[SVN] r843 - in /trunk/cyrus-imapd-2.2.13: debian/changelog sieve/bc_eval.c sieve/script.c sieve/sieve.y
debian at incase.de
debian at incase.de
Tue Sep 22 20:23:04 UTC 2009
Author: hmh
Date: Tue Sep 22 22:23:04 2009
New Revision: 843
URL: https://mail.incase.de/viewcvs?rev=843&root=cyrus22&view=rev
Log:
* Security Update: CVE-2009-3235:
Multiple stack-based buffer overflows in the Sieve parsing code,
patches taken from upstream CVS (closes: #547947)
Modified:
trunk/cyrus-imapd-2.2.13/debian/changelog
trunk/cyrus-imapd-2.2.13/sieve/bc_eval.c
trunk/cyrus-imapd-2.2.13/sieve/script.c
trunk/cyrus-imapd-2.2.13/sieve/sieve.y
Modified: trunk/cyrus-imapd-2.2.13/debian/changelog
URL: https://mail.incase.de/viewcvs/trunk/cyrus-imapd-2.2.13/debian/changelog?rev=843&root=cyrus22&r1=842&r2=843&view=diff
==============================================================================
--- trunk/cyrus-imapd-2.2.13/debian/changelog (original)
+++ trunk/cyrus-imapd-2.2.13/debian/changelog Tue Sep 22 22:23:04 2009
@@ -1,3 +1,11 @@
+cyrus-imapd-2.2 (2.2.13-17) unstable; urgency=high
+
+ * Security Update: CVE-2009-3235:
+ Multiple stack-based buffer overflows in the Sieve parsing code,
+ patches taken from upstream CVS (closes: #547947)
+
+ -- Henrique de Moraes Holschuh <hmh at debian.org> Tue, 22 Sep 2009 17:17:17 -0300
+
cyrus-imapd-2.2 (2.2.13-16) unstable; urgency=high
* Justification for high urgency: Get security update from -15 into
Modified: trunk/cyrus-imapd-2.2.13/sieve/bc_eval.c
URL: https://mail.incase.de/viewcvs/trunk/cyrus-imapd-2.2.13/sieve/bc_eval.c?rev=843&root=cyrus22&r1=842&r2=843&view=diff
==============================================================================
--- trunk/cyrus-imapd-2.2.13/sieve/bc_eval.c (original)
+++ trunk/cyrus-imapd-2.2.13/sieve/bc_eval.c Tue Sep 22 22:23:04 2009
@@ -440,7 +440,7 @@
int comparator=ntohl(bc[i+3].value);
int apart=ntohl(bc[i+4].value);
int count=0;
- char scount[3];
+ char scount[21];
int isReg = (match==B_REGEX);
int ctag = 0;
regex_t *reg;
@@ -608,7 +608,7 @@
int relation=ntohl(bc[i+2].value);
int comparator=ntohl(bc[i+3].value);
int count=0;
- char scount[3];
+ char scount[21];
int isReg = (match==B_REGEX);
int ctag = 0;
regex_t *reg;
Modified: trunk/cyrus-imapd-2.2.13/sieve/script.c
URL: https://mail.incase.de/viewcvs/trunk/cyrus-imapd-2.2.13/sieve/script.c?rev=843&root=cyrus22&r1=842&r2=843&view=diff
==============================================================================
--- trunk/cyrus-imapd-2.2.13/sieve/script.c (original)
+++ trunk/cyrus-imapd-2.2.13/sieve/script.c Tue Sep 22 22:23:04 2009
@@ -526,9 +526,9 @@
if ((ret != SIEVE_OK) && interp->err) {
char buf[1024];
if (lastaction == -1) /* we never executed an action */
- sprintf(buf, "%s", errmsg ? errmsg : sieve_errstr(ret));
+ snprintf(buf, sizeof(buf), "%s", errmsg ? errmsg : sieve_errstr(ret));
else
- sprintf(buf, "%s: %s", action_to_string(lastaction),
+ snprintf(buf, sizeof(buf), "%s: %s", action_to_string(lastaction),
errmsg ? errmsg : sieve_errstr(ret));
ret |= interp->execute_err(buf, interp->interp_context,
Modified: trunk/cyrus-imapd-2.2.13/sieve/sieve.y
URL: https://mail.incase.de/viewcvs/trunk/cyrus-imapd-2.2.13/sieve/sieve.y?rev=843&root=cyrus22&r1=842&r2=843&view=diff
==============================================================================
--- trunk/cyrus-imapd-2.2.13/sieve/sieve.y (original)
+++ trunk/cyrus-imapd-2.2.13/sieve/sieve.y Tue Sep 22 22:23:04 2009
@@ -923,7 +923,7 @@
else if (!strcmp(r, "ne")) {return NE;}
else if (!strcmp(r, "eq")) {return EQ;}
else{
- sprintf(errbuf, "flag '%s': not a valid relational operation", r);
+ snprintf(errbuf, sizeof(errbuf), "flag '%s': not a valid relational operation", r);
yyerror(errbuf);
return -1;
}
More information about the Pkg-Cyrus-imapd-Debian-devel
mailing list