r856 - in /sarge/evolution/debian: changelog patches/z_10_imap-negative-array-index.patch

lool at users.alioth.debian.org lool at users.alioth.debian.org
Thu Jun 21 16:33:45 UTC 2007 

Author: lool
Date: Thu Jun 21 16:33:44 2007
New Revision: 856

URL: http://svn.debian.org/wsvn/pkg-evolution/?sc=1&rev=856
Log:
* SECURITY: New patch, z_10_imap-negative-array-index, fixes potential
  negative array index usage in IMAP code (remote); FEDORA-2007-0464;
  GNOME #447414; closes: #429876.

Added:
    sarge/evolution/debian/patches/z_10_imap-negative-array-index.patch
Modified:
    sarge/evolution/debian/changelog

Modified: sarge/evolution/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-evolution/sarge/evolution/debian/changelog?rev=856&op=diff
==============================================================================
--- sarge/evolution/debian/changelog (original)
+++ sarge/evolution/debian/changelog Thu Jun 21 16:33:44 2007
@@ -1,7 +1,15 @@
+evolution (2.0.4-2sarge2) stable-security; urgency=low
+
+  * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential
+    negative array index usage in IMAP code (remote); FEDORA-2007-0464;
+    GNOME #447414; closes: #429876.
+
+ -- Loic Minier <lool at dooz.org>  Thu, 21 Jun 2007 18:17:08 +0200
+
 evolution (2.0.4-2sarge1) stable-security; urgency=high
 
   * Non-maintainer upload by the Security Team
-  * Applied patch by Ulf Härnhammar fix denial of service and arbitrary
+  * Applied patch by Ulf Härnhammar fix denial of service and arbitrary
     code execution [addressbook/gui/widgets/eab-contact-display.c,
     calendar/gui/e-cal-component-preview.c,
     calendar/gui/e-calendar-table.c, calendar/gui/e-calendar-view.c,

Added: sarge/evolution/debian/patches/z_10_imap-negative-array-index.patch
URL: http://svn.debian.org/wsvn/pkg-evolution/sarge/evolution/debian/patches/z_10_imap-negative-array-index.patch?rev=856&op=file
==============================================================================
--- sarge/evolution/debian/patches/z_10_imap-negative-array-index.patch (added)
+++ sarge/evolution/debian/patches/z_10_imap-negative-array-index.patch Thu Jun 21 16:33:44 2007
@@ -1,0 +1,29 @@
+SECURITY; GNOME #447414; FEDORA-2007-0464; Debian #429876; fixes potential
+negative array index usage in IMAP code (remote).
+
+2007-06-14  Philip Van Hoof  <pvanhoof at gnome.org>
+
+       * camel-imap-folder.c: Security bugfix. The sequence can be a negative
+       value while it is being used as the index of an array (#447414)
+
+diff -Nur evolution-2.0.4/camel/providers/imap/camel-imap-folder.c evolution-2.0.4.new/camel/providers/imap/camel-imap-folder.c
+--- evolution-2.0.4/camel/providers/imap/camel-imap-folder.c	2005-02-14 17:09:05.000000000 +0100
++++ evolution-2.0.4.new/camel/providers/imap/camel-imap-folder.c	2007-06-21 18:31:58.000000000 +0200
+@@ -597,7 +597,7 @@
+ 		uid = g_datalist_get_data (&data, "UID");
+ 		flags = GPOINTER_TO_UINT (g_datalist_get_data (&data, "FLAGS"));
+ 		
+-		if (!uid || !seq || seq > summary_len) {
++		if (!uid || !seq || seq > summary_len || seq < 0) {
+ 			g_datalist_clear (&data);
+ 			continue;
+ 		}
+@@ -2682,7 +2682,7 @@
+ 		
+ 		if (*response != '*' || *(response + 1) != ' ')
+ 			return NULL;
+-		seq = strtol (response + 2, &response, 10);
++		seq = strtoul (response + 2, &response, 10);
+ 		if (seq == 0)
+ 			return NULL;
+ 		if (strncasecmp (response, " FETCH (", 8) != 0)

More information about the pkg-evolution-commits mailing list