[Pkg-voip-commits] r9118 - in /asterisk/branches/lenny-security/debian: changelog patches/AST-2011-008
tzafrir at alioth.debian.org
tzafrir at alioth.debian.org
Sun Jul 10 19:00:09 UTC 2011
Author: tzafrir
Date: Sun Jul 10 19:00:09 2011
New Revision: 9118
URL: http://svn.debian.org/wsvn/pkg-voip/?sc=1&rev=9118
Log:
Patch AST-2011-008: Use strlen rather than ast_str_len (Closes: #633481).
Modified:
asterisk/branches/lenny-security/debian/changelog
asterisk/branches/lenny-security/debian/patches/AST-2011-008
Modified: asterisk/branches/lenny-security/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/lenny-security/debian/changelog?rev=9118&op=diff
==============================================================================
--- asterisk/branches/lenny-security/debian/changelog (original)
+++ asterisk/branches/lenny-security/debian/changelog Sun Jul 10 19:00:09 2011
@@ -1,3 +1,9 @@
+asterisk (1:1.4.21.2~dfsg-3+lenny4) oldstable-security; urgency=high
+
+ * Patch AST-2011-008: Use strlen rather than ast_str_len (Closes: #633481).
+
+ -- Tzafrir Cohen <tzafrir at debian.org> Sun, 10 Jul 2011 21:56:22 +0300
+
asterisk (1:1.4.21.2~dfsg-3+lenny3) oldstable-security; urgency=high
* Patch AST-2011-008 (CVE-2011-2529) - crash on a malformed SIP packet
Modified: asterisk/branches/lenny-security/debian/patches/AST-2011-008
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/branches/lenny-security/debian/patches/AST-2011-008?rev=9118&op=diff
==============================================================================
--- asterisk/branches/lenny-security/debian/patches/AST-2011-008 (original)
+++ asterisk/branches/lenny-security/debian/patches/AST-2011-008 Sun Jul 10 19:00:09 2011
@@ -24,7 +24,7 @@
req.data[res] = '\0';
- req.len = res;
+ /* req.data will have the correct length in case of nulls */
-+ req.len = ast_str_strlen(req.data);
++ req.len = strlen(req.data);
if(sip_debug_test_addr(&sin)) /* Set the debug flag early on packet level */
ast_set_flag(&req, SIP_PKT_DEBUG);
if (pedanticsipchecking)
More information about the Pkg-voip-commits
mailing list