diff --git a/CVE-2020-12861-CVE-2020-12866-CVE-2020-12864.patch b/CVE-2020-12861-CVE-2020-12866-CVE-2020-12864.patch new file mode 100644 index 0000000..0f55d52 --- /dev/null +++ b/CVE-2020-12861-CVE-2020-12866-CVE-2020-12864.patch @@ -0,0 +1,29 @@ +From 30b1831a28f24ab2921b9f717c66d37f02bb81cc Mon Sep 17 00:00:00 2001 +From: Olaf Meeuwissen +Date: Mon, 11 May 2020 21:07:12 +0900 +Subject: [PATCH] epsonds: Mitigate potential network related security issues. + Re #279 + +This pre-empts the possibility of triggering GHSL-2020-079, GHSL-2020-080 +and GHSL-2020-081. +--- + backend/epsonds.conf.in | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/backend/epsonds.conf.in b/backend/epsonds.conf.in +index b8b36237a..1967a00fd 100644 +--- a/backend/epsonds.conf.in ++++ b/backend/epsonds.conf.in +@@ -10,7 +10,7 @@ usb + # e.g.: + # usb 0x4b8 0x14c + +-# Network ++# Network (not yet supported!) + # + # net 192.168.1.123 +-net autodiscovery ++#net autodiscovery +-- +GitLab + diff --git a/sane-backends.spec b/sane-backends.spec index 3c871e4..63bbd8d 100644 --- a/sane-backends.spec +++ b/sane-backends.spec @@ -3,7 +3,7 @@ Name: sane-backends Version: 1.0.28 -Release: 6 +Release: 7 Summary: Scanner access software License: GPLv2+ and GPLv2+ with exceptions and Public Domain and IJG and LGPLv2+ and MIT URL: http://www.sane-project.org @@ -21,6 +21,7 @@ Requires: sane-backends-libs = %{version}-%{release} Patch0000: 0001-genesys-Make-sure-calib_reg-are-available-before-wri.patch Patch0001: sane-xerox-mfp-blacklist-C460-for-JPEG.patch Patch0002: sane-genesys-vector-glibcxxassert.patch +Patch0003: CVE-2020-12861-CVE-2020-12866-CVE-2020-12864.patch %description SANE (Scanner Access Now Easy) is a sane and simple interface to both local and networked scanners @@ -203,5 +204,8 @@ exit 0 %{_unitdir}/* %changelog +* Wed Dec 16 2020 zhanghua - 1.0.28-7 +- fix CVE-2020-12861, CVE-2020-12866, CVE-2020-12864 + * Fri Feb 14 2020 Senlin Xia - 1.0.28-6 - Package init