta6.ebuild
similarity index 99%
rename from net-print/cups/cups-2.3_beta5-r1.ebuild
rename to net-print/cups/cups-2.3_beta6.ebuild
index f7c6d292fae..4801eaf8b9a 100644
--- a/net-print/cups/cups-2.3_beta5-r1.ebuild
+++ b/net-print/cups/cups-2.3_beta6.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=6
@@ -77,7 +77,7 @@ PATCHES=(
"${FILESDIR}/${PN}-1.4.4-nostrip.patch"
"${FILESDIR}/${PN}-2.0.2-rename-systemd-service-files.patch"
"${FILESDIR}/${PN}-2.0.1-xinetd-installation-fix.patch"
- "${FILESDIR}/${P}-validation_fixes.patch" #657526
+ "${FILESDIR}/${P}-usage_argument_fix.patch"
)
MULTILIB_CHOST_TOOLS=(
diff --git a/net-print/cups/files/cups-2.3_beta5-validation_fixes.patch
b/net-print/cups/files/cups-2.3_beta5-validation_fixes.patch
deleted file mode 100644
index 29e2533eeb1..00000000000
--- a/net-print/cups/files/cups-2.3_beta5-validation_fixes.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-From 1d677f11f1e3353524d46c2842188eccfcdcd5a2 Mon Sep 17 00:00:00 2001
-From: Michael R Sweet <[email protected]>
-Date: Mon, 11 Jun 2018 09:37:34 -0400
-Subject: [PATCH] Fix regressions in ippValidateAttribute (Issue #5322, Issue
- #5330)
-
-diff --git a/cups/ipp.c b/cups/ipp.c
-index 95d53cc44..325de02b9 100644
---- a/cups/ipp.c
-+++ b/cups/ipp.c
-@@ -5033,16 +5033,19 @@ ippValidateAttribute(
- break;
- }
-
-- if (*ptr < ' ' || *ptr == 0x7f)
-- {
-- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text
value \"%s\" - bad control character (PWG 5100.14 section 8.3)."), attr->name,
attr->values[i].string.text);
-- return (0);
-- }
-- else if (*ptr)
-- {
-- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text
value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.2)."), attr->name,
attr->values[i].string.text);
-- return (0);
-- }
-+ if (*ptr)
-+ {
-+ if (*ptr < ' ' || *ptr == 0x7f)
-+ {
-+ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text
value \"%s\" - bad control character (PWG 5100.14 section 8.3)."), attr->name,
attr->values[i].string.text);
-+ return (0);
-+ }
-+ else
-+ {
-+ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad text
value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.2)."), attr->name,
attr->values[i].string.text);
-+ return (0);
-+ }
-+ }
-
- if ((ptr - attr->values[i].string.text) > (IPP_MAX_TEXT - 1))
- {
-@@ -5091,16 +5094,19 @@ ippValidateAttribute(
- break;
- }
-
-- if (*ptr < ' ' || *ptr == 0x7f)
-- {
-- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name
value \"%s\" - bad control character (PWG 5100.14 section 8.1)."), attr->name,
attr->values[i].string.text);
-- return (0);
-- }
-- else if (*ptr)
-+ if (*ptr)
- {
-- ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name
value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.3)."), attr->name,
attr->values[i].string.text);
-- return (0);
-- }
-+ if (*ptr < ' ' || *ptr == 0x7f)
-+ {
-+ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name
value \"%s\" - bad control character (PWG 5100.14 section 8.1)."), attr->name,
attr->values[i].string.text);
-+ return (0);
-+ }
-+ else
-+ {
-+ ipp_set_error(IPP_STATUS_ERROR_BAD_REQUEST, _("\"%s\": Bad name
value \"%s\" - bad UTF-8 sequence (RFC 8011 section 5.1.3)."), attr->name,
attr->values[i].string.text);
-+ return (0);
-+ }
-+ }
-
- if ((ptr - attr->values[i].string.text) > (IPP_MAX_NAME - 1))
- {
diff --git a/net-print/cups/files/cups-2.3_beta6-usage_argument_fix.patch
b/net-print/cups/files/cups-2.3_beta6-usage_argument_fix.patch
new file mode 100644
index 00000000000..f0ba569a0f4
--- /dev/null
+++ b/net-print/cups/files/cups-2.3_beta6-usage_argument_fix.patch
@@ -0,0 +1,38 @@
+From 7b655b36b349f6db9a7b658d0075c468cff83c2e Mon Sep 17 00:00:00 2001
+From: Lars Wendler <[email protected]>
+Date: Sat, 8 Dec 2018 13:14:06 +0100
+Subject: [PATCH] Fix call to usage which requires an int argument
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Otherwise compilation fails:
+
+main.c: In function ‘main’:
+main.c:158:7: error: too few arguments to function ‘usage’
+ usage();
+ ^~~~~
+main.c:73:14: note: declared here
+ static void usage(int status) _CUPS_NORETURN;
+ ^~~~~
+make[1]: *** [../Makedefs:270: main.o] Error 1
+---
+ scheduler/main.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/scheduler/main.c b/scheduler/main.c
+index ce7df89c0..a7df4525f 100644
+--- a/scheduler/main.c
++++ b/scheduler/main.c
+@@ -155,7 +155,7 @@ main(int argc, /* I - Number
of command-line args */
+ for (i = 1; i < argc; i ++)
+ {
+ if (!strcmp(argv[i], "--help"))
+- usage();
++ usage(1);
+ else if (argv[i][0] == '-')
+ {
+ for (opt = argv[i] + 1; *opt != '\0'; opt ++)
+--
+2.20.0.rc2
+
