[Pkg-voip-commits] [pjproject] 01/01: Import Debian changes 2.1.0.0.ast20130823-1+deb8u1

[Bernhard Schmidt]

This is an automated email from the git hooks/post-receive script.

berni pushed a commit to branch wheezy
in repository pjproject.

commit 0aca5a9cd32f40865b3d88ab3f99e2cb08b74d0f
Author: Moritz Muehlenhoff <jmm at debian.org>
Date:   Wed Aug 9 23:04:04 2017 +0200

    Import Debian changes 2.1.0.0.ast20130823-1+deb8u1
    
    pjproject (2.1.0.0.ast20130823-1+deb8u1) jessie-security; urgency=medium
    
      * CVE-2017-9359 CVE-2017-9372
---
 debian/changelog                                 |  6 +++
 debian/patches/CVE-2017-9359_CVE-2017-9372.patch | 47 ++++++++++++++++++++++++
 debian/patches/series                            |  1 +
 3 files changed, 54 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index bb41cd2..326399b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+pjproject (2.1.0.0.ast20130823-1+deb8u1) jessie-security; urgency=medium
+
+  * CVE-2017-9359 CVE-2017-9372
+
+ -- Moritz Muehlenhoff <jmm at debian.org>  Wed, 09 Aug 2017 23:04:04 +0200
+
 pjproject (2.1.0.0.ast20130823-1) unstable; urgency=low
 
   [ Jeremy Lainé ]
diff --git a/debian/patches/CVE-2017-9359_CVE-2017-9372.patch b/debian/patches/CVE-2017-9359_CVE-2017-9372.patch
new file mode 100644
index 0000000..36a2d82
--- /dev/null
+++ b/debian/patches/CVE-2017-9359_CVE-2017-9372.patch
@@ -0,0 +1,47 @@
+Backports of 
+
+From: Mark Michelson <mmichelson at digium.com>
+Date: Thu, 13 Apr 2017 16:59:40 -0500
+Subject: Parse zero-length multipart body parts correctly.
+
+From: Mark Michelson <mmichelson at digium.com>
+Date: Thu, 13 Apr 2017 16:20:07 -0500
+Subject: Ensure 2543 transaction key buffer is large enough.
+
+--- pjproject-2.1.0.0.ast20130823.orig/pjsip/src/pjsip/sip_multipart.c
++++ pjproject-2.1.0.0.ast20130823/pjsip/src/pjsip/sip_multipart.c
+@@ -635,13 +635,15 @@ PJ_DEF(pjsip_msg_body*) pjsip_multipart_
+ 
+ 	end_body = curptr;
+ 
+-	/* The newline preceeding the delimiter is conceptually part of
+-	 * the delimiter, so trim it from the body.
+-	 */
+-	if (*(end_body-1) == '\n')
+-	    --end_body;
+-	if (*(end_body-1) == '\r')
+-	    --end_body;
++	if (end_body > start_body) {
++	    /* The newline preceeding the delimiter is conceptually part of
++	     * the delimiter, so trim it from the body.
++	     */
++	    if (*(end_body-1) == '\n')
++		--end_body;
++	    if (*(end_body-1) == '\r')
++		 --end_body;
++	}
+ 
+ 	/* Now that we have determined the part's boundary, parse it
+ 	 * to get the header and body part of the part.
+--- pjproject-2.1.0.0.ast20130823.orig/pjsip/src/pjsip/sip_transaction.c
++++ pjproject-2.1.0.0.ast20130823/pjsip/src/pjsip/sip_transaction.c
+@@ -285,7 +285,8 @@ static pj_status_t create_tsx_key_2543(
+     (pjsip_uri*)rdata->msg_info.msg->line.req.uri;
+ 
+     /* Calculate length required. */
+-    len_required = 9 +			    /* CSeq number */
++    len_required = method->name.slen +	    /* Method */
++		   9 +			    /* CSeq number */
+ 		   rdata->msg_info.from->tag.slen +   /* From tag. */
+ 		   rdata->msg_info.cid->id.slen +    /* Call-ID */
+ 		   host->slen +		    /* Via host. */
diff --git a/debian/patches/series b/debian/patches/series
index f881e9d..d6bc6c4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,3 +6,4 @@ reduce_pjmedia_linkage.patch
 typos.patch
 symbols_diet.patch
 fix_gcc_warn.patch
+CVE-2017-9359_CVE-2017-9372.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-voip/pjproject.git