foomatic-filters: Security fixes CVE-2015-8327

CVE-2015-8327 cups-filters: foomatic-rip did not consider the back tick as an illegal shell escape character (From OE-Core rev: 986f7fbe37a48d050611f08f7160ed96755ac3dc) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Armin Kuster <akuster@mvista.com> 2016-07-31 08:30:18 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-08-01 12:11:21 +0100
commit: 2db1d3b76db641c050c7a7d629b9a613616c886f (patch)
tree: e28f5d471425cb1c63b25265a6c2492949f29450 /meta/recipes-extended/foomatic/foomatic-filters-4.0.17
parent: e07ebd001b956c6df297bb8d03e57d58fd3cf17f (diff)
download: poky-2db1d3b76db641c050c7a7d629b9a613616c886f.tar.gz
1 files changed, 23 insertions, 0 deletions
diff --git a/meta/recipes-extended/foomatic/foomatic-filters-4.0.17/CVE-2015-8327.patch b/meta/recipes-extended/foomatic/foomatic-filters-4.0.17/CVE-2015-8327.patch
new file mode 100644
index 0000000000..aaedc88aa3
--- /dev/null
+++ b/meta/recipes-extended/foomatic/foomatic-filters-4.0.17/CVE-2015-8327.patch
@@ -0,0 +1,23 @@
+Upstream-Status: Backport
+http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406
+Hand applied change to util.c. Fix was for cups-filters but also applied to foomatic-filters.
+CVE: CVE-2015-8327
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+Index: util.c
+===================================================================
+--- a/util.c
+++ b/util.c
+@@ -31,7 +31,7 @@
+ #include <assert.h>
+ 
+ 
+-const char* shellescapes = "|;<>&!$\'\"#*?()[]{}";
+const char* shellescapes = "|;<>&!$\'\"`#*?()[]{}";
+ 
+ const char * temp_dir()
+ {
author	Armin Kuster <akuster@mvista.com>	2016-07-31 08:30:18 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-08-01 12:11:21 +0100
commit	2db1d3b76db641c050c7a7d629b9a613616c886f (patch)
tree	e28f5d471425cb1c63b25265a6c2492949f29450 /meta/recipes-extended/foomatic/foomatic-filters-4.0.17
parent	e07ebd001b956c6df297bb8d03e57d58fd3cf17f (diff)
download	poky-2db1d3b76db641c050c7a7d629b9a613616c886f.tar.gz

diff --git a/meta/recipes-extended/foomatic/foomatic-filters-4.0.17/CVE-2015-8327.patch b/meta/recipes-extended/foomatic/foomatic-filters-4.0.17/CVE-2015-8327.patch new file mode 100644 index 0000000000..aaedc88aa3 --- /dev/null +++ b/meta/recipes-extended/foomatic/foomatic-filters-4.0.17/CVE-2015-8327.patch
@@ -0,0 +1,23 @@
	1	Upstream-Status: Backport
	2
	3
	4	http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406
	5
	6	Hand applied change to util.c. Fix was for cups-filters but also applied to foomatic-filters.
	7
	8	CVE: CVE-2015-8327
	9	Signed-off-by: Armin Kuster <akuster@mvista.com>
	10
	11	Index: util.c
	12	===================================================================
	13	--- a/util.c
	14	+++ b/util.c
	15	@@ -31,7 +31,7 @@
	16	#include <assert.h>
	17
	18
	19	-const char* shellescapes = "\|;<>&!$\'\"#*?()[]{}";
	20	+const char* shellescapes = "\|;<>&!$\'\"`#*?()[]{}";
	21
	22	const char * temp_dir()
	23	{