diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2018-03-29 16:53:27 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2018-03-29 16:53:27 +0100 |
commit | 1173ad5704ce725916e0c332416aff326d850d06 (patch) | |
tree | d48d60977ce19864893dfb2222bf2982ffb4262a /net-mail/dovecot/files | |
parent | 8c364c784966be1700ea39ae45028f3e9be9cae0 (diff) |
gentoo resync : 29.03.2018
Diffstat (limited to 'net-mail/dovecot/files')
-rw-r--r-- | net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132-fixup.patch | 37 | ||||
-rw-r--r-- | net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132.patch | 14 |
2 files changed, 0 insertions, 51 deletions
diff --git a/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132-fixup.patch b/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132-fixup.patch deleted file mode 100644 index c30acf1fd6eb..000000000000 --- a/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132-fixup.patch +++ /dev/null @@ -1,37 +0,0 @@ -Upstream: https://github.com/dovecot/core/commit/a9b135760aea6d1790d447d351c56b78889dac22 - -Link: http://seclists.org/oss-sec/2018/q1/119 - ---- a/src/lib-auth/auth-client-request.c -+++ b/src/lib-auth/auth-client-request.c -@@ -186,6 +186,8 @@ void auth_client_request_abort(struct auth_client_request **_request) - - auth_client_send_cancel(request->conn->client, request->id); - call_callback(request, AUTH_REQUEST_STATUS_ABORT, NULL, NULL); -+ /* remove the request */ -+ auth_server_connection_remove_request(request->conn, request->id); - pool_unref(&request->pool); - } - ---- a/src/lib-auth/auth-server-connection.c -+++ b/src/lib-auth/auth-server-connection.c -@@ -483,3 +483,10 @@ auth_server_connection_add_request(struct auth_server_connection *conn, - hash_table_insert(conn->requests, POINTER_CAST(id), request); - return id; - } -+ -+void auth_server_connection_remove_request(struct auth_server_connection *conn, -+ unsigned int id) -+{ -+ i_assert(conn->handshake_received); -+ hash_table_remove(conn->requests, POINTER_CAST(id)); -+} ---- a/src/lib-auth/auth-server-connection.h -+++ b/src/lib-auth/auth-server-connection.h -@@ -40,4 +40,6 @@ void auth_server_connection_disconnect(struct auth_server_connection *conn, - unsigned int - auth_server_connection_add_request(struct auth_server_connection *conn, - struct auth_client_request *request); -+void auth_server_connection_remove_request(struct auth_server_connection *conn, -+ unsigned int id); - #endif diff --git a/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132.patch b/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132.patch deleted file mode 100644 index 3f87e71b559a..000000000000 --- a/net-mail/dovecot/files/dovecot-2.2.33.2-CVE-2017-15132.patch +++ /dev/null @@ -1,14 +0,0 @@ -CVE-2017-15132: dovecot: auth client leaks memory if SASL authentication is aborted. - -https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060 - ---- a/src/lib-auth/auth-client-request.c -+++ b/src/lib-auth/auth-client-request.c -@@ -186,6 +186,7 @@ void auth_client_request_abort(struct auth_client_request **_request) - - auth_client_send_cancel(request->conn->client, request->id); - call_callback(request, AUTH_REQUEST_STATUS_ABORT, NULL, NULL); -+ pool_unref(&request->pool); - } - - unsigned int auth_client_request_get_id(struct auth_client_request *request) |