diff options
| author | bsiegert <bsiegert@pkgsrc.org> | 2020-05-15 16:38:30 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert@pkgsrc.org> | 2020-05-15 16:38:30 +0000 |
| commit | 56653c6eb3093ccea01fcb95ef18b195e1218888 (patch) | |
| tree | beb4a38dc47b1ada21aa320c832cea3e199a81ab | |
| parent | 4fb56a106e1696835296a73a4307b0270ee8f4b4 (diff) | |
| download | pkgsrc-56653c6eb3093ccea01fcb95ef18b195e1218888.tar.gz | |
Pullup ticket #6196 - requested by nia
security/cyrus-sasl: security fix
Revisions pulled up:
- security/cyrus-sasl/Makefile 1.77
- security/cyrus-sasl/distinfo 1.38
- security/cyrus-sasl/patches/patch-CVE-2019-19906 1.1
---
Module Name: pkgsrc
Committed By: nia
Date: Thu May 14 14:27:32 UTC 2020
Modified Files:
pkgsrc/security/cyrus-sasl: Makefile distinfo
Added Files:
pkgsrc/security/cyrus-sasl/patches: patch-CVE-2019-19906
Log Message:
cyrus-sasl: Fix CVE-2019-19906
| -rw-r--r-- | security/cyrus-sasl/Makefile | 3 | ||||
| -rw-r--r-- | security/cyrus-sasl/distinfo | 3 | ||||
| -rw-r--r-- | security/cyrus-sasl/patches/patch-CVE-2019-19906 | 15 |
3 files changed, 19 insertions, 2 deletions
diff --git a/security/cyrus-sasl/Makefile b/security/cyrus-sasl/Makefile index dfd5b5481b9..e4a91115794 100644 --- a/security/cyrus-sasl/Makefile +++ b/security/cyrus-sasl/Makefile @@ -1,5 +1,6 @@ -# $NetBSD: Makefile,v 1.76 2019/11/04 21:12:52 rillig Exp $ +# $NetBSD: Makefile,v 1.76.2.1 2020/05/15 16:38:30 bsiegert Exp $ +PKGREVISION= 1 COMMENT= Simple Authentication and Security Layer .include "Makefile.common" diff --git a/security/cyrus-sasl/distinfo b/security/cyrus-sasl/distinfo index 7d460f0823b..0a1beb80e6d 100644 --- a/security/cyrus-sasl/distinfo +++ b/security/cyrus-sasl/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.37 2019/07/09 11:55:56 jperkin Exp $ +$NetBSD: distinfo,v 1.37.4.1 2020/05/15 16:38:30 bsiegert Exp $ SHA1 (cyrus-sasl-2.1.27-rc7.tar.gz) = d4b72782975be980cc46ac9ccf176b8307bfcf67 RMD160 (cyrus-sasl-2.1.27-rc7.tar.gz) = 6679c7b887f73da50a314dba97f676848d067684 @@ -8,6 +8,7 @@ SHA1 (cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2) = 7fef4cda07 RMD160 (cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2) = c42b1b5c0b6c7322001fd506c44320a7f6eeee80 SHA512 (cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2) = 08964bc3ad713e137b8f05f9bac345d79676d14784bc37525f195e8e2a3e6740428237b64f7eeeacc0c71ed6cf1664c6e9c2267ac6df327761d92174a1853744 Size (cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2) = 3836 bytes +SHA1 (patch-CVE-2019-19906) = 752de2053696f13de098267f8605b4b7afb24a6c SHA1 (patch-common_crypto-compat) = ad8575c62648aba83983172ec8fef08d2c9f537e SHA1 (patch-configure) = 1afa4777f2cc2a24bb526fab9fb6d9265677fb9f SHA1 (patch-plugins_otp.c) = 1dd8763d5b14c2f2462349ce5f73353ae70313fa diff --git a/security/cyrus-sasl/patches/patch-CVE-2019-19906 b/security/cyrus-sasl/patches/patch-CVE-2019-19906 new file mode 100644 index 00000000000..d19eab4e608 --- /dev/null +++ b/security/cyrus-sasl/patches/patch-CVE-2019-19906 @@ -0,0 +1,15 @@ +$NetBSD: patch-CVE-2019-19906,v 1.1.2.2 2020/05/15 16:38:30 bsiegert Exp $ + +https://github.com/cyrusimap/cyrus-sasl/commit/dcc9f51cbd4ed622cfb0f9b1c141eb2ffe3b12f1.patch + +--- lib/common.c.orig 2018-01-19 14:13:40.000000000 +0000 ++++ lib/common.c +@@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t + + if (add==NULL) add = "(null)"; + +- addlen=strlen(add); /* only compute once */ ++ addlen=strlen(add)+1; /* only compute once */ + if (_buf_alloc(out, alloclen, (*outlen)+addlen)!=SASL_OK) + return SASL_NOMEM; + |