From 1d8712e3705df4c07b89f15bab528371c8910e61 Mon Sep 17 00:00:00 2001 From: Matthew Barnes Date: Apr 30 2007 20:58:25 +0000 Subject: - Revise patch for RH bug #235290 to not break string freeze. --- diff --git a/evolution-data-server-1.10.1-apop-auth-vulnerability.patch b/evolution-data-server-1.10.1-apop-auth-vulnerability.patch index 85c86a7..c49fd40 100644 --- a/evolution-data-server-1.10.1-apop-auth-vulnerability.patch +++ b/evolution-data-server-1.10.1-apop-auth-vulnerability.patch @@ -1,5 +1,5 @@ --- evolution-data-server-1.10.1/camel/providers/pop3/camel-pop3-store.c.apop-auth-vulnerability 2007-04-09 08:42:37.000000000 -0400 -+++ evolution-data-server-1.10.1/camel/providers/pop3/camel-pop3-store.c 2007-04-24 16:12:28.000000000 -0400 ++++ evolution-data-server-1.10.1/camel/providers/pop3/camel-pop3-store.c 2007-04-30 16:42:12.000000000 -0400 @@ -34,6 +34,7 @@ #include #include @@ -8,25 +8,26 @@ #include "camel-operation.h" -@@ -489,6 +490,21 @@ +@@ -489,7 +490,21 @@ } else if (strcmp(service->url->authmech, "+APOP") == 0 && store->engine->apop) { char *secret, md5asc[33], *d; unsigned char md5sum[16], *s; +- + + d = store->engine->apop; + + while (*d != '\0') { + if (!isascii((int)*d)) { ++ + camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_URL_INVALID, -+ _("Unable to connect to POP server %s: " -+ "Invalid APOP ID received. Impersonation attack " -+ "suspected. Please contact your admin."), ++ _("Unable to connect to POP server %s: "), + CAMEL_SERVICE (store)->url->host); + + return FALSE; + } + d++; + } - ++ secret = g_alloca(strlen(store->engine->apop)+strlen(service->url->passwd)+1); sprintf(secret, "%s%s", store->engine->apop, service->url->passwd); + md5_get_digest(secret, strlen (secret), md5sum); diff --git a/evolution-data-server.spec b/evolution-data-server.spec index 8c3726a..ca8ea92 100644 --- a/evolution-data-server.spec +++ b/evolution-data-server.spec @@ -26,7 +26,7 @@ Name: evolution-data-server Version: 1.10.1 -Release: 2%{?dist} +Release: 3%{?dist} License: LGPL Group: System Environment/Libraries Summary: Backend data server for Evolution @@ -392,6 +392,9 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/pkgconfig/libexchange-storage-%{eds_api_version}.pc %changelog +* Mon Apr 30 2007 Matthew Barnes - 1.10.1-3.fc7 +- Revise patch for RH bug #235290 to not break string freeze. + * Tue Apr 24 2007 Matthew Barnes - 1.10.1-2.fc7 - Add patch for RH bug #235290 (APOP authentication vulnerability).