thomas: server/imapd CVE-2009-2632.patch, NONE, 1.1.2.1 Makefile, 1.40.2.2, 1.40.2.3 kolab.patch, 1.39.2.1, 1.39.2.2
cvs at kolab.org
cvs at kolab.org
Tue Sep 22 16:28:23 CEST 2009
Author: thomas
Update of /kolabrepository/server/imapd
In directory doto:/tmp/cvs-serv23700/imapd
Modified Files:
Tag: kolab_2_2_branch
Makefile kolab.patch
Added Files:
Tag: kolab_2_2_branch
CVE-2009-2632.patch
Log Message:
Fix buffer size calculations for sieve actions_string (CVE-2009-2632)
--- NEW FILE: CVE-2009-2632.patch ---
Fix buffer size calculations for sieve actions_string (CVE-2009-2632)
https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sieve/script.c.diff?r1=1.67&r2=1.68
(without CVS keyword hunk)
--- src/sieve/script.c 2008/03/24 20:08:46 1.67
+++ src/sieve/script.c 2009/09/02 13:56:18 1.68
@@ -688,7 +688,7 @@ static int do_sieve_error(int ret,
ret |= keep_ret;
if (keep_ret == SIEVE_OK)
snprintf(actions_string+strlen(actions_string),
- sizeof(actions_string)-strlen(actions_string),
+ ACTIONS_STRING_LEN-strlen(actions_string),
"Kept\n");
else {
implicit_keep = 0; /* don't try an implicit keep again */
@@ -742,7 +742,7 @@ static int do_action_list(sieve_interp_t
if (ret == SIEVE_OK)
snprintf(actions_string+strlen(actions_string),
- sizeof(actions_string)-strlen(actions_string),
+ ACTIONS_STRING_LEN-strlen(actions_string),
"Rejected with: %s\n", a->u.rej.msg);
break;
@@ -757,7 +757,7 @@ static int do_action_list(sieve_interp_t
if (ret == SIEVE_OK)
snprintf(actions_string+strlen(actions_string),
- sizeof(actions_string)-strlen(actions_string),
+ ACTIONS_STRING_LEN-strlen(actions_string),
"Filed into: %s\n",a->u.fil.mailbox);
break;
case ACTION_KEEP:
@@ -770,7 +770,7 @@ static int do_action_list(sieve_interp_t
&errmsg);
if (ret == SIEVE_OK)
snprintf(actions_string+strlen(actions_string),
- sizeof(actions_string)-strlen(actions_string),
+ ACTIONS_STRING_LEN-strlen(actions_string),
"Kept\n");
break;
case ACTION_REDIRECT:
@@ -783,7 +783,7 @@ static int do_action_list(sieve_interp_t
&errmsg);
if (ret == SIEVE_OK)
snprintf(actions_string+strlen(actions_string),
- sizeof(actions_string)-strlen(actions_string),
+ ACTIONS_STRING_LEN-strlen(actions_string),
"Redirected to %s\n", a->u.red.addr);
break;
case ACTION_DISCARD:
@@ -794,7 +794,7 @@ static int do_action_list(sieve_interp_t
&errmsg);
if (ret == SIEVE_OK)
snprintf(actions_string+strlen(actions_string),
- sizeof(actions_string)-strlen(actions_string),
+ ACTIONS_STRING_LEN-strlen(actions_string),
"Discarded\n");
break;
@@ -820,12 +820,12 @@ static int do_action_list(sieve_interp_t
if (ret == SIEVE_OK)
snprintf(actions_string+strlen(actions_string),
- sizeof(actions_string)-strlen(actions_string),
+ ACTIONS_STRING_LEN-strlen(actions_string),
"Sent vacation reply\n");
} else if (ret == SIEVE_DONE) {
snprintf(actions_string+strlen(actions_string),
- sizeof(actions_string)-strlen(actions_string),
+ ACTIONS_STRING_LEN-strlen(actions_string),
"Vacation reply suppressed\n");
ret = SIEVE_OK;
Index: Makefile
===================================================================
RCS file: /kolabrepository/server/imapd/Makefile,v
retrieving revision 1.40.2.2
retrieving revision 1.40.2.3
diff -u -d -r1.40.2.2 -r1.40.2.3
--- Makefile 2 Apr 2009 13:51:44 -0000 1.40.2.2
+++ Makefile 22 Sep 2009 14:28:21 -0000 1.40.2.3
@@ -21,7 +21,7 @@
PACKAGE=imapd
VERSION=2.3.13
RELEASE=20081020
-KOLABRELEASE=20081020_kolab2
+KOLABRELEASE=20081020_kolab3
