aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--print/cups-base/Makefile1
-rw-r--r--print/cups-base/files/patch-CVE-2009-355336
2 files changed, 37 insertions, 0 deletions
diff --git a/print/cups-base/Makefile b/print/cups-base/Makefile
index c1959f1335e4..1940a6f65121 100644
--- a/print/cups-base/Makefile
+++ b/print/cups-base/Makefile
@@ -89,6 +89,7 @@ USE_LDCONFIG= yes
PKGMESSAGE= ${NONEXISTENT}
DESCR= ${MASTERDIR}/pkg-descr.image
.else
+PORTREVISION= 1
CONFLICTS+= cupsddk-*
CUPS_SUFFIX= -base
LIB_DEPENDS+= cups.2:${PORTSDIR}/${PKGCATEGORY}/cups-client \
diff --git a/print/cups-base/files/patch-CVE-2009-3553 b/print/cups-base/files/patch-CVE-2009-3553
new file mode 100644
index 000000000000..34c698734be7
--- /dev/null
+++ b/print/cups-base/files/patch-CVE-2009-3553
@@ -0,0 +1,36 @@
+From b6b656f4b431574069d5b17dc6d3d44910269bb9 Mon Sep 17 00:00:00 2001
+From: Tim Waugh <twaugh@redhat.com>
+Date: Wed, 3 Feb 2010 16:07:11 +0000
+Subject: [PATCH] More complete fix for CVE-2009-3553.
+
+---
+ scheduler/select.c | 6 ++++--
+ 1 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/scheduler/select.c b/scheduler/select.c
+index 21a6edc..a2451a5 100644
+--- scheduler/select.c
++++ scheduler/select.c
+@@ -454,7 +454,8 @@ cupsdDoSelect(long timeout) /* I - Timeout in seconds */
+ if (fdptr->read_cb && event->filter == EVFILT_READ)
+ (*(fdptr->read_cb))(fdptr->data);
+
+- if (fdptr->use > 1 && fdptr->write_cb && event->filter == EVFILT_WRITE)
++ if (fdptr->use > 1 && fdptr->write_cb && event->filter == EVFILT_WRITE &&
++ !cupsArrayFind(cupsd_inactive_fds, fdptr))
+ (*(fdptr->write_cb))(fdptr->data);
+
+ release_fd(fdptr);
+@@ -500,7 +501,8 @@ cupsdDoSelect(long timeout) /* I - Timeout in seconds */
+ (*(fdptr->read_cb))(fdptr->data);
+
+ if (fdptr->use > 1 && fdptr->write_cb &&
+- (event->events & (EPOLLOUT | EPOLLERR | EPOLLHUP)))
++ (event->events & (EPOLLOUT | EPOLLERR | EPOLLHUP)) &&
++ !cupsArrayFind(cupsd_inactive_fds, fdptr))
+ (*(fdptr->write_cb))(fdptr->data);
+
+ release_fd(fdptr);
+--
+1.6.6
+