cups: remove old patch files

(From OE-Core rev: c3c51a5961f77d51e7f8eb1f0746d16576663bba)

Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-extended/cups/cups/cups-CVE-2011-2896.patch

@@ -1,140 +0,0 @@
-cups - CVE-2011-2896
-
-the patch come from:
-http://cups.org/strfiles/3867/str3867.patch
-
-The LZW decompressor in the LWZReadByte function in giftoppm.c
-in the David Koblas GIF decoder in PBMPLUS, as used in the
-gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7,
-the LZWReadByte function in plug-ins/common/file-gif-load.c
-in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c
-in XPCE in SWI-Prolog 5.10.4 and earlier, and other products,
-does not properly handle code words that are absent from the
-decompression table when encountered, which allows remote attackers to
-trigger an infinite loop or a heap-based buffer overflow, and possibly
-execute arbitrary code, via a crafted compressed stream, a related
-issue to CVE-2006-1168 and CVE-2011-2895.
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2896
-
-Integrated-by: Li Wang <li.wang@windriver.com>
----
- filter/image-gif.c |   46 ++++++++++++++++++++--------------------------
- 1 files changed, 20 insertions(+), 26 deletions(-)
-
-diff --git a/filter/image-gif.c b/filter/image-gif.c
-index 3857c21..fa9691e 100644
---- a/filter/image-gif.c
-+++ b/filter/image-gif.c
-@@ -353,7 +353,7 @@ gif_get_code(FILE *fp,			/* I - File to read from */
-     * Read in another buffer...
-     */
- 
--    if ((count = gif_get_block (fp, buf + last_byte)) <= 0)
-+    if ((count = gif_get_block(fp, buf + last_byte)) <= 0)
-     {
-      /*
-       * Whoops, no more data!
-@@ -582,19 +582,13 @@ gif_read_lzw(FILE *fp,			/* I - File to read from */
-     gif_get_code(fp, 0, 1);
- 
-    /*
--    * Wipe the decompressor table...
-+    * Wipe the decompressor table (already mostly 0 due to the calloc above...)
-     */
- 
-     fresh = 1;
- 
--    for (i = 0; i < clear_code; i ++)
--    {
--      table[0][i] = 0;
-+    for (i = 1; i < clear_code; i ++)
-       table[1][i] = i;
--    }
--
--    for (; i < 4096; i ++)
--      table[0][i] = table[1][0] = 0;
- 
-     sp = stack;
- 
-@@ -605,29 +599,30 @@ gif_read_lzw(FILE *fp,			/* I - File to read from */
-     fresh = 0;
- 
-     do
-+    {
-       firstcode = oldcode = gif_get_code(fp, code_size, 0);
-+    }
-     while (firstcode == clear_code);
- 
--    return (firstcode);
-+    return (firstcode & 255);
-   }
-   else if (!table)
-     return (0);
- 
-   if (sp > stack)
--    return (*--sp);
-+    return ((*--sp) & 255);
- 
--  while ((code = gif_get_code (fp, code_size, 0)) >= 0)
-+  while ((code = gif_get_code(fp, code_size, 0)) >= 0)
-   {
-     if (code == clear_code)
-     {
--      for (i = 0; i < clear_code; i ++)
--      {
--	table[0][i] = 0;
--	table[1][i] = i;
--      }
-+     /*
-+      * Clear/reset the compression table...
-+      */
- 
--      for (; i < 4096; i ++)
--	table[0][i] = table[1][i] = 0;
-+      memset(table, 0, 2 * sizeof(gif_table_t));
-+      for (i = 1; i < clear_code; i ++)
-+	table[1][i] = i;
- 
-       code_size     = set_code_size + 1;
-       max_code_size = 2 * clear_code;
-@@ -637,12 +632,11 @@ gif_read_lzw(FILE *fp,			/* I - File to read from */
- 
-       firstcode = oldcode = gif_get_code(fp, code_size, 0);
- 
--      return (firstcode);
-+      return (firstcode & 255);
-     }
--    else if (code == end_code)
-+    else if (code == end_code || code > max_code)
-     {
--      unsigned char	buf[260];
--
-+      unsigned char	buf[260];	/* Block buffer */
- 
-       if (!gif_eof)
-         while (gif_get_block(fp, buf) > 0);
-@@ -652,7 +646,7 @@ gif_read_lzw(FILE *fp,			/* I - File to read from */
- 
-     incode = code;
- 
--    if (code >= max_code)
-+    if (code == max_code)
-     {
-       if (sp < (stack + 8192))
- 	*sp++ = firstcode;
-@@ -690,10 +684,10 @@ gif_read_lzw(FILE *fp,			/* I - File to read from */
-     oldcode = incode;
- 
-     if (sp > stack)
--      return (*--sp);
-+      return ((*--sp) & 255);
-   }
- 
--  return (code);
-+  return (code & 255);
- }
- 
- 
--- 
-1.7.0.5
-

meta/recipes-extended/cups/cups/cups-CVE-2011-3170.patch

@@ -1,54 +0,0 @@
-cups CVE-2011-3170
-
-the patch come from:
-http://cups.org/strfiles/3914/str3914.patch
-
-The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and
-earlier does not properly handle the first code word in an LZW stream,
-which allows remote attackers to trigger a heap-based buffer overflow,
-and possibly execute arbitrary code, via a crafted stream, a different
-vulnerability than CVE-2011-2896.
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3170
-
-Integrated-by: Li Wang <li.wang@windriver.com>
----
- filter/image-gif.c |   14 +++++++++-----
- 1 files changed, 9 insertions(+), 5 deletions(-)
-
-diff --git a/filter/image-gif.c b/filter/image-gif.c
-index 9542704..3857c21 100644
---- a/filter/image-gif.c
-+++ b/filter/image-gif.c
-@@ -654,11 +654,13 @@ gif_read_lzw(FILE *fp,			/* I - File to read from */
- 
-     if (code >= max_code)
-     {
--      *sp++ = firstcode;
--      code  = oldcode;
-+      if (sp < (stack + 8192))
-+	*sp++ = firstcode;
-+
-+      code = oldcode;
-     }
- 
--    while (code >= clear_code)
-+    while (code >= clear_code && sp < (stack + 8192))
-     {
-       *sp++ = table[1][code];
-       if (code == table[0][code])
-@@ -667,8 +669,10 @@ gif_read_lzw(FILE *fp,			/* I - File to read from */
-       code = table[0][code];
-     }
- 
--    *sp++ = firstcode = table[1][code];
--    code  = max_code;
-+    if (sp < (stack + 8192))
-+      *sp++ = firstcode = table[1][code];
-+
-+    code = max_code;
- 
-     if (code < 4096)
-     {
--- 
-1.7.0.5
-