[Frugalware-darcs] frugalware-current: evolution-data-server-1.10.2-2-x86_64

Christian Hamar alias krix krics at linuxforum.hu
Fri Jun 29 19:32:03 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-current;a=darcs_commitdiff;h=20070629173043-d209c-58caeb38d22edac27af7ba714d2b608b1f85bd66.gz;

[evolution-data-server-1.10.2-2-x86_64
Christian Hamar alias krix <krics at linuxforum.hu>**20070629173043
   * Upload the patch
 
] {
addfile ./source/gnome/evolution-data-server/SA25766-secfix.patch
hunk ./source/gnome/evolution-data-server/SA25766-secfix.patch 1
+diff -Naur evolution-data-server-1.10.2.orig/camel/ChangeLog evolution-data-server-1.10.2/camel/ChangeLog
+--- evolution-data-server-1.10.2.orig/camel/ChangeLog	2007-05-28 07:11:49.000000000 +0200
++++ evolution-data-server-1.10.2/camel/ChangeLog	2007-06-29 19:15:29.000000000 +0200
+@@ -1,3 +1,9 @@
++2007-06-14  Philip Van Hoof  <pvanhoof at gnome.org>
++ 
++       * camel-imap-folder.c: Security bugfix. The sequence can be a negative
++       value while it is being used as the index of an array (#447414)
++ 
++
+ 2007-05-28  Srinivasa Ragavan  <sragavan at novell.com>
+ 
+ 	** Fix for bug #322105
+diff -Naur evolution-data-server-1.10.2.orig/camel/providers/imap/camel-imap-folder.c evolution-data-server-1.10.2/camel/providers/imap/camel-imap-folder.c
+--- evolution-data-server-1.10.2.orig/camel/providers/imap/camel-imap-folder.c	2007-04-09 14:42:39.000000000 +0200
++++ evolution-data-server-1.10.2/camel/providers/imap/camel-imap-folder.c	2007-06-29 19:14:45.000000000 +0200
+@@ -655,7 +655,7 @@
+ 		uid = g_datalist_get_data (&data, "UID");
+ 		flags = GPOINTER_TO_UINT (g_datalist_get_data (&data, "FLAGS"));
+ 		
+-		if (!uid || !seq || seq > summary_len) {
++		if (!uid || !seq || seq > summary_len || seq < 0) {
+ 			g_datalist_clear (&data);
+ 			continue;
+ 		}
+@@ -2789,7 +2789,7 @@
+ 		
+ 		if (*response != '*' || *(response + 1) != ' ')
+ 			return NULL;
+-		seq = strtol (response + 2, &response, 10);
++		seq = strtoul (response + 2, &response, 10);
+ 		if (seq == 0)
+ 			return NULL;
+ 		if (g_ascii_strncasecmp (response, " FETCH (", 8) != 0)
}


More information about the Frugalware-darcs mailing list