diff options
Diffstat (limited to 'net-libs/libetpan/files')
| -rw-r--r-- | net-libs/libetpan/files/libetpan-1.9.3-missing-stddev_h.patch | 30 | ||||
| -rw-r--r-- | net-libs/libetpan/files/libetpan-1.9.4-CVE-2020-15953.patch | 86 |
2 files changed, 86 insertions, 30 deletions
diff --git a/net-libs/libetpan/files/libetpan-1.9.3-missing-stddev_h.patch b/net-libs/libetpan/files/libetpan-1.9.3-missing-stddev_h.patch deleted file mode 100644 index 9d53f90190b0..000000000000 --- a/net-libs/libetpan/files/libetpan-1.9.3-missing-stddev_h.patch +++ /dev/null @@ -1,30 +0,0 @@ -commit da9fd7839c9affea48f74a159a789fbb183b4be1 -Author: maxice8 <30738253+maxice8@users.noreply.github.com> -Date: Fri Feb 1 01:58:08 2019 -0200 - - add missing stddef.h include for 'NULL' (#322) - - clientid.c: In function 'mailimap_clientid': - clientid.c:66:38: error: 'NULL' undeclared (first use in this function) - if (mailimap_read_line(session) == NULL) - ^~~~ - clientid.c:66:38: note: 'NULL' is defined in header '<stddef.h>'; did you forget to '#include <stddef.h>'? - clientid.c:39:1: - +#include <stddef.h> - - clientid.c:66:38: - if (mailimap_read_line(session) == NULL) - -diff --git a/src/low-level/imap/clientid.c b/src/low-level/imap/clientid.c -index 1c34637..38880dd 100644 ---- a/src/low-level/imap/clientid.c -+++ b/src/low-level/imap/clientid.c -@@ -33,6 +33,8 @@ - # include <config.h> - #endif - -+#include <stdlib.h> -+ - #include "mailimap_sender.h" - #include "clientid_sender.h" - #include "clientid.h" diff --git a/net-libs/libetpan/files/libetpan-1.9.4-CVE-2020-15953.patch b/net-libs/libetpan/files/libetpan-1.9.4-CVE-2020-15953.patch new file mode 100644 index 000000000000..19e573569fad --- /dev/null +++ b/net-libs/libetpan/files/libetpan-1.9.4-CVE-2020-15953.patch @@ -0,0 +1,86 @@ +From 1002a0121a8f5a9aee25357769807f2c519fa50b Mon Sep 17 00:00:00 2001 +From: Damian Poddebniak <duesee@users.noreply.github.com> +Date: Fri, 24 Jul 2020 19:39:53 +0200 +Subject: [PATCH 1/2] Detect extra data after STARTTLS response and exit (#387) + +--- + src/low-level/imap/mailimap.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/low-level/imap/mailimap.c b/src/low-level/imap/mailimap.c +index bb17119..4ffcf55 100644 +--- a/src/low-level/imap/mailimap.c ++++ b/src/low-level/imap/mailimap.c +@@ -2428,6 +2428,13 @@ int mailimap_starttls(mailimap * session) + + mailimap_response_free(response); + ++ // Detect if the server send extra data after the STARTTLS response. ++ // This *may* be a "response injection attack". ++ if (session->imap_stream->read_buffer_len != 0) { ++ // Since it is also an IMAP protocol violation, exit. ++ return MAILIMAP_ERROR_STARTTLS; ++ } ++ + switch (error_code) { + case MAILIMAP_RESP_COND_STATE_OK: + return MAILIMAP_NO_ERROR; +-- +2.28.0 + + +From 298460a2adaabd2f28f417a0f106cb3b68d27df9 Mon Sep 17 00:00:00 2001 +From: Fabian Ising <Murgeye@users.noreply.github.com> +Date: Fri, 24 Jul 2020 19:40:48 +0200 +Subject: [PATCH 2/2] Detect extra data after STARTTLS responses in SMTP and + POP3 and exit (#388) + +* Detect extra data after STLS response and return error + +* Detect extra data after SMTP STARTTLS response and return error +--- + src/low-level/pop3/mailpop3.c | 8 ++++++++ + src/low-level/smtp/mailsmtp.c | 8 ++++++++ + 2 files changed, 16 insertions(+) + +diff --git a/src/low-level/pop3/mailpop3.c b/src/low-level/pop3/mailpop3.c +index ab9535b..e2124bf 100644 +--- a/src/low-level/pop3/mailpop3.c ++++ b/src/low-level/pop3/mailpop3.c +@@ -959,6 +959,14 @@ int mailpop3_stls(mailpop3 * f) + + if (r != RESPONSE_OK) + return MAILPOP3_ERROR_STLS_NOT_SUPPORTED; ++ ++ // Detect if the server send extra data after the STLS response. ++ // This *may* be a "response injection attack". ++ if (f->pop3_stream->read_buffer_len != 0) { ++ // Since it is also protocol violation, exit. ++ // There is no error type for STARTTLS errors in POP3 ++ return MAILPOP3_ERROR_SSL; ++ } + + return MAILPOP3_NO_ERROR; + } +diff --git a/src/low-level/smtp/mailsmtp.c b/src/low-level/smtp/mailsmtp.c +index b7fc459..3145cad 100644 +--- a/src/low-level/smtp/mailsmtp.c ++++ b/src/low-level/smtp/mailsmtp.c +@@ -1111,6 +1111,14 @@ int mailesmtp_starttls(mailsmtp * session) + return MAILSMTP_ERROR_STREAM; + r = read_response(session); + ++ // Detect if the server send extra data after the STARTTLS response. ++ // This *may* be a "response injection attack". ++ if (session->stream->read_buffer_len != 0) { ++ // Since it is also protocol violation, exit. ++ // There is no general error type for STARTTLS errors in SMTP ++ return MAILSMTP_ERROR_SSL; ++ } ++ + switch (r) { + case 220: + return MAILSMTP_NO_ERROR; +-- +2.28.0 + |