File cups-1.3.9-CVE-2010-1748.patch of Package cups

--- cgi-bin/var.c.orig	2010-11-04 13:50:16.000000000 +0100
+++ cgi-bin/var.c	2010-11-05 10:39:32.000000000 +0100
@@ -924,6 +924,9 @@ cgi_initialize_string(const char *data)
 	    * Read the hex code...
 	    */
 
+            if (!isxdigit(data[1] & 255) || !isxdigit(data[2] & 255))
+             return (0);
+
             if (s < (value + sizeof(value) - 1))
 	    {
               data ++;