Blame SOURCES/cups-CVE-2018-4700.patch

5ee0f1
diff --git a/cgi-bin/var.c b/cgi-bin/var.c
5ee0f1
index 8b8c026..67175e9 100644
5ee0f1
--- a/cgi-bin/var.c
5ee0f1
+++ b/cgi-bin/var.c
5ee0f1
@@ -1221,6 +1221,7 @@ cgi_set_sid(void)
5ee0f1
   const char		*remote_addr,	/* REMOTE_ADDR */
5ee0f1
 			*server_name,	/* SERVER_NAME */
5ee0f1
 			*server_port;	/* SERVER_PORT */
5ee0f1
+  struct timeval	curtime;	/* Current time */
5ee0f1
 
5ee0f1
 
5ee0f1
   if ((remote_addr = getenv("REMOTE_ADDR")) == NULL)
5ee0f1
@@ -1230,7 +1231,8 @@ cgi_set_sid(void)
5ee0f1
   if ((server_port = getenv("SERVER_PORT")) == NULL)
5ee0f1
     server_port = "SERVER_PORT";
5ee0f1
 
5ee0f1
-  CUPS_SRAND(time(NULL));
5ee0f1
+  gettimeofday(&curtime, NULL);
5ee0f1
+  CUPS_SRAND(curtime.tv_sec + curtime.tv_usec);
5ee0f1
   snprintf(buffer, sizeof(buffer), "%s:%s:%s:%02X%02X%02X%02X%02X%02X%02X%02X",
5ee0f1
            remote_addr, server_name, server_port,
5ee0f1
 	   (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,