From 545a2c85d2d840392726834d81c18276ccdd87b5 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Thu, 28 Mar 2024 17:03:23 +0300 Subject: [PATCH] import cups-2.3.3op2-24.el9 --- ...-Check-for-error-if-POLLHUP-is-in-va.patch | 43 +++++++++++++++++++ ...-Print-to-stderr-if-we-don-t-open-cu.patch | 36 ++++++++++++++++ SOURCES/cups-preservejobfiles-leak.patch | 31 +++++++++++++ SPECS/cups.spec | 25 ++++++++++- 4 files changed, 134 insertions(+), 1 deletion(-) create mode 100644 SOURCES/0001-httpAddrConnect2-Check-for-error-if-POLLHUP-is-in-va.patch create mode 100644 SOURCES/0001-scheduler-conf.c-Print-to-stderr-if-we-don-t-open-cu.patch create mode 100644 SOURCES/cups-preservejobfiles-leak.patch diff --git a/SOURCES/0001-httpAddrConnect2-Check-for-error-if-POLLHUP-is-in-va.patch b/SOURCES/0001-httpAddrConnect2-Check-for-error-if-POLLHUP-is-in-va.patch new file mode 100644 index 0000000..a280b4f --- /dev/null +++ b/SOURCES/0001-httpAddrConnect2-Check-for-error-if-POLLHUP-is-in-va.patch @@ -0,0 +1,43 @@ +diff -up cups-2.2.6/cups/http-addrlist.c.cupsgetjobs-pollhup cups-2.2.6/cups/http-addrlist.c +--- cups-2.2.6/cups/http-addrlist.c.cupsgetjobs-pollhup 2023-12-19 18:25:15.484637450 +0100 ++++ cups-2.2.6/cups/http-addrlist.c 2023-12-19 18:28:57.129163387 +0100 +@@ -313,6 +313,39 @@ httpAddrConnect2( + { + # ifdef HAVE_POLL + DEBUG_printf(("pfds[%d].revents=%x\n", i, pfds[i].revents)); ++ ++# ifdef _WIN32 ++ if (((WSAGetLastError() == WSAEINPROGRESS) && (pfds[i].revents & POLLIN) && (pfds[i].revents & POLLOUT)) || ++ ((pfds[i].revents & POLLHUP) && (pfds[i].revents & (POLLIN|POLLOUT)))) ++# else ++ if (((errno == EINPROGRESS) && (pfds[i].revents & POLLIN) && (pfds[i].revents & POLLOUT)) || ++ ((pfds[i].revents & POLLHUP) && (pfds[i].revents & (POLLIN|POLLOUT)))) ++# endif /* _WIN32 */ ++ { ++ // Some systems generate POLLIN or POLLOUT together with POLLHUP when doing ++ // asynchronous connections. The solution seems to be to use getsockopt to ++ // check the SO_ERROR value and ignore the POLLHUP if there is no error or ++ // the error is EINPROGRESS. ++ ++ int sres, /* Return value from getsockopt() - 0, or -1 if error */ ++ serr; /* Option SO_ERROR value */ ++ socklen_t slen = sizeof(serr); /* Option value size */ ++ ++ sres = getsockopt(fds[i], SOL_SOCKET, SO_ERROR, &serr, &slen); ++ ++ if (sres || serr) ++ { ++ pfds[i].revents |= POLLERR; ++# ifdef DEBUG ++ DEBUG_printf(("1httpAddrConnect2: getsockopt returned: %d with error: %s", sres, strerror(serr))); ++# endif ++ } ++ else if (pfds[i].revents && (pfds[i].revents & POLLHUP) && (pfds[i].revents & (POLLIN | POLLOUT))) ++ { ++ pfds[i].revents &= ~POLLHUP; ++ } ++ } ++ + if (pfds[i].revents && !(pfds[i].revents & (POLLERR | POLLHUP))) + # else + if (FD_ISSET(fds[i], &input_set) && !FD_ISSET(fds[i], &error_set)) diff --git a/SOURCES/0001-scheduler-conf.c-Print-to-stderr-if-we-don-t-open-cu.patch b/SOURCES/0001-scheduler-conf.c-Print-to-stderr-if-we-don-t-open-cu.patch new file mode 100644 index 0000000..0c7f8c3 --- /dev/null +++ b/SOURCES/0001-scheduler-conf.c-Print-to-stderr-if-we-don-t-open-cu.patch @@ -0,0 +1,36 @@ +From db9cecdd932e58c51d2d659f63415ad47d151717 Mon Sep 17 00:00:00 2001 +From: Zdenek Dohnal +Date: Fri, 1 Sep 2023 17:11:54 +0200 +Subject: [PATCH] scheduler/conf.c: Print to stderr if we don't open + cups-files.conf + +In case cupsd can't open the cups-files.conf, the error message is lost +if journal and syslog don't exist or work on system (usually in +containers). + +Log the error into stderr at this place to get the error message if +needed. +--- + scheduler/conf.c | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/scheduler/conf.c b/scheduler/conf.c +index b18535162..4fa7eb1df 100644 +--- a/scheduler/conf.c ++++ b/scheduler/conf.c +@@ -811,11 +811,7 @@ cupsdReadConfiguration(void) + cupsdLogMessage(CUPSD_LOG_INFO, "No %s, using defaults.", CupsFilesFile); + else + { +-#ifdef HAVE_SYSTEMD_SD_JOURNAL_H +- sd_journal_print(LOG_ERR, "Unable to open \"%s\" - %s", CupsFilesFile, strerror(errno)); +-#else +- syslog(LOG_LPR, "Unable to open \"%s\" - %s", CupsFilesFile, strerror(errno)); +-#endif /* HAVE_SYSTEMD_SD_JOURNAL_H */ ++ fprintf(stderr, "Unable to read \"%s\" - %s\n", CupsFilesFile, strerror(errno)); + + return (0); + } +-- +2.41.0 + diff --git a/SOURCES/cups-preservejobfiles-leak.patch b/SOURCES/cups-preservejobfiles-leak.patch new file mode 100644 index 0000000..c1c132d --- /dev/null +++ b/SOURCES/cups-preservejobfiles-leak.patch @@ -0,0 +1,31 @@ +diff --git a/scheduler/colorman.c b/scheduler/colorman.c +index 8af4e5c..9bfdb0c 100644 +--- a/scheduler/colorman.c ++++ b/scheduler/colorman.c +@@ -1083,7 +1083,7 @@ colord_create_profile( + + dbus_message_iter_get_basic(&args, &profile_path); + cupsdLogMessage(CUPSD_LOG_DEBUG, "Created profile \"%s\".", profile_path); +- cupsArrayAdd(profiles, strdup(profile_path)); ++ cupsArrayAdd(profiles, profile_path); + + out: + +diff --git a/scheduler/job.c b/scheduler/job.c +index 0223bee..47d4c72 100644 +--- a/scheduler/job.c ++++ b/scheduler/job.c +@@ -1496,11 +1496,11 @@ cupsdDeleteJob(cupsd_job_t *job, /* I - Job */ + job->num_files = 0; + } + ++ unload_job(job); ++ + if (job->history) + free_job_history(job); + +- unload_job(job); +- + cupsArrayRemove(Jobs, job); + cupsArrayRemove(ActiveJobs, job); + cupsArrayRemove(PrintingJobs, job); diff --git a/SPECS/cups.spec b/SPECS/cups.spec index 6f9d1ce..7b7eb9c 100644 --- a/SPECS/cups.spec +++ b/SPECS/cups.spec @@ -24,7 +24,7 @@ Summary: CUPS printing system Name: cups Epoch: 1 Version: 2.3.3%{OP_VER} -Release: 21%{?dist} +Release: 24%{?dist} License: ASL 2.0 Url: http://www.cups.org/ # Apple stopped uploading the new versions into github, use OpenPrinting fork @@ -126,6 +126,12 @@ Patch34: 0001-Log-result-of-httpGetHostname-BEFORE-closing-the-con.patch Patch35: 0001-cups-strlcpy-handle-zero-size.patch # CVE-2023-32360 cups: Information leak through Cups-Get-Document operation Patch36: 0001-Require-authentication-for-CUPS-Get-Document.patch +# RHEL-14931 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off" +Patch37: cups-preservejobfiles-leak.patch +# RHEL-15308 cupsd fails to open cups-files.conf and the resulting error message is lost +Patch38: 0001-scheduler-conf.c-Print-to-stderr-if-we-don-t-open-cu.patch +# RHEL-19495 cupsGetJobs fails to connect if poll() gets POLLOUT|POLLHUP in revents +Patch39: 0001-httpAddrConnect2-Check-for-error-if-POLLHUP-is-in-va.patch ##### Patches removed because IMHO they aren't no longer needed @@ -381,6 +387,12 @@ to CUPS daemon. This solution will substitute printer drivers and raw queues in %patch35 -p1 -b .cve32324 # CVE-2023-32360 cups: Information leak through Cups-Get-Document operation %patch36 -p1 -b .get-document-auth +# RHEL-14931 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off" +%patch37 -p1 -b .preservejobfiles-leak +# RHEL-15308 cupsd fails to open cups-files.conf and the resulting error message is lost +%patch38 -p1 -b .log-stderr +# RHEL-19495 cupsGetJobs fails to connect if poll() gets POLLOUT|POLLHUP in revents +%patch39 -p1 -b .cupsgetjobs-pollhup %if %{lspp} # LSPP support. @@ -815,6 +827,17 @@ rm -f %{cups_serverbin}/backend/smb %{_mandir}/man7/ippeveps.7.gz %changelog +* Mon Feb 26 2024 Zdenek Dohnal - 1:2.3.3op2-24 +- revert RHEL-19205 - new packages are not needed + +* Wed Dec 20 2023 Zdenek Dohnal - 1:2.3.3op2-23 +- RHEL-19205 Recommend new cups-filters subpackages with weak dep for better upgrade exp +- RHEL-19495 cupsGetJobs fails to connect if poll() gets POLLOUT|POLLHUP in revents + +* Thu Nov 02 2023 Zdenek Dohnal - 1:2.3.3op2-22 +- RHEL-14931 cupsd memory leak in cupsdDeleteJob() with "PreserveJobHistory Off" +- RHEL-15308 cupsd fails to open cups-files.conf and the resulting error message is lost + * Tue Aug 29 2023 Zdenek Dohnal - 1:2.3.3op2-21 - bump the spec because the previous build was made with buildroot 9.2