]> git.ipfire.org Git - thirdparty/cups.git/commit
projects / thirdparty / cups.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6eba4c0) | patch
Fix domain socket handling (fixes CVE-2024-35235)
authorZdenek Dohnal <zdohnal@redhat.com>
Tue, 11 Jun 2024 14:19:11 +0000 (16:19 +0200)
committerZdenek Dohnal <zdohnal@redhat.com>
Tue, 11 Jun 2024 14:19:11 +0000 (16:19 +0200)
commitb273a1f29bda87317c551614cf9ab6125f56e317
tree1c525d6832f7bf88dad24797cf8cdc2d551fd518tree | snapshot
parent6eba4c04c8c56bbabfbf1f7f318968e6517826a4commit | diff
Fix domain socket handling (fixes CVE-2024-35235)

- Check status of unlink and bind system calls.
- Don't allow extra domain sockets when running from launchd/systemd.
- Validate length of domain socket path (< sizeof(sun_path))

Fixes CVE-2024-35235, written by Mike Sweet
cups/http-addr.c diff | blob | blame | history
scheduler/conf.c diff | blob | blame | history
Mirror of https://github.com/OpenPrinting/cups.git