[rpms/hplip] rawhide: OSH fixes after CVE-2026-8631

[rpms/hplip] rawhide: OSH fixes after CVE-2026-8631

[Zdenek Dohnal]

A new commit has been pushed.

Repo   : rpms/hplip
Branch : rawhide
Commit : cdc920743005275ee03c5547a626cdf81019423c
Author : Zdenek Dohnal <zdohnal@redhat.com>
Date   : 2026-06-12T12:36:00+02:00
Stats  : +43/-1 in 2 file(s)
URL    : https://src.fedoraproject.org/rpms/hplip/c/cdc920743005275ee03c5547a626cdf81019423c?branch=rawhide

Log:
OSH fixes after CVE-2026-8631

---
diff --git a/hplip-CVE-2026-8631-osh.patch b/hplip-CVE-2026-8631-osh.patch
new file mode 100644
index 0000000..2e906d9
--- /dev/null
+++ b/hplip-CVE-2026-8631-osh.patch
@@ -0,0 +1,35 @@
+diff --git a/prnt/hpcups/genPCLm.cpp b/prnt/hpcups/genPCLm.cpp
+index 0e1650c..e0c5248 100644
+--- a/prnt/hpcups/genPCLm.cpp
++++ b/prnt/hpcups/genPCLm.cpp
+@@ -1917,8 +1917,11 @@ int  PCLmGenerator::Encapsulate(void *pInBuffer, int inBufferSize, int thisHeigh
+ #ifdef SUPPORT_WHITE_STRIPS
+ 	int whiteStripLen=0;
+ 	if(!safe_mul_int_positive(thisHeight, currSourceWidth, &whiteStripLen) ||
+-	   !safe_mul_int_positive(whiteStripLen, srcNumComponents, &whiteStripLen))
++	   !safe_mul_int_positive(thisHeight, srcNumComponents, &whiteStripLen))
++	{
++		free(newStripPtr);
+ 		return(errorOutAndCleanUp());
++	}
+ 	bool whiteStrip=isWhiteStrip(pInBuffer, whiteStripLen);
+ 	if(DebugIt2)
+ 	{
+@@ -1940,11 +1943,17 @@ int  PCLmGenerator::Encapsulate(void *pInBuffer, int inBufferSize, int thisHeigh
+ 			ubyte whitePt=0xff;
+ 			size_t tmpStripSize=0;
+ 			if(!safe_mul_size_t((size_t)scanlineWidth, (size_t)topMarginInPix, &tmpStripSize))
++			{
++				free(newStripPtr);
+ 				return(errorOutAndCleanUp());
++			}
+ 
+ 			ubyte *tmpStrip=(ubyte*)malloc(tmpStripSize);
+ 			if(!tmpStrip)
++			{
++				free(newStripPtr);
+ 				return(errorOutAndCleanUp());
++			}
+ 			memset(tmpStrip,whitePt,tmpStripSize);
+ 
+ 

diff --git a/hplip.spec b/hplip.spec
index 7d5e38c..79491a8 100644
--- a/hplip.spec
+++ b/hplip.spec
@@ -7,7 +7,7 @@
 Summary: HP Linux Imaging and Printing Project
 Name: hplip
 Version: 3.26.4
-Release: 3%{?dist}
+Release: 4%{?dist}
 # most files (base/*, *, ui*/...) - GPL2+
 # prnt/hpijs/ jpeg related files - IJG
 # prnt/* - BSD-3-Clause-HP - it is modified a little, asked here https://gitlab.com/fedora/legal/fedora-license-data/-/issues/267
@@ -260,6 +260,8 @@ Patch73: hplip-plugin-stdout.patch
 # - connecting to HP site requires curl/wget to set user-agent to pretend to be a browser
 # https://bugs.launchpad.net/hplip/+bug/2154206
 Patch74: hplip-curl-fallback.patch
+# OSH fixes after CVE-2026-8631
+Patch75: hplip-CVE-2026-8631-osh.patch
 
 %if 0%{?fedora} || 0%{?rhel} <= 8
 # mention hplip-gui if you want to have GUI
@@ -625,6 +627,8 @@ done
 %patch -P 73 -p1 -b .plugin-stdout
 # https://bugs.launchpad.net/hplip/+bug/2154206
 %patch -P 74 -p1 -b .curl-fallback
+# OSH fixes after CVE-2026-8631
+%patch -P 75 -p1 -b .cve-2026-8631-osh
 
 # Fedora specific patches now, don't put a generic patches under it
 %if 0%{?fedora} || 0%{?rhel} <= 8
@@ -996,6 +1000,9 @@ find doc/images -type f -exec chmod 644 {} \;
 %config(noreplace) %{_sysconfdir}/sane.d/dll.d/hpaio
 
 %changelog
+* Fri Jun 12 2026 Zdenek Dohnal <zdohnal@redhat.com> - 3.26.4-4
+- OSH fixes after CVE-2026-8631
+
 * Wed Jun 03 2026 Python Maint <python-maint@redhat.com> - 3.26.4-3
 - Rebuilt for Python 3.15