r19097 - in /desktop/unstable/libsoup/debian: changelog control control.in patches/91_security_CVE-2009-0585.patch
slomo at users.alioth.debian.org
slomo at users.alioth.debian.org
Tue Mar 17 12:18:28 UTC 2009
Author: slomo
Date: Tue Mar 17 12:18:27 2009
New Revision: 19097
URL: http://svn.debian.org/wsvn/pkg-gnome/?sc=1&rev=19097
Log:
* revert last commit, this was already fixed in this version.
Modified:
desktop/unstable/libsoup/debian/changelog
desktop/unstable/libsoup/debian/control
desktop/unstable/libsoup/debian/control.in
desktop/unstable/libsoup/debian/patches/91_security_CVE-2009-0585.patch
Modified: desktop/unstable/libsoup/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/libsoup/debian/changelog?rev=19097&op=diff
==============================================================================
--- desktop/unstable/libsoup/debian/changelog (original)
+++ desktop/unstable/libsoup/debian/changelog Tue Mar 17 12:18:27 2009
@@ -1,16 +1,8 @@
-libsoup (2.2.105-5) unstable; urgency=high
-
- [ Emilio Pozuelo Monfort ]
+libsoup (2.2.105-5) UNRELEASED; urgency=low
+
* debian/libsoup2.2-doc.doc-base: fix section.
- [ Sebastian Dröge ]
- * SECURITY: debian/patches/91_security_CVE-2009-0585.patch:
- + Possible arbitrary code execution when processing large Base64 strings.
- Patch from the Ubuntu package, fixes CVE-2009-0585 (Closes: #520039).
- * debian/control:
- + Update Standards-Version to 3.8.0, no additional changes needed.
-
- -- Sebastian Dröge <slomo at debian.org> Tue, 17 Mar 2009 13:11:08 +0100
+ -- Emilio Pozuelo Monfort <pochu at ubuntu.com> Thu, 25 Sep 2008 00:05:25 +0200
libsoup (2.2.105-4) unstable; urgency=low
Modified: desktop/unstable/libsoup/debian/control
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/libsoup/debian/control?rev=19097&op=diff
==============================================================================
--- desktop/unstable/libsoup/debian/control (original)
+++ desktop/unstable/libsoup/debian/control Tue Mar 17 12:18:27 2009
@@ -2,7 +2,7 @@
Section: devel
Priority: optional
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>
-Uploaders: Loic Minier <lool at dooz.org>, Sebastian Dröge <slomo at debian.org>
+Uploaders: Josselin Mouette <joss at debian.org>, Loic Minier <lool at dooz.org>, Sebastian Dröge <slomo at debian.org>
Build-Depends: debhelper (>= 5),
libglib2.0-dev (>= 2.12.0),
libgnutls-dev (>= 1.4.0),
@@ -12,7 +12,7 @@
gnome-pkg-tools,
dpkg-dev (>= 1.13.19)
Build-Conflicts: libgnutls11-dev
-Standards-Version: 3.8.0
+Standards-Version: 3.7.3
Package: libsoup2.2-dev
Section: devel
Modified: desktop/unstable/libsoup/debian/control.in
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/libsoup/debian/control.in?rev=19097&op=diff
==============================================================================
--- desktop/unstable/libsoup/debian/control.in (original)
+++ desktop/unstable/libsoup/debian/control.in Tue Mar 17 12:18:27 2009
@@ -12,7 +12,7 @@
gnome-pkg-tools,
dpkg-dev (>= 1.13.19)
Build-Conflicts: libgnutls11-dev
-Standards-Version: 3.8.0
+Standards-Version: 3.7.3
Package: libsoup2.2-dev
Section: devel
Modified: desktop/unstable/libsoup/debian/patches/91_security_CVE-2009-0585.patch
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/libsoup/debian/patches/91_security_CVE-2009-0585.patch?rev=19097&op=diff
==============================================================================
--- desktop/unstable/libsoup/debian/patches/91_security_CVE-2009-0585.patch (original)
+++ desktop/unstable/libsoup/debian/patches/91_security_CVE-2009-0585.patch Tue Mar 17 12:18:27 2009
@@ -1,20 +1,0 @@
-#
-# Description: fix possible arbitrary code execution when processing large Base64 strings
-# Patch: http://ocert.org/patches/2008-015/libsoup-CVE-2009-0585.diff
-#
-diff -Nur -x '*.orig' -x '*~' libsoup-2.2.100/libsoup/soup-misc.c libsoup-2.2.100.new/libsoup/soup-misc.c
---- libsoup-2.2.100/libsoup/soup-misc.c 2007-01-02 13:25:11.000000000 -0500
-+++ libsoup-2.2.100.new/libsoup/soup-misc.c 2009-03-12 23:39:29.000000000 -0400
-@@ -219,7 +219,11 @@
- unsigned char *out;
- int state = 0, outlen, save = 0;
-
-- out = g_malloc (len * 4 / 3 + 5);
-+ if (len < 0)
-+ g_error("%s: invalid Base64 encoding input length specified: %d",
-+ G_STRLOC, len);
-+
-+ out = g_malloc ((len / 3 + 1) * 4 + 1);
- outlen = soup_base64_encode_close ((const guchar *)text,
- len,
- FALSE,
More information about the pkg-gnome-commits
mailing list