[Pkg-voip-commits] r4234 - asterisk/branches/sarge/debian/patches
paravoid at alioth.debian.org
paravoid at alioth.debian.org
Thu Aug 23 00:44:00 UTC 2007
Author: paravoid
Date: 2007-08-23 00:44:00 +0000 (Thu, 23 Aug 2007)
New Revision: 4234
Added:
asterisk/branches/sarge/debian/patches/99_ASA-2007-011.dpatch
Log:
Really add ASA-2007-011.dpatch
Added: asterisk/branches/sarge/debian/patches/99_ASA-2007-011.dpatch
===================================================================
--- asterisk/branches/sarge/debian/patches/99_ASA-2007-011.dpatch (rev 0)
+++ asterisk/branches/sarge/debian/patches/99_ASA-2007-011.dpatch 2007-08-23 00:44:00 UTC (rev 4234)
@@ -0,0 +1,22 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 99_ASA-2007-011.dpatch by Faidon Liambotis <paravoid at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: channels/chan_sip.c: Only try to handle a response if it has a response code.
+## DP: Backported to v1.0, original is r59194 in upstream's SVN
+## DP: Security fix, ASA-2007-011, CVE-2007-1594, CVE-2007-2297
+
+ at DPATCH@
+diff -urNad asterisk-1.0.7.dfsg.1~/channels/chan_sip.c asterisk-1.0.7.dfsg.1/channels/chan_sip.c
+--- asterisk-1.0.7.dfsg.1~/channels/chan_sip.c 2007-08-23 02:56:37.000000000 +0300
++++ asterisk-1.0.7.dfsg.1/channels/chan_sip.c 2007-08-23 03:02:06.000000000 +0300
+@@ -7718,6 +7718,9 @@
+ p->needdestroy = 1;
+ } else if (!strcasecmp(cmd, "SIP/2.0")) {
+ extract_uri(p, req);
++ if (!e)
++ return 0;
++
+ while(*e && (*e < 33)) e++;
+ if (sscanf(e, "%i %n", &respid, &len) != 1) {
+ ast_log(LOG_WARNING, "Invalid response: '%s'\n", e);
Property changes on: asterisk/branches/sarge/debian/patches/99_ASA-2007-011.dpatch
___________________________________________________________________
Name: svn:executable
+ *
More information about the Pkg-voip-commits
mailing list