[Pkg-voip-commits] r9978 - in /gnugk/trunk/debian: changelog patches/ patches/gnugk-fix-cve-2012-3534.diff patches/series

msp at alioth.debian.org msp at alioth.debian.org
Sat Sep 29 22:59:56 UTC 2012 

Author: msp
Date: Sat Sep 29 22:59:56 2012
New Revision: 9978

URL: http://svn.debian.org/wsvn/pkg-voip/?sc=1&rev=9978
Log:
* Fix "CVE-2012-3534" Added gnugk-fix-cve-2012-3534.diff (Closes: #685969)
* Urgency medium for RC bug

Added:
    gnugk/trunk/debian/patches/
    gnugk/trunk/debian/patches/gnugk-fix-cve-2012-3534.diff
    gnugk/trunk/debian/patches/series
Modified:
    gnugk/trunk/debian/changelog

Modified: gnugk/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-voip/gnugk/trunk/debian/changelog?rev=9978&op=diff
==============================================================================
--- gnugk/trunk/debian/changelog (original)
+++ gnugk/trunk/debian/changelog Sat Sep 29 22:59:56 2012
@@ -1,3 +1,10 @@
+gnugk (2:3.0.2-2) unstable; urgency=medium
+
+  * Fix "CVE-2012-3534" Added gnugk-fix-cve-2012-3534.diff (Closes: #685969)
+  * Urgency medium for RC bug
+
+ -- Mark Purcell <msp at debian.org>  Sun, 30 Sep 2012 08:59:11 +1000
+
 gnugk (2:3.0.2-1) unstable; urgency=low
 
   * New upstream release

Added: gnugk/trunk/debian/patches/gnugk-fix-cve-2012-3534.diff
URL: http://svn.debian.org/wsvn/pkg-voip/gnugk/trunk/debian/patches/gnugk-fix-cve-2012-3534.diff?rev=9978&op=file
==============================================================================
--- gnugk/trunk/debian/patches/gnugk-fix-cve-2012-3534.diff (added)
+++ gnugk/trunk/debian/patches/gnugk-fix-cve-2012-3534.diff Sat Sep 29 22:59:56 2012
@@ -1,0 +1,100 @@
+http://sourceforge.net/mailarchive/forum.php?thread_name=From_willamowius%40users.sourceforge.net_Wed_Aug_15_07%3A08%3A15_2012&forum_name=openh323gk-cvs
+Modified Files:
+	changes.txt GkStatus.cxx GkStatus.h 
+Log Message:
+new switch [Gatekeeper::Main] MaxStatusClients= to limit number of status port connections
+
+
+Index: gnugk-3.0.2/GkStatus.cxx
+===================================================================
+--- gnugk-3.0.2.orig/GkStatus.cxx	2011-11-28 23:33:40.000000000 +1100
++++ gnugk-3.0.2/GkStatus.cxx	2012-09-30 08:40:52.000000000 +1000
+@@ -107,8 +107,6 @@
+ 		int instanceNo
+ 		);
+ 		
+-	virtual ~StatusClient() {}
+-
+ 	virtual bool ReadCommand(
+ 		/// command that has been read (if ReadCommand succeeded)
+ 		PString& cmd,
+@@ -817,12 +815,13 @@
+ #endif
+ 
+ 	SetName("GkStatus");
++	m_statusClients = 0;
++	m_maxStatusClients = GkConfig()->GetInteger("MaxStatusClients", 20);
+ 	Execute();
+ }
+ 
+ void GkStatus::AuthenticateClient(StatusClient* newClient)
+ {
+-	if (newClient->Authenticate()) {
+ 		newClient->SetTraceLevel(GkConfig()->GetInteger("StatusTraceLevel", MAX_STATUS_TRACE_LEVEL));
+ 		PTRACE(1, "STATUS\tNew client authenticated successfully: " << newClient->WhoAmI()
+ 			<< ", login: " << newClient->GetUser()
+@@ -832,9 +831,6 @@
+ 		newClient->Flush();
+ 		AddSocket(newClient);
+ 	} else {
+-		PTRACE(3, "STATUS\tNew client rejected: " << newClient->WhoAmI()
+-			<< ", login: " << newClient->GetUser()
+-			);
+ 		newClient->WriteString("\r\nAccess forbidden!\r\n");
+ 		// newClient->Flush();	// dont' flush when access is denied to avoid blocking
+ 		delete newClient;
+@@ -1127,6 +1123,11 @@
+ 	m_isFilteringActive = Toolkit::AsBool(GkConfig()->GetString(filteringsec, "Enable", "0"));
+ }
+ 
++StatusClient::~StatusClient()
++{
++	GkStatus::Instance()->StatusClientDeleted();
++}
++ 
+ bool StatusClient::ReadCommand(
+ 	/// command that has been read (if ReadCommand succeeded)
+ 	PString& cmd,
+Index: gnugk-3.0.2/GkStatus.h
+===================================================================
+--- gnugk-3.0.2.orig/GkStatus.h	2011-11-28 23:33:40.000000000 +1100
++++ gnugk-3.0.2/GkStatus.h	2012-09-30 08:36:31.000000000 +1000
+@@ -79,6 +79,10 @@
+ 		StatusClient* requestingClient
+ 		);
+ 
++	/** Notification form the status client that it has been deleted
++	*/
++	void StatusClientDeleted() { --m_statusClients; }
++ 
+ 	/** Print a list of all connected status interface users
+ 		to the requesting client.
+ 	*/
+@@ -166,7 +170,6 @@
+ 		PStringArray& args
+ 		);
+ 
+-private:
+ 	// override from class RegularJob
+ 	virtual void OnStart();
+ 
+@@ -176,6 +179,9 @@
+ 
+ 	/// map for fast (and easy) 'parsing' the commands from the user
+ 	std::map<PString, int> m_commands;
++
++	unsigned m_statusClients;
++	unsigned m_maxStatusClients;
+ };
+ 
+ /** Listen for incoming connections to the status interface port
+Index: gnugk-3.0.2/changes.txt
+===================================================================
+--- gnugk-3.0.2.orig/changes.txt	2011-12-23 02:29:17.000000000 +1100
++++ gnugk-3.0.2/changes.txt	2012-09-30 08:41:30.000000000 +1000
+@@ -1,3 +1,5 @@
++- new switch [Gatekeeper::Main] MaxStatusClients= to limit number of status port connections (default: 20)
++
+ Changes from 2.3.5 to 3.0
+ =========================
+ - BUGFIX(RasTbl.cxx) fix possibility of stale calls when using failover

Added: gnugk/trunk/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-voip/gnugk/trunk/debian/patches/series?rev=9978&op=file
==============================================================================
--- gnugk/trunk/debian/patches/series (added)
+++ gnugk/trunk/debian/patches/series Sat Sep 29 22:59:56 2012
@@ -1,0 +1,1 @@
+#gnugk-fix-cve-2012-3534.diff

More information about the Pkg-voip-commits mailing list