[Pkg-voip-commits] r1831 - in iax/trunk/debian: . patches
Julien Blache
jblache at costa.debian.org
Mon Jun 12 09:09:13 UTC 2006
Author: jblache
Date: 2006-06-12 09:09:12 +0000 (Mon, 12 Jun 2006)
New Revision: 1831
Added:
iax/trunk/debian/patches/10_iax2_CORE-2006-0327.dpatch
Modified:
iax/trunk/debian/changelog
iax/trunk/debian/patches/00list
Log:
Fix IAXclient truncated frames vulnerabilities; see CORE-2006-0327
Modified: iax/trunk/debian/changelog
===================================================================
--- iax/trunk/debian/changelog 2006-06-12 09:04:01 UTC (rev 1830)
+++ iax/trunk/debian/changelog 2006-06-12 09:09:12 UTC (rev 1831)
@@ -1,4 +1,4 @@
-iax (0.2.2-5) UNRELEASED; urgency=low
+iax (0.2.2-5) unstable; urgency=low
* NOT YET RELEASED.
[ Kilian Krause ]
@@ -7,8 +7,11 @@
[ Julien BLACHE ]
* debian/control:
+ Fix override disparity for libiax-dev, section is libdevel.
+ * debian/patches/10_iax2_CORE-2006-0327.dpatch:
+ + Added; Fix IAXclient truncated frames vulnerabilities; see CORE-2006-0327
+ (stollen from iaxclient).
- -- Julien BLACHE <jblache at debian.org> Tue, 21 Mar 2006 14:35:15 +0100
+ -- Julien BLACHE <jblache at debian.org> Mon, 12 Jun 2006 11:06:20 +0200
iax (0.2.2-4) unstable; urgency=low
Modified: iax/trunk/debian/patches/00list
===================================================================
--- iax/trunk/debian/patches/00list 2006-06-12 09:04:01 UTC (rev 1830)
+++ iax/trunk/debian/patches/00list 2006-06-12 09:09:12 UTC (rev 1831)
@@ -1,2 +1,3 @@
01_maintainer_mode
+10_iax2_CORE-2006-0327
Added: iax/trunk/debian/patches/10_iax2_CORE-2006-0327.dpatch
===================================================================
--- iax/trunk/debian/patches/10_iax2_CORE-2006-0327.dpatch 2006-06-12 09:04:01 UTC (rev 1830)
+++ iax/trunk/debian/patches/10_iax2_CORE-2006-0327.dpatch 2006-06-12 09:09:12 UTC (rev 1831)
@@ -0,0 +1,27 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 10_iax2_CORE-2006-0327.dpatch by <jblache at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fix IAXclient truncated frames vulnerabilities; see CORE-2006-0327
+## DP: Stollen from iaxclient
+
+ at DPATCH@
+diff -urNad iax-0.2.2~/src/iax.c iax-0.2.2/src/iax.c
+--- iax-0.2.2~/src/iax.c 2001-11-07 00:10:41.000000000 +0100
++++ iax-0.2.2/src/iax.c 2006-06-12 11:04:41.615676135 +0200
+@@ -2198,6 +2198,7 @@
+ if (res < sizeof(struct iax_full_hdr)) {
+ DEBU(G "Short header received from %s\n", inet_ntoa(sin.sin_addr));
+ IAXERROR "Short header received from %s\n", inet_ntoa(sin.sin_addr));
++ return NULL;
+ }
+ /* We have a full header, process appropriately */
+ session = iax_find_session(&sin, (short)(ntohs((short)fh->callno) & ~IAX_FLAG_FULL), ntohs((short)fh->dcallno), 1);
+@@ -2209,6 +2210,7 @@
+ if (res < sizeof(struct iax_mini_hdr)) {
+ DEBU(G "Short header received from %s\n", inet_ntoa(sin.sin_addr));
+ IAXERROR "Short header received from %s\n", inet_ntoa(sin.sin_addr));
++ return NULL;
+ }
+ /* Miniature, voice frame */
+ session = iax_find_session(&sin, ntohs(fh->callno), 0, 0);
Property changes on: iax/trunk/debian/patches/10_iax2_CORE-2006-0327.dpatch
___________________________________________________________________
Name: svn:executable
+ *
More information about the Pkg-voip-commits
mailing list