File: evolution-data-server_1.6.3-5etch1.diff

package info (click to toggle)
evolution-data-server 1.6.3-5etch3
  • links: PTS
  • area: main
  • in suites: etch
  • size: 59,384 kB
  • ctags: 43,218
  • sloc: ansic: 319,315; tcl: 30,499; xml: 19,166; sh: 18,776; perl: 11,529; cpp: 8,259; java: 7,653; makefile: 6,448; awk: 1,338; yacc: 1,103; sed: 772; cs: 505; lex: 134; asm: 14
file content (50 lines) | stat: -rw-r--r-- 2,209 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
 
Index: debian/patches/92_imap-negative-array-index.patch
===================================================================
--- debian/patches/92_imap-negative-array-index.patch (revision 0)
+++ debian/patches/92_imap-negative-array-index.patch (revision 0)
@@ -0,0 +1,29 @@
+SECURITY; GNOME #447414; FEDORA-2007-0464; Debian #429876; fixes potential
+negative array index usage in IMAP code (remote).
+
+2007-06-14  Philip Van Hoof  <pvanhoof@gnome.org>
+
+       * camel-imap-folder.c: Security bugfix. The sequence can be a negative
+       value while it is being used as the index of an array (#447414)
+
+diff -Nur evolution-data-server-1.6.3/camel/providers/imap/camel-imap-folder.c evolution-data-server-1.6.3.new/camel/providers/imap/camel-imap-folder.c
+--- evolution-data-server-1.6.3/camel/providers/imap/camel-imap-folder.c	2006-06-22 06:44:50.000000000 +0200
++++ evolution-data-server-1.6.3.new/camel/providers/imap/camel-imap-folder.c	2007-06-21 13:44:13.000000000 +0200
+@@ -647,7 +647,7 @@
+ 		uid = g_datalist_get_data (&data, "UID");
+ 		flags = GPOINTER_TO_UINT (g_datalist_get_data (&data, "FLAGS"));
+ 		
+-		if (!uid || !seq || seq > summary_len) {
++		if (!uid || !seq || seq > summary_len || seq < 0) {
+ 			g_datalist_clear (&data);
+ 			continue;
+ 		}
+@@ -2748,7 +2748,7 @@
+ 		
+ 		if (*response != '*' || *(response + 1) != ' ')
+ 			return NULL;
+-		seq = strtol (response + 2, &response, 10);
++		seq = strtoul (response + 2, &response, 10);
+ 		if (seq == 0)
+ 			return NULL;
+ 		if (g_ascii_strncasecmp (response, " FETCH (", 8) != 0)
Index: debian/changelog
===================================================================
--- debian/changelog (revision 853)
+++ debian/changelog (working copy)
@@ -1,3 +1,11 @@
+evolution-data-server (1.6.3-5etch1) stable-security; urgency=high
+
+  * SECURITY: New patch, 92_imap-negative-array-index, fixes potential
+    negative array index usage in IMAP code (remote); FEDORA-2007-0464;
+    GNOME #447414; closes: #429876.
+
+ -- Loic Minier <lool@dooz.org>  Thu, 21 Jun 2007 13:45:57 +0200
+
 evolution-data-server (1.6.3-5) unstable; urgency=high
 
   * New patch, 65_tz-updates, misc timezone updates, adapted from a patch