Fix for print/cups15 CERT VU #810572/CVE-2015-1158/CVE-2015-1159

[Edgar Fuß <ef%math.uni-bonn.de@localhost>]

Is someone working on the recent CUPS vulnerabilities?
My impression is that applying
	https://www.cups.org/strfiles.php/3482/str4609-1.5.patch
would fix print/cups15, while print/cups could be updated from 2.0.2
to 2.0.3.

Is this (for 2014Q4) the correct way of fixing print/cups15?

Index: Makefile
===================================================================
RCS file: /cvsroot/pkgsrc/print/cups15/Makefile,v
retrieving revision 1.2
diff -u -r1.2 Makefile
--- Makefile    9 Oct 2014 14:06:51 -0000       1.2
+++ Makefile    10 Jun 2015 12:02:26 -0000
@@ -9,7 +9,10 @@
 BASE_VERS=     1.5.4
 DIST_VERS=     ${BASE_VERS}
 
-PKGREVISION=   12
+PATCH_SITES=   http://www.cups.org/strfiles.php/3482/
+PATCHFILES=    str4609-1.5.patch
+
+PKGREVISION=   13
 CATEGORIES=    print
 MASTER_SITES=  http://ftp.easysw.com/pub/cups/${BASE_VERS}/ \
                ftp://ftp.easysw.com/pub/cups/${BASE_VERS}/ \
Index: distinfo
===================================================================
RCS file: /cvsroot/pkgsrc/print/cups15/distinfo,v
retrieving revision 1.1
diff -u -r1.1 distinfo
--- distinfo    17 Jun 2014 13:17:12 -0000      1.1
+++ distinfo    10 Jun 2015 12:02:26 -0000
@@ -3,6 +3,9 @@
 SHA1 (cups-1.5.4-source.tar.bz2) = cb39961cbaf1851a47694828ad9a7cdf4da51fbd
 RMD160 (cups-1.5.4-source.tar.bz2) = 9d6a7fd69d3036ec1f3dfd9c70672a2c6fb517b6
 Size (cups-1.5.4-source.tar.bz2) = 9583002 bytes
+SHA1 (str4609-1.5.patch) = 07b06a1f097303e511bfe7bdddc0a6e8737185e9
+RMD160 (str4609-1.5.patch) = f83ccd525661d7a24294fb2f79233da455f37572
+Size (str4609-1.5.patch) = 10825 bytes
 SHA1 (patch-ac) = d99dfa6e71efdc5f069c2c3e73e1b29beebf5c9b
 SHA1 (patch-ad) = a8d6610c4057ae98d98435ba577606e3c2bfb4b9
 SHA1 (patch-ae) = 67e846ac428b4c44d8da9b49d959fa4f14fbb494