fix CVE-2015-3420 CVE-2016-8652
This commit is contained in:
gu-gu-gu
parent
b2a7ca6e05
commit
72d3f1c94f
11
CVE-2015-3420.patch
Normal file
11
CVE-2015-3420.patch
Normal file
@ -0,0 +1,11 @@
|
||||
diff -r 27ee6a472555 src/lib/strnum.h
|
||||
--- a/src/lib/strnum.h Tue Dec 08 15:47:28 2015 +0200
|
||||
+++ b/src/lib/strnum.h Wed Dec 09 10:54:49 2015 +0200
|
||||
@@ -169,6 +169,7 @@
|
||||
int str_parse_uoff(const char *str, uoff_t *num_r,
|
||||
const char **endp_r) ATTR_WARN_UNUSED_RESULT ATTR_NULL(3);
|
||||
|
||||
+#define str_to_time str_to_time_no_collision
|
||||
int str_to_time(const char *str, time_t *num_r)
|
||||
ATTR_WARN_UNUSED_RESULT;
|
||||
|
||||
27
CVE-2016-8652.patch
Normal file
27
CVE-2016-8652.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From 1f2c35da2b96905bec6e45f88af0f33ee63789e6 Mon Sep 17 00:00:00 2001
|
||||
From: Aki Tuomi <aki.tuomi@dovecot.fi>
|
||||
Date: Wed, 23 Nov 2016 13:16:19 +0200
|
||||
Subject: [PATCH] auth: Fix auth-policy crash when username is NULL
|
||||
|
||||
If SASL request is invalid, or incomplete, and username
|
||||
is left NULL, handle it gracefully by adding just
|
||||
NUL byte in auth policy digest for username.
|
||||
---
|
||||
src/auth/auth-policy.c | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff -Nur dovecot-2.3.3_old/src/auth/auth-policy.c dovecot-2.3.3/src/auth/auth-policy.c
|
||||
--- dovecot-2.3.3_old/src/auth/auth-policy.c 2020-03-16 17:38:38.308283675 +0800
|
||||
+++ dovecot-2.3.3/src/auth/auth-policy.c 2020-03-16 17:42:41.873103352 +0800
|
||||
@@ -466,7 +466,10 @@
|
||||
else
|
||||
requested_username = "";
|
||||
/* use +1 to make sure \0 gets included */
|
||||
- digest->loop(ctx, requested_username, strlen(requested_username)+1);
|
||||
+ if (context->request->user == NULL)
|
||||
+ digest->loop(ctx, "\0", 1);
|
||||
+ else
|
||||
+ digest->loop(ctx, context->request->user, strlen(context->request->user) + 1);
|
||||
if (password != NULL)
|
||||
digest->loop(ctx, password, strlen(password));
|
||||
ptr = buffer_get_modifiable_data(buffer, NULL);
|
||||
10
dovecot.spec
10
dovecot.spec
@ -6,7 +6,7 @@
|
||||
|
||||
Name: dovecot
|
||||
Version: 2.3.3
|
||||
Release: 4
|
||||
Release: 5
|
||||
Summary: Dovecot Secure imap server
|
||||
License: MIT and LGPLv2
|
||||
URL: http://www.dovecot.org/
|
||||
@ -28,6 +28,8 @@ Patch6005: CVE-2019-10691.patch
|
||||
Patch6006: CVE-2019-11494-1.patch
|
||||
Patch6007: CVE-2019-11494-2.patch
|
||||
Patch6008: CVE-2019-11499.patch
|
||||
Patch6009: CVE-2015-3420.patch
|
||||
Patch6010: CVE-2016-8652.patch
|
||||
|
||||
BuildRequires: gcc-c++ openssl-devel pam-devel zlib-devel bzip2-devel libcap-devel
|
||||
BuildRequires: libtool autoconf automake pkgconfig sqlite-devel libpq-devel
|
||||
@ -278,5 +280,11 @@ make check
|
||||
|
||||
|
||||
%changelog
|
||||
* Sun Mar 16 2020 gulining<gulining1@huawei.com> - 2.3.3-5
|
||||
- Type:cves
|
||||
- ID:CVE-2015-3420 CVE-2016-8652
|
||||
- SUG:restart
|
||||
- DESC:fix CVE-2015-3420 CVE-2016-8652
|
||||
|
||||
* Mon Dec 2 2019 wangzhishun <wangzhishun1@huawei.com> - 2.3.3-4
|
||||
- Package init
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user