From cfd5fe22282f6d9e17c0cbe23013f072a7dd0b45 Mon Sep 17 00:00:00 2001 From: CentOS Buildsys Date: Mar 28 2014 14:30:50 +0000 Subject: import cups-filters-1.0.35-15.el7.src.rpm --- diff --git a/SOURCES/cups-filters-CVE-2013-6475.patch b/SOURCES/cups-filters-CVE-2013-6475.patch new file mode 100644 index 0000000..3ce4bf7 --- /dev/null +++ b/SOURCES/cups-filters-CVE-2013-6475.patch @@ -0,0 +1,156 @@ +diff -up cups-filters-1.0.35/filter/pdftoopvp/oprs/OPVPSplash.cxx.CVE-2013-6475 cups-filters-1.0.35/filter/pdftoopvp/oprs/OPVPSplash.cxx +--- cups-filters-1.0.35/filter/pdftoopvp/oprs/OPVPSplash.cxx.CVE-2013-6475 2014-01-20 13:32:28.906801955 +0000 ++++ cups-filters-1.0.35/filter/pdftoopvp/oprs/OPVPSplash.cxx 2014-01-20 13:34:03.581403757 +0000 +@@ -1094,7 +1094,7 @@ void OPVPSplash::fillGlyph(SplashCoord x + + opvpbytes = (m+3)/4; + opvpbytes *= 4; +- bp = (Guchar *)gmalloc(opvpbytes*glyph->h); ++ bp = (Guchar *)gmallocn(opvpbytes, glyph->h); + for (i = 0;i < glyph->h;i++) { + memcpy(bp+i*opvpbytes,glyph->data+i*m,m); + } +@@ -1238,8 +1238,8 @@ SplashError OPVPSplash::fillImageMaskFas + /* align 4 */ + opvpbytes = (opvpbytes+3)/4; + opvpbytes *= 4; +- buf = (Guchar *)gmalloc(opvpbytes*h); +- lineBuf = (SplashColorPtr)gmalloc(opvpbytes*8); ++ buf = (Guchar *)gmallocn(opvpbytes, h); ++ lineBuf = (SplashColorPtr)gmallocn(opvpbytes, 8); + + for (i = 0;i < h;i++) { + int k; +@@ -1417,7 +1417,7 @@ SplashError OPVPSplash::fillImageMask(Sp + imat[3] = mat[0]/det; + + /* read source image */ +- pixBuf = (SplashColorPtr)gmalloc(h * w); ++ pixBuf = (SplashColorPtr)gmallocn(h, w); + + p = pixBuf; + for (i = 0; i < h; ++i) { +@@ -1571,7 +1571,7 @@ SplashError OPVPSplash::drawImageNotShea + hs = h-1; + he = -1; + } +- buf = (Guchar *)gmalloc(opvpbytes*h); ++ buf = (Guchar *)gmallocn(opvpbytes, h); + lineBuf = (SplashColorPtr)gmalloc(lineBufSize); + switch (colorMode) { + case splashModeMono1: +@@ -1734,7 +1734,7 @@ SplashError OPVPSplash::drawImageFastWit + return splashErrOPVP; + break; + } +- buf = (Guchar *)gmalloc(opvpbytes*h); ++ buf = (Guchar *)gmallocn(opvpbytes, h); + + switch (colorMode) { + case splashModeMono1: +@@ -1960,7 +1960,7 @@ SplashError OPVPSplash::drawImage(Splash + } + + /* read source image */ +- pixBuf = (SplashColorPtr)gmalloc(h * linesize); ++ pixBuf = (SplashColorPtr)gmallocn(h, linesize); + + p = pixBuf; + for (i = 0; i < h; ++i) { +diff -up cups-filters-1.0.35/filter/pdftoopvp/OPVPOutputDev.cxx.CVE-2013-6475 cups-filters-1.0.35/filter/pdftoopvp/OPVPOutputDev.cxx +--- cups-filters-1.0.35/filter/pdftoopvp/OPVPOutputDev.cxx.CVE-2013-6475 2014-01-20 13:34:26.782551214 +0000 ++++ cups-filters-1.0.35/filter/pdftoopvp/OPVPOutputDev.cxx 2014-01-20 13:37:30.670719614 +0000 +@@ -147,9 +147,9 @@ T3FontCache::T3FontCache(Ref *fontIDA, d + } else { + cacheSets = 1; + } +- cacheData = (Guchar *)gmalloc(cacheSets * cacheAssoc * glyphSize); +- cacheTags = (T3FontCacheTag *)gmalloc(cacheSets * cacheAssoc * +- sizeof(T3FontCacheTag)); ++ cacheData = (Guchar *)gmallocn3(cacheSets, cacheAssoc, glyphSize); ++ cacheTags = (T3FontCacheTag *)gmallocn3(cacheSets, cacheAssoc, ++ sizeof(T3FontCacheTag)); + for (i = 0; i < cacheSets * cacheAssoc; ++i) { + cacheTags[i].mru = i & (cacheAssoc - 1); + } +@@ -1424,7 +1424,7 @@ void OPVPOutputDev::drawImage(GfxState * + } + break; + case splashModeRGB8: +- imgData.lookup = (SplashColorPtr)gmalloc(3 * n); ++ imgData.lookup = (SplashColorPtr)gmallocn(3, n); + for (i = 0; i < n; ++i) { + pix = (Guchar)i; + colorMap->getRGB(&pix, &rgb); +@@ -1434,7 +1434,7 @@ void OPVPOutputDev::drawImage(GfxState * + } + break; + case splashModeBGR8: +- imgData.lookup = (SplashColorPtr)gmalloc(3 * n); ++ imgData.lookup = (SplashColorPtr)gmallocn(3, n); + for (i = 0; i < n; ++i) { + pix = (Guchar)i; + colorMap->getRGB(&pix, &rgb); +@@ -1445,7 +1445,7 @@ void OPVPOutputDev::drawImage(GfxState * + break; + #if SPLASH_CMYK + case splashModeCMYK8: +- imgData.lookup = (SplashColorPtr)gmalloc(4 * n); ++ imgData.lookup = (SplashColorPtr)gmallocn(4, n); + for (i = 0; i < n; ++i) { + pix = (Guchar)i; + colorMap->getCMYK(&pix, &cmyk); +@@ -1680,7 +1680,7 @@ void OPVPOutputDev::drawMaskedImage(GfxS + } + break; + case splashModeRGB8: +- imgData.lookup = (SplashColorPtr)gmalloc(3 * n); ++ imgData.lookup = (SplashColorPtr)gmallocn(3, n); + for (i = 0; i < n; ++i) { + pix = (Guchar)i; + colorMap->getRGB(&pix, &rgb); +@@ -1690,7 +1690,7 @@ void OPVPOutputDev::drawMaskedImage(GfxS + } + break; + case splashModeBGR8: +- imgData.lookup = (SplashColorPtr)gmalloc(3 * n); ++ imgData.lookup = (SplashColorPtr)gmallocn(3, n); + for (i = 0; i < n; ++i) { + pix = (Guchar)i; + colorMap->getRGB(&pix, &rgb); +@@ -1701,7 +1701,7 @@ void OPVPOutputDev::drawMaskedImage(GfxS + break; + #if SPLASH_CMYK + case splashModeCMYK8: +- imgData.lookup = (SplashColorPtr)gmalloc(4 * n); ++ imgData.lookup = (SplashColorPtr)gmallocn(4, n); + for (i = 0; i < n; ++i) { + pix = (Guchar)i; + colorMap->getCMYK(&pix, &cmyk); +@@ -1847,7 +1847,7 @@ void OPVPOutputDev::drawSoftMaskedImage( + } + break; + case splashModeRGB8: +- imgData.lookup = (SplashColorPtr)gmalloc(3 * n); ++ imgData.lookup = (SplashColorPtr)gmallocn(3, n); + for (i = 0; i < n; ++i) { + pix = (Guchar)i; + colorMap->getRGB(&pix, &rgb); +@@ -1857,7 +1857,7 @@ void OPVPOutputDev::drawSoftMaskedImage( + } + break; + case splashModeBGR8: +- imgData.lookup = (SplashColorPtr)gmalloc(3 * n); ++ imgData.lookup = (SplashColorPtr)gmallocn(3, n); + for (i = 0; i < n; ++i) { + pix = (Guchar)i; + colorMap->getRGB(&pix, &rgb); +@@ -1868,7 +1868,7 @@ void OPVPOutputDev::drawSoftMaskedImage( + break; + #if SPLASH_CMYK + case splashModeCMYK8: +- imgData.lookup = (SplashColorPtr)gmalloc(4 * n); ++ imgData.lookup = (SplashColorPtr)gmallocn(4, n); + for (i = 0; i < n; ++i) { + pix = (Guchar)i; + colorMap->getCMYK(&pix, &cmyk); diff --git a/SPECS/cups-filters.spec b/SPECS/cups-filters.spec index 13f9d66..3c1f90d 100644 --- a/SPECS/cups-filters.spec +++ b/SPECS/cups-filters.spec @@ -4,7 +4,7 @@ Summary: OpenPrinting CUPS filters and backends Name: cups-filters Version: 1.0.35 -Release: 11%{?dist} +Release: 15%{?dist} # For a breakdown of the licensing, see COPYING file # GPLv2: filters: commandto*, imagetoraster, pdftops, rasterto*, @@ -30,6 +30,7 @@ Patch5: cups-filters-urftopdf.patch Patch6: cups-filters-format-mismatch.patch Patch7: cups-filters-pdf-landscape.patch Patch8: cups-filters-pdftoopvp.patch +Patch9: cups-filters-CVE-2013-6475.patch Requires: cups-filters-libs%{?_isa} = %{version}-%{release} @@ -68,6 +69,10 @@ BuildRequires: libtool Requires: cups-filesystem Requires: poppler-utils + +# texttopdf +Requires: liberation-mono-fonts + # pstopdf Requires: bc grep sed @@ -125,6 +130,10 @@ This is the development package for OpenPrinting CUPS filters and backends. # Don't ship pdftoopvp for now (bug #1027557). %patch8 -p1 -b .pdftoopvp +# Apply CVE-2013-6475 to pdftoopvp even though we don't ship it +# (bug #1052741). +%patch9 -p1 -b .CVE-2013-6475 + %build # work-around Rpath ./autogen.sh @@ -231,6 +240,20 @@ fi %{_libdir}/libfontembed.so %changelog +* Fri Mar 28 2014 Tim Waugh - 1.0.35-15 +- The texttopdf filter requires a TrueType monospaced font + (bug #1070729). + +* Fri Jan 24 2014 Daniel Mach - 1.0.35-14 +- Mass rebuild 2014-01-24 + +* Mon Jan 20 2014 Tim Waugh - 1.0.35-13 +- Apply CVE-2013-6475 to pdftoopvp even though we don't ship it + (bug #1052741). + +* Fri Dec 27 2013 Daniel Mach - 1.0.35-12 +- Mass rebuild 2013-12-27 + * Fri Nov 8 2013 Tim Waugh - 1.0.35-11 - Don't ship pdftoopvp for now (bug #1027557).