summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--debian/changelog9
-rw-r--r--debian/patches/0001-paps.patch (renamed from debian/patches/0500-paps.patch)0
-rw-r--r--debian/patches/0100-pdf_header.patch (renamed from debian/patches/0002-pdf_header.patch)0
-rw-r--r--debian/patches/0105-ppd_trailing_whitespace.patch (renamed from debian/patches/0010-ppd_trailing_whitespace.patch)0
-rw-r--r--debian/patches/0110-fixed-segfault-when-creating-logfile.patch (renamed from debian/patches/fixed-segfault-when-creating-logfile.patch)0
-rw-r--r--debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch19
-rw-r--r--debian/patches/0600-spelling-errors.diff (renamed from debian/patches/0001-spelling-errors.diff)0
-rw-r--r--debian/patches/series11
8 files changed, 34 insertions, 5 deletions
diff --git a/debian/changelog b/debian/changelog
index 1c81efd..c9b89b8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+foomatic-filters (4.0.17-7) UNRELEASED; urgency=high
+
+ * New patch debian/patches/0115-r7406_also_consider_the_back_\
+ tick_as_an_illegal_shell_escape_character.patch (Closes: #806886)
+ + CVE-2015-8327 Insufficient script injection prevention.
+ * Rename patches.
+
+ -- Jörg Frings-Fürst <debian@jff-webhosting.net> Thu, 01 Oct 2015 10:39:07 +0200
+
foomatic-filters (4.0.17-6) unstable; urgency=low
* New debian/patches/0500-paps.patch: cherry-pick from upstream to add paps
diff --git a/debian/patches/0500-paps.patch b/debian/patches/0001-paps.patch
index 39cccd4..39cccd4 100644
--- a/debian/patches/0500-paps.patch
+++ b/debian/patches/0001-paps.patch
diff --git a/debian/patches/0002-pdf_header.patch b/debian/patches/0100-pdf_header.patch
index 104dc0b..104dc0b 100644
--- a/debian/patches/0002-pdf_header.patch
+++ b/debian/patches/0100-pdf_header.patch
diff --git a/debian/patches/0010-ppd_trailing_whitespace.patch b/debian/patches/0105-ppd_trailing_whitespace.patch
index 7efd6ac..7efd6ac 100644
--- a/debian/patches/0010-ppd_trailing_whitespace.patch
+++ b/debian/patches/0105-ppd_trailing_whitespace.patch
diff --git a/debian/patches/fixed-segfault-when-creating-logfile.patch b/debian/patches/0110-fixed-segfault-when-creating-logfile.patch
index 29a743f..29a743f 100644
--- a/debian/patches/fixed-segfault-when-creating-logfile.patch
+++ b/debian/patches/0110-fixed-segfault-when-creating-logfile.patch
diff --git a/debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch b/debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch
new file mode 100644
index 0000000..8e5e404
--- /dev/null
+++ b/debian/patches/0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch
@@ -0,0 +1,19 @@
+Description: foomatic-rip: SECURITY FIX: Also consider the back tick ('`') as
+ an illegal shell escape character. Thanks to Michal Kowalczyk from the Google
+ Security Team for the hint.
+Author: Till Kamppeter <till.kamppeter@gmail.com>
+Bug-CVE: CVE-2015-8327
+Origin: upstream
+Last-Update: 2015-11-26
+
+--- a/util.c
++++ b/util.c
+@@ -31,7 +31,7 @@
+ #include <assert.h>
+
+
+-const char* shellescapes = "|<>&!$\'\"#*?()[]{}";
++const char* shellescapes = "|<>&!$\'\"`#*?()[]{}";
+
+ const char * temp_dir()
+ {
diff --git a/debian/patches/0001-spelling-errors.diff b/debian/patches/0600-spelling-errors.diff
index 23f0e30..23f0e30 100644
--- a/debian/patches/0001-spelling-errors.diff
+++ b/debian/patches/0600-spelling-errors.diff
diff --git a/debian/patches/series b/debian/patches/series
index 714d302..baee154 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,5 +1,6 @@
-0010-ppd_trailing_whitespace.patch
-0002-pdf_header.patch
-0001-spelling-errors.diff
-fixed-segfault-when-creating-logfile.patch
-0500-paps.patch
+0105-ppd_trailing_whitespace.patch
+0100-pdf_header.patch
+0600-spelling-errors.diff
+0110-fixed-segfault-when-creating-logfile.patch
+0001-paps.patch
+0115-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch