Date: Thursday, May 18, 2023 @ 18:08:15 Author: anthraxx Revision: 478012
upgpkg: cups-filters 1.28.17-3: security update CVE-2023-24805 The system function will be called here to execute the command, and the user and title parameters are user-controlled and unsanitized. Fixes FS#78548 https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-gpxc-v2m8-fr3x Modified: cups-filters/trunk/PKGBUILD ----------+ PKGBUILD | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2023-05-18 15:09:21 UTC (rev 478011) +++ PKGBUILD 2023-05-18 18:08:15 UTC (rev 478012) @@ -2,7 +2,7 @@ pkgname=cups-filters pkgver=1.28.17 -pkgrel=2 +pkgrel=3 pkgdesc="OpenPrinting CUPS Filters" arch=('x86_64') url="https://wiki.linuxfoundation.org/openprinting/cups-filters"; @@ -20,9 +20,16 @@ 'docx2txt: to convert Microsoft OOXML text from DOCX files for Braille embosser support') backup=(etc/cups/cups-browsed.conf) source=(#https://www.openprinting.org/download/cups-filters/$pkgname-$pkgver.tar.xz - https://github.com/OpenPrinting/cups-filters/releases/download/$pkgver/$pkgname-$pkgver.tar.xz) -sha256sums=('270a3752a960368aa99d431fb5d34f4039b2ac943c576d840612d1d8185c9bb9') + https://github.com/OpenPrinting/cups-filters/releases/download/$pkgver/$pkgname-$pkgver.tar.xz + cups-filters-CVE-2023-24805.patch::https://github.com/OpenPrinting/cups-filters/commit/93e60d3df358c0ae6f3dba79e1c9684657683d89.patch) +sha256sums=('270a3752a960368aa99d431fb5d34f4039b2ac943c576d840612d1d8185c9bb9' + 'c79f9bb558ce02117c09c461d760844d5de79e7f753a48971bb5f9aed1a9f913') +prepare() { + cd "$pkgname"-$pkgver + patch -Np1 < ../cups-filters-CVE-2023-24805.patch +} + build() { # qpdf 11.3.0 buildfix - https://github.com/OpenPrinting/cups-filters/issues/512 CXXFLAGS+=" -std=c++17"
