Skip to content

Commit

Permalink
Don't treat "localhost.localdomain" as an allowed replacement for loc…
Browse files Browse the repository at this point in the history 
…alhost, since it isn't.
  • Loading branch information
Michael R Sweet committed Jan 3, 2017
1 parent 7852449 commit afa80cb
Showing 1 changed file with 0 additions and 3 deletions.
3 changes: 0 additions & 3 deletions scheduler/client.c
View file
Expand Up @@ -3890,9 +3890,6 @@ valid_host(cupsd_client_t *con) /* I - Client connection */

return (!_cups_strcasecmp(con->clientname, "localhost") ||
!_cups_strcasecmp(con->clientname, "localhost.") ||
#ifdef __linux
!_cups_strcasecmp(con->clientname, "localhost.localdomain") ||
#endif /* __linux */
!strcmp(con->clientname, "127.0.0.1") ||
!strcmp(con->clientname, "[::1]"));
}
Expand Down

1 comment on commit afa80cb

@anarcat
Copy link

@anarcat anarcat commented on afa80cb Jun 7, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this seems to be the patch for CVE-2017-18190.

Please sign in to comment.