[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

rpms/evolution-data-server/FC-5 evolution-data-server-1.6.3-apop-auth-vulnerability.patch, NONE, 1.1 evolution-data-server.spec, 1.94, 1.95



Author: mbarnes

Update of /cvs/dist/rpms/evolution-data-server/FC-5
In directory cvs.devel.redhat.com:/tmp/cvs-serv24953

Modified Files:
	evolution-data-server.spec 
Added Files:
	evolution-data-server-1.6.3-apop-auth-vulnerability.patch 
Log Message:

* Tue Apr 24 2007 Matthew Barnes <mbarnes redhat com> - 1.6.3-3.fc5
- Add patch for RH bug #235290 (APOP authentication vulnerability).


evolution-data-server-1.6.3-apop-auth-vulnerability.patch:
 camel-pop3-store.c |   16 ++++++++++++++++
 1 files changed, 16 insertions(+)

--- NEW FILE evolution-data-server-1.6.3-apop-auth-vulnerability.patch ---
--- evolution-data-server-1.6.3/camel/providers/pop3/camel-pop3-store.c.apop-auth-vulnerability	2006-05-03 09:59:27.000000000 -0400
+++ evolution-data-server-1.6.3/camel/providers/pop3/camel-pop3-store.c	2007-04-24 16:05:15.000000000 -0400
@@ -34,6 +34,7 @@
 #include <string.h>
 #include <unistd.h>
 #include <errno.h>
+#include <ctype.h>
 
 #include "camel-operation.h"
 
@@ -485,6 +486,21 @@
 	} else if (strcmp(service->url->authmech, "+APOP") == 0 && store->engine->apop) {
 		char *secret, md5asc[33], *d;
 		unsigned char md5sum[16], *s;
+
+		d = store->engine->apop;
+
+		while (*d != '\0') {
+			if (!isascii((int)*d)) {
+				camel_exception_setv (ex, CAMEL_EXCEPTION_SERVICE_URL_INVALID,
+						_("Unable to connect to POP server %s: "
+						"Invalid APOP ID received. Impersonation attack "
+						"suspected. Please contact your admin."),
+						CAMEL_SERVICE (store)->url->host);
+
+				return FALSE;
+			}
+			d++;
+		}
 		
 		secret = g_alloca(strlen(store->engine->apop)+strlen(service->url->passwd)+1);
 		sprintf(secret, "%s%s",  store->engine->apop, service->url->passwd);


Index: evolution-data-server.spec
===================================================================
RCS file: /cvs/dist/rpms/evolution-data-server/FC-5/evolution-data-server.spec,v
retrieving revision 1.94
retrieving revision 1.95
diff -u -r1.94 -r1.95
--- evolution-data-server.spec	6 Mar 2007 19:38:05 -0000	1.94
+++ evolution-data-server.spec	24 Apr 2007 20:08:09 -0000	1.95
@@ -22,7 +22,7 @@
 
 Name: evolution-data-server
 Version: 1.6.3
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: LGPL
 Group: System Environment/Libraries
 Summary: Backend data server for evolution
@@ -42,6 +42,9 @@
 # GNOME bug #301363
 Patch16: evolution-data-server-1.6.3-updated-zoneinfo.patch
 
+# RH bug #235290 / GNOME bug #424373
+Patch17: evolution-data-server-1.6.3-apop-auth-vulnerability.patch
+
 ### Dependencies ###
 
 Requires: GConf2
@@ -123,6 +126,7 @@
 %patch14 -p1 -b .validatehelo
 %patch15 -p1 -b .make_imap4_optional
 %patch16 -p1 -b .updated-zoneinfo
+%patch17 -p1 -b .apop-auth-vulnerability
 
 mkdir -p krb5-fakeprefix/include
 mkdir -p krb5-fakeprefix/lib
@@ -323,6 +327,9 @@
 
 
 %changelog
+* Tue Apr 24 2007 Matthew Barnes <mbarnes redhat com> - 1.6.3-3.fc5
+- Add patch for RH bug #235290 (APOP authentication vulnerability).
+
 * Tue Mar 06 2007 Matthew Barnes <mbarnes redhat com> - 1.6.3-2.fc5
 - Add patch for GNOME bug #301363 (update timezones).
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]