Date: Mon, 25 Jun 2007 19:12:00 +0800 From: LI Xin <delphij@delphij.net> To: mezz@FreeBSD.org, gnome@FreeBSD.org Subject: [SECURITY] [Fwd: [ports] cvs commit: ports/security/vuxml vuln.xml] Message-ID: <467FA300.9090709@delphij.net>
next in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig9CA63D55D717CA5A31C753EE Content-Type: multipart/mixed; boundary="------------010204040503080102030004" This is a multi-part message in MIME format. --------------010204040503080102030004 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable FYI. The patch is from: http://svn.gnome.org/viewcvs/evolution-data-server/trunk/camel/providers/= imap/camel-imap-folder.c?view=3Dpatch&r1=3D7817&r2=3D7816&pathrev=3D7817 Cheers, --=20 Xin LI <delphij@delphij.net> http://www.delphij.net/ FreeBSD - The Power to Serve! --------------010204040503080102030004 Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0"; name="patch-SECURITY-CVE-2007-3257" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline; filename="patch-SECURITY-CVE-2007-3257" Index: Makefile =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/ports/databases/evolution-data-server/Makefile,v retrieving revision 1.35 diff -u -p -r1.35 Makefile --- Makefile 29 May 2007 03:06:03 -0000 1.35 +++ Makefile 25 Jun 2007 11:09:02 -0000 @@ -8,6 +8,7 @@ =20 PORTNAME=3D evolution-data-server PORTVERSION=3D 1.10.2 +PORTREVISION=3D 1 CATEGORIES=3D databases gnome MASTER_SITES=3D ${MASTER_SITE_GNOME} MASTER_SITE_SUBDIR=3D sources/${PORTNAME}/${PORTVERSION:C/^([0-9]+\.[0-9= ]+).*/\1/} Index: files/patch-CVE-2007-3257 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: files/patch-CVE-2007-3257 diff -N files/patch-CVE-2007-3257 --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/patch-CVE-2007-3257 25 Jun 2007 11:06:27 -0000 @@ -0,0 +1,20 @@ +--- camel/providers/imap/camel-imap-folder.c.orig 2007-06-25 19:05:09.44= 5434798 +0800 ++++ camel/providers/imap/camel-imap-folder.c 2007-06-25 19:05:40.4546073= 58 +0800 +@@ -655,7 +655,7 @@ + uid =3D g_datalist_get_data (&data, "UID"); + flags =3D GPOINTER_TO_UINT (g_datalist_get_data (&data, "FLAGS")); + =09 +- if (!uid || !seq || seq > summary_len) { ++ if (!uid || !seq || seq > summary_len || seq < 0) { + g_datalist_clear (&data); + continue; + } +@@ -2789,7 +2789,7 @@ + =09 + if (*response !=3D '*' || *(response + 1) !=3D ' ') + return NULL; +- seq =3D strtol (response + 2, &response, 10); ++ seq =3D strtoul (response + 2, &response, 10); + if (seq =3D=3D 0) + return NULL; + if (g_ascii_strncasecmp (response, " FETCH (", 8) !=3D 0) --------------010204040503080102030004 Content-Type: message/rfc822; name="[ports] cvs commit: ports/security/vuxml vuln.xml.eml" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename*0="[ports] cvs commit: ports/security/vuxml vuln.xml.eml" Return-Path: <delphij@FreeBSD.ORG> Received: from tarsier.geekcn.org ([unix socket]) by mail.geekcn.org (Cyrus v2.3.8) with LMTPA; Mon, 25 Jun 2007 18:58:16 +0800 X-Sieve: CMU Sieve 2.3 Received: from localhost (tarsier.geekcn.org [210.51.165.229]) by tarsier.geekcn.org (Postfix) with ESMTP id 96EC6EB29AD for <delphij@delphij.net>; Mon, 25 Jun 2007 18:58:14 +0800 (CST) X-Virus-Scanned: amavisd-new at geekcn.org Received: from tarsier.geekcn.org ([210.51.165.229]) by localhost (mail.geekcn.org [210.51.165.229]) (amavisd-new, port 10024) with ESMTP id jMOzSvdxw3EH for <delphij@delphij.net>; Mon, 25 Jun 2007 18:58:09 +0800 (CST) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by tarsier.geekcn.org (Postfix) with ESMTP id 974C2EB265D for <delphij@delphij.net>; Mon, 25 Jun 2007 18:58:06 +0800 (CST) Authentication-Results: tarsier.geekcn.org from=delphij@FreeBSD.ORG; sender-id=softfail; spf=softfail Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by fledge.watson.org (8.13.8/8.13.8) with ESMTP id l5PAw4ME045878 for <delphij@watson.org>; Mon, 25 Jun 2007 06:58:04 -0400 (EDT) (envelope-from delphij@FreeBSD.ORG) Received: from mx2.freebsd.org (mx2.freebsd.org [69.147.83.53]) by cyrus.watson.org (Postfix) with ESMTP id D92D648605 for <delphij@watson.org>; Mon, 25 Jun 2007 06:58:04 -0400 (EDT) Received: from hub.freebsd.org (hub.freebsd.org [69.147.83.54]) by mx2.freebsd.org (Postfix) with ESMTP id 2A19619C74 for <delphij@watson.org>; Mon, 25 Jun 2007 10:57:58 +0000 (UTC) (envelope-from delphij@FreeBSD.ORG) Received: by hub.freebsd.org (Postfix, from userid 1035) id 31AE516A526; Mon, 25 Jun 2007 10:57:57 +0000 (UTC) X-Original-To: delphij Delivered-To: delphij@FreeBSD.ORG Received: by hub.freebsd.org (Postfix, from userid 217) id CD7FD16A568; Mon, 25 Jun 2007 10:57:56 +0000 (UTC) From: Xin LI <delphij@FreeBSD.ORG> Subject: [ports] cvs commit: ports/security/vuxml vuln.xml In-Reply-To: <200706251057.l5PAvrRZ021518@repoman.freebsd.org> To: delphij@FreeBSD.ORG Message-Id: <20070625105756.CD7FD16A568@hub.freebsd.org> Date: Mon, 25 Jun 2007 10:57:56 +0000 (UTC) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (fledge.watson.org [209.31.154.41]); Mon, 25 Jun 2007 11:58:05 +0100 (BST) delphij 2007-06-25 10:57:52 UTC FreeBSD ports repository Modified files: security/vuxml vuln.xml Log: Document evolution-data-server remote arbitrary code execution vulnerability. Fix at: Evolution SVN changeset 7817 (#447414) Revision Changes Path 1.1354 +31 -1 ports/security/vuxml/vuln.xml _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org" Index: ports/security/vuxml/vuln.xml diff -u ports/security/vuxml/vuln.xml:1.1353 ports/security/vuxml/vuln.xml:1.1354 --- ports/security/vuxml/vuln.xml:1.1353 Sun Jun 24 11:34:12 2007 +++ ports/security/vuxml/vuln.xml Mon Jun 25 10:57:52 2007 @@ -34,6 +34,36 @@ --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="b1b5c125-2308-11dc-b91a-001921ab2fa4"> + <topic>evolution-data-server -- remote execution of arbitrary code vulnerability</topic> + <affects> + <package> + <name>evolution-data-server</name> + <range><lt>1.11.4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Debian project reports:</p> + <blockquote cite="http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00082.html">; + <p>It was discovered that the IMAP code in the Evolution + Data Server performs insufficient sanitising of a value + later used an array index, which can lead to the execution + of arbitrary code.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2007-3257</cvename> + <url>http://secunia.com/advisories/25766/</url>; + <url>http://bugzilla.gnome.org/show_bug.cgi?id=447414</url>; + </references> + <dates> + <discovery>2007-06-23</discovery> + <entry>2007-06-25</entry> + </dates> + </vuln> + <vuln vid="d337b206-200f-11dc-a197-0011098b2f36"> <topic>xpcd -- buffer overflow</topic> <affects> --------------010204040503080102030004-- --------------enig9CA63D55D717CA5A31C753EE Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGf6MBOfuToMruuMARCkq1AJ4zcSAQg+xebb+69Q7CUcBV25lB+ACfXBL8 YtxcYhq/aK4xC9TnD1NNnlM= =qsZT -----END PGP SIGNATURE----- --------------enig9CA63D55D717CA5A31C753EE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?467FA300.9090709>