Skip to content

Commit

Permalink
CVE-2019-2228: Fix ippSetValueTag validation of default language.
Browse files Browse the repository at this point in the history
  • Loading branch information
@michaelrsweet
michaelrsweet committed Dec 13, 2019
1 parent bb64028 commit b018978
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 2 deletions.
4 changes: 3 additions & 1 deletion CHANGES.md
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,13 @@
CHANGES - 2.3.1 - 2019-12-04
CHANGES - 2.3.1 - 2019-12-13
============================


Changes in CUPS v2.3.1
----------------------

- Documentation updates (Issue #5661, #5674, #5682)
- CVE-2019-2228: The `ippSetValuetag` function did not validate the default
language value.
- Fixed a crash bug in the web interface (Issue #5621)
- The PPD cache code now looks up page sizes using their dimensions
(Issue #5633)
Expand Down
2 changes: 1 addition & 1 deletion cups/ipp.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4565,7 +4565,7 @@ ippSetValueTag(
return (0);

if (ipp->attrs && ipp->attrs->next && ipp->attrs->next->name &&
!strcmp(ipp->attrs->next->name, "attributes-natural-language"))
!strcmp(ipp->attrs->next->name, "attributes-natural-language") && (ipp->attrs->next->value_tag & IPP_TAG_CUPS_MASK) == IPP_TAG_LANGUAGE)
{
/*
* Use the language code from the IPP message...
Expand Down

0 comments on commit b018978

Please sign in to comment.