PATCHES=../patches/cyrus-imapd/cyrus-imapd-$(VERSION)/KOLAB_cyrus-cyradm-$(VERSION)_Annotations.patch \
../patches/cyrus-imapd/cyrus-imapd-$(VERSION)/KOLAB_cyrus-imapd-$(VERSION)_Annotations2.patch \
@@ -29,7 +29,8 @@
../patches/cyrus-imapd/cyrus-imapd-$(VERSION)/KOLAB_cyrus-imapd-$(VERSION)_Groups2.patch \
../patches/cyrus-imapd/cyrus-imapd-$(VERSION)/KOLAB_cyrus-imapd-$(VERSION)_Logging.patch \
../patches/cyrus-imapd/cyrus-imapd-$(VERSION)/KOLAB_cyrus-imapd-$(VERSION)_timsieved_starttls-sendcaps.patch \
- ../patches/cyrus-imapd/cyrus-imapd-$(VERSION)/KOLAB_cyrus-imapd-$(VERSION)_UID.patch
+ ../patches/cyrus-imapd/cyrus-imapd-$(VERSION)/KOLAB_cyrus-imapd-$(VERSION)_UID.patch \
+ CVE-2009-2632.patch
.PHONY: all
all: $(PACKAGE)-$(VERSION)-$(KOLABRELEASE).src.rpm
Index: kolab.patch
===================================================================
RCS file: /kolabrepository/server/imapd/kolab.patch,v
retrieving revision 1.39.2.1
retrieving revision 1.39.2.2
diff -u -d -r1.39.2.1 -r1.39.2.2
--- kolab.patch 1 Apr 2009 17:03:45 -0000 1.39.2.1
+++ kolab.patch 22 Sep 2009 14:28:21 -0000 1.39.2.2
@@ -1,11 +1,11 @@
--- imapd.spec.orig 2008-10-20 20:12:23.000000000 +0200
-+++ imapd.spec 2009-01-25 22:19:52.000000000 +0100
++++ imapd.spec 2009-09-22 16:13:53.049428455 +0200
@@ -32,7 +32,7 @@
Group: Mail
License: BSD
Version: 2.3.13
-Release: 20081020
-+Release: 20081020_kolab2
++Release: 20081020_kolab3
# package options
%option with_fsl yes
@@ -17,7 +17,7 @@
# fixing implicit inter-module dependencies and correlations
%if "%{with_kolab}" == "yes"
-@@ -67,12 +68,13 @@
+@@ -67,12 +68,14 @@
Source3: imapd.conf
Source4: fsl.imapd
Patch0: imapd.patch
@@ -34,10 +34,11 @@
+Patch5: http://kolab.org/cgi-bin/viewcvs-kolab.cgi/*checkout*/server/patches/cyrus-imapd/cyrus-imapd-%{version}/KOLAB_cyrus-imapd-%{version}_UID.patch
+Patch6: http://kolab.org/cgi-bin/viewcvs-kolab.cgi/*checkout*/server/patches/cyrus-imapd/cyrus-imapd-%{version}/KOLAB_cyrus-imapd-%{version}_Folder-names.patch
+Patch7: http://kolab.org/cgi-bin/viewcvs-kolab.cgi/*checkout*/server/patches/cyrus-imapd/cyrus-imapd-%{version}/KOLAB_cyrus-imapd-%{version}_timsieved_starttls-sendcaps.patch
++Patch8: CVE-2009-2632.patch
# build information
Prefix: %{l_prefix}
-@@ -120,11 +122,7 @@
+@@ -120,11 +123,7 @@
# add optional group file support with support to ignore case
%if "%{with_group}" == "yes"
@@ -50,7 +51,7 @@
%{l_shtool} subst \
-e 's;/etc/imapd\.group;%{l_prefix}/etc/imapd/imapd.group;' \
lib/auth_unix.c
-@@ -132,7 +130,7 @@
+@@ -132,7 +131,7 @@
# add optional folder annotation support
%if "%{with_annotate}" == "yes"
@@ -59,7 +60,7 @@
%patch -p1 -P 3
%endif
-@@ -152,6 +150,11 @@
+@@ -152,12 +151,20 @@
%patch -p1 -P 6
%endif
@@ -71,7 +72,16 @@
# add optional DRAC file support
%if "%{with_drac}" == "yes"
%{l_shtool} subst -e 's;@DRACLIBS@;-ldrac;g' contrib/drac_auth.patch
-@@ -287,7 +290,11 @@
+ %{l_patch} -p0 <contrib/drac_auth.patch
+ %endif
+
++ # CVE-2009-2632
++ %patch -p1 -P 8
++
+ # make sure config2header rebuilds imapopts based on imapoptions
+ rm -f lib/imapopts.h lib/imapopts.c >/dev/null 2>&1 || true
+
+@@ -287,7 +294,11 @@
%if "%{with_nntp}" == "yes"
--enable-nntp \
%endif
@@ -83,7 +93,7 @@
--without-krb
# build program
-@@ -411,9 +418,6 @@
+@@ -411,9 +422,6 @@
# before erase, stop service and remove log and temporary files
if [ $1 -eq 0 ]; then
%{l_rc} imapd stop 2>/dev/null
More information about the commits
mailing list