[Pkg-php-commits] [php/debian-sid] Cherry pick fix for double free vulnerability in the imap_do_open function in the IMAP extension
Ondřej Surý
ondrej at sury.org
Wed Dec 22 16:40:10 UTC 2010
---
debian/patches/CVE-2010-4150.patch | 15 +++++++++++++++
debian/patches/series | 1 +
2 files changed, 16 insertions(+), 0 deletions(-)
create mode 100644 debian/patches/CVE-2010-4150.patch
diff --git a/debian/patches/CVE-2010-4150.patch b/debian/patches/CVE-2010-4150.patch
new file mode 100644
index 0000000..249286a
--- /dev/null
+++ b/debian/patches/CVE-2010-4150.patch
@@ -0,0 +1,15 @@
+--- a/ext/imap/php_imap.c
++++ b/ext/imap/php_imap.c
+@@ -1209,10 +1209,12 @@ static void php_imap_do_open(INTERNAL_FU
+
+ if (IMAPG(imap_user)) {
+ efree(IMAPG(imap_user));
++ IMAPG(imap_user) = 0;
+ }
+
+ if (IMAPG(imap_password)) {
+ efree(IMAPG(imap_password));
++ IMAPG(imap_password) = 0;
+ }
+
+ /* local filename, need to perform open_basedir and safe_mode checks */
diff --git a/debian/patches/series b/debian/patches/series
index e8967ad..579acfb 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -74,3 +74,4 @@ fix-open_basedir-with-separator-r305698.patch
CVE-2010-4409.patch
crash_in_zip_extract.patch
unaligned_memory_access_in_hash_tiger.c.patch
+CVE-2010-4150.patch
--
1.7.1
More information about the Pkg-php-commits
mailing list