[Pkg-voip-commits] r4331 - in asterisk/trunk/debian: . patches

kilian at alioth.debian.org kilian at alioth.debian.org
Thu Aug 30 15:45:01 UTC 2007 

Author: kilian
Date: 2007-08-30 15:45:00 +0000 (Thu, 30 Aug 2007)
New Revision: 4331

Added:
   asterisk/trunk/debian/patches/CVE-2007-4521
Modified:
   asterisk/trunk/debian/changelog
   asterisk/trunk/debian/patches/series
Log:
* Fix IMAP crash with upstream source snipplet. (Closes: #440187)

Modified: asterisk/trunk/debian/changelog
===================================================================
--- asterisk/trunk/debian/changelog	2007-08-30 07:27:04 UTC (rev 4330)
+++ asterisk/trunk/debian/changelog	2007-08-30 15:45:00 UTC (rev 4331)
@@ -18,8 +18,9 @@
   [ Kilian Krause ]
   * Add backport hook for Sarge. Update Dapper.
   * Update backports scripts for libcurl4*-dev
+  * Fix IMAP crash with upstream source snipplet. (Closes: #440187)
 
- -- Kilian Krause <kilian at debian.org>  Mon, 27 Aug 2007 19:50:55 +0200
+ -- Kilian Krause <kilian at debian.org>  Thu, 30 Aug 2007 17:43:11 +0200
 
 asterisk (1:1.4.11~dfsg-1) unstable; urgency=low
 

Added: asterisk/trunk/debian/patches/CVE-2007-4521
===================================================================
--- asterisk/trunk/debian/patches/CVE-2007-4521	                        (rev 0)
+++ asterisk/trunk/debian/patches/CVE-2007-4521	2007-08-30 15:45:00 UTC (rev 4331)
@@ -0,0 +1,33 @@
+Fix CVE-2007-4521 remote denial of service when using IMAP
+
+Taken from upstream SVN http://svn.digium.com/view/asterisk?view=rev&rev=80750
+
+ -- Kilian Krause <kilian at debian.org>
+
+diff -urNad asterisk-1.4.11~dfsg~/apps/app_voicemail.c asterisk-1.4.11~dfsg/apps/app_voicemail.c
+--- asterisk-1.4.11~dfsg~/apps/app_voicemail.c	2007-08-20 17:34:43.000000000 +0200
++++ asterisk-1.4.11~dfsg/apps/app_voicemail.c	2007-08-30 17:40:08.000000000 +0200
+@@ -4421,7 +4421,7 @@
+ 	mail_fetchstructure (vms->mailstream,vms->msgArray[vms->curmsg],&body);
+ 	
+ 	/* We have the body, now we extract the file name of the first attachment. */
+-	if (body->nested.part->next && body->nested.part->next->body.parameter->value) {
++	if (body->nested.part && body->nested.part->next && body->nested.part->next->body.parameter->value) {
+ 		attachedfilefmt = ast_strdupa(body->nested.part->next->body.parameter->value);
+ 	} else {
+ 		ast_log(LOG_ERROR, "There is no file attached to this IMAP message.\n");
+diff -urNad asterisk-1.4.11~dfsg~/x asterisk-1.4.11~dfsg/x
+--- asterisk-1.4.11~dfsg~/x	1970-01-01 01:00:00.000000000 +0100
++++ asterisk-1.4.11~dfsg/x	2007-08-30 17:39:58.000000000 +0200
+@@ -0,0 +1,11 @@
++--- branches/1.4/apps/app_voicemail.c (original)
+++++ branches/1.4/apps/app_voicemail.c Fri Aug 24 10:51:03 2007
++@@ -4421,7 +4421,7 @@
++ 	mail_fetchstructure (vms->mailstream,vms->msgArray[vms->curmsg],&body);
++ 	
++ 	/* We have the body, now we extract the file name of the first attachment. */
++-	if (body->nested.part->next && body->nested.part->next->body.parameter->value) {
+++	if (body->nested.part && body->nested.part->next && body->nested.part->next->body.parameter->value) {
++ 		attachedfilefmt = ast_strdupa(body->nested.part->next->body.parameter->value);
++ 	} else {
++ 		ast_log(LOG_ERROR, "There is no file attached to this IMAP message.\n");

Modified: asterisk/trunk/debian/patches/series
===================================================================
--- asterisk/trunk/debian/patches/series	2007-08-30 07:27:04 UTC (rev 4330)
+++ asterisk/trunk/debian/patches/series	2007-08-30 15:45:00 UTC (rev 4331)
@@ -71,3 +71,6 @@
 
 # use /usr/include/bristuffed/libpri.h - /usr/lib/libpri-bristuffed.so.1.0
 use-libpri-bristuffed
+
+# fix CVE-2007-4521 (Debian bug #440187)
+CVE-2007-4521

More information about the Pkg-voip-commits mailing list