r847 - in /unstable/evolution-data-server/debian: changelog patches/65_imap-negative-array-index.patch

lool at users.alioth.debian.org lool at users.alioth.debian.org
Thu Jun 21 11:35:09 UTC 2007 

Author: lool
Date: Thu Jun 21 11:35:08 2007
New Revision: 847

URL: http://svn.debian.org/wsvn/pkg-evolution/?sc=1&rev=847
Log:
* SECURITY: New patch, 65_imap-negative-array-index, fixes potential
  negative array index usage in IMAP code (remote); FEDORA-2007-0464;
  GNOME #447414; closes: #429876.

Added:
    unstable/evolution-data-server/debian/patches/65_imap-negative-array-index.patch
Modified:
    unstable/evolution-data-server/debian/changelog

Modified: unstable/evolution-data-server/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-evolution/unstable/evolution-data-server/debian/changelog?rev=847&op=diff
==============================================================================
--- unstable/evolution-data-server/debian/changelog (original)
+++ unstable/evolution-data-server/debian/changelog Thu Jun 21 11:35:08 2007
@@ -1,9 +1,15 @@
-evolution-data-server (1.10.2-2) UNRELEASED; urgency=low
-
+evolution-data-server (1.10.2-2) unstable; urgency=high
+
+  [ Oystein Gisnas ]
   * Extend description to cover mail, tasks and memos too.
     (closes: #426488)
 
- -- Oystein Gisnas <oystein at gisnas.net>  Sun, 03 Jun 2007 23:53:31 +0200
+  [ Loic Minier ]
+  * SECURITY: New patch, 65_imap-negative-array-index, fixes potential
+    negative array index usage in IMAP code (remote); FEDORA-2007-0464;
+    GNOME #447414; closes: #429876.
+
+ -- Loic Minier <lool at dooz.org>  Thu, 21 Jun 2007 10:34:17 +0200
 
 evolution-data-server (1.10.2-1) unstable; urgency=low
 

Added: unstable/evolution-data-server/debian/patches/65_imap-negative-array-index.patch
URL: http://svn.debian.org/wsvn/pkg-evolution/unstable/evolution-data-server/debian/patches/65_imap-negative-array-index.patch?rev=847&op=file
==============================================================================
--- unstable/evolution-data-server/debian/patches/65_imap-negative-array-index.patch (added)
+++ unstable/evolution-data-server/debian/patches/65_imap-negative-array-index.patch Thu Jun 21 11:35:08 2007
@@ -1,0 +1,29 @@
+SECURITY; GNOME #447414; FEDORA-2007-0464; Debian #429876; fixes potential
+negative array index usage in IMAP code (remote).
+
+2007-06-14  Philip Van Hoof  <pvanhoof at gnome.org>
+
+       * camel-imap-folder.c: Security bugfix. The sequence can be a negative
+       value while it is being used as the index of an array (#447414)
+
+diff -Nur evolution-data-server-1.10.2/camel/providers/imap/camel-imap-folder.c evolution-data-server-1.10.2.new/camel/providers/imap/camel-imap-folder.c
+--- evolution-data-server-1.10.2/camel/providers/imap/camel-imap-folder.c	2007-04-09 14:42:39.000000000 +0200
++++ evolution-data-server-1.10.2.new/camel/providers/imap/camel-imap-folder.c	2007-06-21 10:33:01.000000000 +0200
+@@ -655,7 +655,7 @@
+ 		uid = g_datalist_get_data (&data, "UID");
+ 		flags = GPOINTER_TO_UINT (g_datalist_get_data (&data, "FLAGS"));
+ 		
+-		if (!uid || !seq || seq > summary_len) {
++		if (!uid || !seq || seq > summary_len || seq < 0) {
+ 			g_datalist_clear (&data);
+ 			continue;
+ 		}
+@@ -2789,7 +2789,7 @@
+ 		
+ 		if (*response != '*' || *(response + 1) != ' ')
+ 			return NULL;
+-		seq = strtol (response + 2, &response, 10);
++		seq = strtoul (response + 2, &response, 10);
+ 		if (seq == 0)
+ 			return NULL;
+ 		if (g_ascii_strncasecmp (response, " FETCH (", 8) != 0)

More information about the pkg-evolution-commits mailing list