rpms/dovecot/F-8 dovecot-1.0.15-cve_2008_4577.patch, NONE, 1.1 dovecot.spec, 1.103, 1.104

Michal Hlavinka mhlavink at fedoraproject.org
Wed Oct 29 08:00:10 UTC 2008


Author: mhlavink

Update of /cvs/extras/rpms/dovecot/F-8
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv16472

Modified Files:
	dovecot.spec 
Added Files:
	dovecot-1.0.15-cve_2008_4577.patch 
Log Message:
fix handling of negative rights in the ACL plugin (Resolves: CVE-2008-4577)


dovecot-1.0.15-cve_2008_4577.patch:

--- NEW FILE dovecot-1.0.15-cve_2008_4577.patch ---
diff -up dovecot-1.0.15/src/plugins/acl/acl-cache.c.cve_2008_4577 dovecot-1.0.15/src/plugins/acl/acl-cache.c
--- dovecot-1.0.15/src/plugins/acl/acl-cache.c.cve_2008_4577	2008-10-29 08:53:23.872610374 +0100
+++ dovecot-1.0.15/src/plugins/acl/acl-cache.c	2008-10-29 08:53:23.873610244 +0100
@@ -375,10 +375,8 @@ acl_cache_my_current_rights_recalculate(
 			   rights. */
 			right_size = obj_cache->my_neg_rights[i]->size;
 			p = buffer_get_space_unsafe(bitmask, 0, right_size);
-			for (j = 0; j < right_size; j++) {
-				p[j] |=
-					obj_cache->my_neg_rights[i]->mask[j];
-			}
+			for (j = 0; j < right_size; j++)
+				p[j] &= ~obj_cache->my_neg_rights[i]->mask[j];
 		}
 	}
 


Index: dovecot.spec
===================================================================
RCS file: /cvs/extras/rpms/dovecot/F-8/dovecot.spec,v
retrieving revision 1.103
retrieving revision 1.104
diff -u -r1.103 -r1.104
--- dovecot.spec	14 Aug 2008 09:06:00 -0000	1.103
+++ dovecot.spec	29 Oct 2008 07:59:40 -0000	1.104
@@ -1,7 +1,7 @@
 %define upstream 1.0.15
 %define sieve_upstream 1.0.3
 %define pkg_version 1.0.15
-%define my_release 13
+%define my_release 14
 %define pkg_release %{my_release}%{?dist}
 %define pkg_sieve_version 1.0.3
 %define pkg_sieve_release %{my_release}%{?dist}
@@ -39,6 +39,7 @@
 Patch105: dovecot-1.0.rc7-mkcert-paths.patch
 Patch106: dovecot-1.0.rc27-quota-warning.patch
 Patch107: dovecot-1.0-default-settings-passwd.patch
+Patch108: dovecot-1.0.15-cve_2008_4577.patch
 Patch200: dovecot-1.0.rc32-split.patch
 
 # XXX this patch needs review and forward porting
@@ -183,6 +184,7 @@
 #%patch107 -p1 -b .unicodedata
 %patch106 -p1 -b .quota-warning
 %patch107 -p1 -b .passwd
+%patch108 -p1 -b .cve_2008_4577
 %patch200 -p1 -b .split
 #%patch200 -p1 -b .%{dovecot_hg}
 %patch1000 -p1 -b .winbind
@@ -438,6 +440,9 @@
 
 
 %changelog
+* Wed Oct 29 2008 Michal Hlavinka <mhlavink at redhat.com> - 1:1.0.15-14
+- fix handling of negative rights in the ACL plugin (Resolves: CVE-2008-4577)
+
 * Thu Aug 14 2008 Dan Horak <dan[at]danny.cz> - 1:1.0.15-13
 - add missing defattr into subpackages
 - remove unused patches from CVS




More information about the fedora-extras-commits mailing list