fix CVE-2020-12861, CVE-2020-12866, CVE-2020-12864

CVE-2020-12861-CVE-2020-12866-CVE-2020-12864.patch

@@ -0,0 +1,29 @@
+From 30b1831a28f24ab2921b9f717c66d37f02bb81cc Mon Sep 17 00:00:00 2001
+From: Olaf Meeuwissen <paddy-hack@member.fsf.org>
+Date: Mon, 11 May 2020 21:07:12 +0900
+Subject: [PATCH] epsonds: Mitigate potential network related security issues. 
+ Re #279
+
+This pre-empts the possibility of triggering GHSL-2020-079, GHSL-2020-080
+and GHSL-2020-081.
+---
+ backend/epsonds.conf.in | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/backend/epsonds.conf.in b/backend/epsonds.conf.in
+index b8b36237a..1967a00fd 100644
+--- a/backend/epsonds.conf.in
++++ b/backend/epsonds.conf.in
+@@ -10,7 +10,7 @@ usb
+ # e.g.:
+ # usb 0x4b8 0x14c
+ 
+-# Network
++# Network (not yet supported!)
+ #
+ # net 192.168.1.123
+-net autodiscovery
++#net autodiscovery
+-- 
+GitLab
+

sane-backends.spec

@@ -3,7 +3,7 @@
 
 Name:              sane-backends
 Version:           1.0.28
-Release:           6
+Release:           7
 Summary:           Scanner access software
 License:           GPLv2+ and GPLv2+ with exceptions and Public Domain and IJG and LGPLv2+ and MIT
 URL:               http://www.sane-project.org
@@ -21,6 +21,7 @@ Requires:          sane-backends-libs = %{version}-%{release}
 Patch0000:         0001-genesys-Make-sure-calib_reg-are-available-before-wri.patch
 Patch0001:         sane-xerox-mfp-blacklist-C460-for-JPEG.patch
 Patch0002:         sane-genesys-vector-glibcxxassert.patch
+Patch0003:         CVE-2020-12861-CVE-2020-12866-CVE-2020-12864.patch
 
 %description
 SANE (Scanner Access Now Easy) is a sane and simple interface to both local and networked scanners
@@ -203,5 +204,8 @@ exit 0
 %{_unitdir}/*
 
 %changelog
+* Wed Dec 16 2020 zhanghua <zhanghua40@huawei.com> - 1.0.28-7
+- fix CVE-2020-12861, CVE-2020-12866, CVE-2020-12864
+
 * Fri Feb 14 2020 Senlin Xia <xiasenlin1@huawei.com> - 1.0.28-6
 - Package init