--- a/components/hplip/Makefile Tue Apr 15 21:43:26 2014 -0700
+++ b/components/hplip/Makefile Tue Apr 15 22:24:44 2014 -0700
@@ -19,13 +19,13 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
#
include ../../make-rules/shared-macros.mk
COMPONENT_NAME= hplip
COMPONENT_VERSION= 3.10.9
-COMPONENT_PROJECT_URL= http://hplipopensource.com/hplip-web/
+COMPONENT_PROJECT_URL= http://hplipopensource.com/hplip-web/index.html
COMPONENT_SRC= $(COMPONENT_NAME)-$(COMPONENT_VERSION)
COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.gz
COMPONENT_ARCHIVE_HASH= \
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/hplip/patches/05_Bug17406738.patch Tue Apr 15 22:24:44 2014 -0700
@@ -0,0 +1,78 @@
+Description: fix for CVE-2013-0200 (insecure temporary files)
+Origin: vendor, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701185
+Original Bug: https://bugzilla.redhat.com/show_bug.cgi?id=902163
+
+-----------------------------------------------------------------------
+--- a/prnt/hpcups/SystemServices.cpp Tue Apr 10 01:32:37 2012
++++ b/prnt/hpcups/SystemServices.cpp Tue Jan 28 03:22:40 2014
+@@ -36,9 +36,12 @@
+ m_fp = NULL;
+ if (iLogLevel & SAVE_PCL_FILE)
+ {
+- char fname[32];
+- sprintf(fname, "/tmp/hpcups_job%d.out", job_id);
+- m_fp = fopen(fname, "w");
++ char fname[40];
++ int fd;
++ sprintf(fname, "/tmp/hpcups_job%d.out.XXXXXX", job_id);
++ fd = mkstemp (fname);
++ if (fd != -1)
++ m_fp = fdopen(fd, "w");
+ chmod(fname, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+ }
+ }
+--- a/prnt/hpijs/hpijs.cpp Tue Apr 10 01:32:39 2012
++++ b/prnt/hpijs/hpijs.cpp Tue Jan 28 03:20:35 2014
+@@ -97,12 +97,13 @@
+ if (pSS->m_iLogLevel & SAVE_PCL_FILE)
+ {
+ char szFileName[32];
+- sprintf (szFileName, "/tmp/hpijs_%d.out", getpid());
+- pSS->outfp = fopen (szFileName, "w");
+- if (pSS->outfp)
+- {
+- chmod (szFileName, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+- }
++ int fd;
++ sprintf (szFileName, "/tmp/hpijs_%d.out.XXXXXX", getpid());
++ fd = mkstemp (szFileName);
++ if (fd != -1)
++ pSS->outfp = fdopen (fd, "w");
++ if (pSS->outfp)
++ chmod (szFileName, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+ }
+ }
+
+--- a/prnt/hpcups/HPCupsFilter.cpp Tue Jan 28 03:06:22 2014
++++ b/prnt/hpcups/HPCupsFilter.cpp Tue Jan 28 03:17:49 2014
+@@ -602,20 +602,25 @@
+
+ if (m_iLogLevel & SAVE_INPUT_RASTERS)
+ {
+- char szFileName[32];
++ char szFileName[44];
+ memset(szFileName, 0, sizeof(szFileName));
+- snprintf (szFileName, sizeof(szFileName), "/tmp/hpcupsfilterc_%d.bmp", current_page_number);
++ snprintf (szFileName, sizeof(szFileName), "/tmp/hpcupsfilterc_%d.bmp.XXXXXX", current_page_number);
+ if (cups_header.cupsColorSpace == CUPS_CSPACE_RGBW ||
+ cups_header.cupsColorSpace == CUPS_CSPACE_RGB)
+ {
+- cfp = fopen (szFileName, "w");
++ int fd = mkstemp (szFileName);
++ if (fd != -1)
++ cfp = fdopen (fd, "w");
+ chmod (szFileName, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+ }
+ if (cups_header.cupsColorSpace == CUPS_CSPACE_RGBW ||
+ cups_header.cupsColorSpace == CUPS_CSPACE_K)
+ {
+- szFileName[17] = 'k';
+- kfp = fopen (szFileName, "w");
++ int fd;
++ snprintf (szFileName, sizeof(szFileName), "/tmp/hpcupsfilterk_%d.bmp.XXXXXX", current_page_number);
++ fd = mkstemp (szFileName);
++ if (fd != -1)
++ kfp = fdopen (fd, "w");
+ chmod (szFileName, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+ }
+ WriteBMPHeader (cfp, cups_header.cupsWidth, cups_header.cupsHeight, COLOR_RASTER);