rpms/linuxdcpp/F-9 linuxdcpp-CVE-2008-2953.patch, NONE, 1.1 linuxdcpp-CVE-2008-2954.patch, NONE, 1.1 linuxdcpp.spec, 1.5, 1.6

Marcin Garski (mgarski) fedora-extras-commits at redhat.com
Wed Jul 2 11:50:33 UTC 2008 

Author: mgarski

Update of /cvs/pkgs/rpms/linuxdcpp/F-9
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23973

Modified Files:
	linuxdcpp.spec 
Added Files:
	linuxdcpp-CVE-2008-2953.patch linuxdcpp-CVE-2008-2954.patch 
Log Message:
- Fix for CVE-2008-2953 and CVE-2008-2954 (#453731)


linuxdcpp-CVE-2008-2953.patch:

--- NEW FILE linuxdcpp-CVE-2008-2953.patch ---
--- linuxdcpp-1.0.1/client/ShareManager.cpp	2007-10-06 02:12:32.000000000 +0200
+++ linuxdcpp-1.0.1/client/ShareManager.cpp.CVE-2008-2953	2008-07-02 13:24:03.000000000 +0200
@@ -926,6 +926,10 @@
 			}
 			j = i + 1;
 		}
+
+		if(it == directories.end())
+			return NULL;
+
 		for(ShareManager::Directory::MapIter it2 = it->second->directories.begin(); it2 != it->second->directories.end(); ++it2) {
 			it2->second->toXml(sos, indent, tmp, recurse);
 		}

linuxdcpp-CVE-2008-2954.patch:

--- NEW FILE linuxdcpp-CVE-2008-2954.patch ---
--- linuxdcpp-1.0.1/client/NmdcHub.cpp	2007-11-05 06:33:42.000000000 +0100
+++ linuxdcpp-1.0.1/client/NmdcHub.cpp.CVE-2008-2954	2008-07-02 13:24:18.000000000 +0200
@@ -693,10 +693,14 @@
 		if(fromNick.empty())
 			return;
 
+		if(param.size() < j + 2) {
+			return;
+		}
+		string msg = param.substr(j + 2);
+
 		OnlineUser* replyTo = findUser(rtNick);
 		OnlineUser* from = findUser(fromNick);
 
-		string msg = param.substr(j + 2);
 		if(replyTo == NULL || from == NULL) {
 			if(replyTo == 0) {
 				// Assume it's from the hub


Index: linuxdcpp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/linuxdcpp/F-9/linuxdcpp.spec,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- linuxdcpp.spec	13 Feb 2008 18:37:29 -0000	1.5
+++ linuxdcpp.spec	2 Jul 2008 11:49:43 -0000	1.6
@@ -1,6 +1,6 @@
 Name:		linuxdcpp
 Version:	1.0.1
-Release:	2%{?dist}
+Release:	3%{?dist}
 Summary:	Direct Connect client
 
 Group:		Applications/Internet
@@ -11,6 +11,8 @@
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 Patch0:		linuxdcpp-1.0.1-gcc43-compile-fix.patch
+Patch1:		linuxdcpp-CVE-2008-2953.patch
+Patch2:		linuxdcpp-CVE-2008-2954.patch
 
 BuildRequires:	scons gtk2-devel >= 2.6.0 glib2-devel >= 2.4.0 pkgconfig
 BuildRequires:	libglade2-devel >= 2.4.0 zlib-devel bzip2-devel openssl-devel
@@ -23,6 +25,8 @@
 %setup -q -c
 
 %patch0 -p1
+%patch1 -p1
+%patch2 -p1
 
 %build
 CXXFLAGS="$RPM_OPT_FLAGS" scons %{?_smp_mflags} PREFIX="%{_prefix}"
@@ -65,6 +69,9 @@
 %{_datadir}/pixmaps/linuxdcpp.png
 
 %changelog
+* Wed Jul 02 2008 Marcin Garski <mgarski[AT]post.pl> 1.0.1-3
+- Fix for CVE-2008-2953 and CVE-2008-2954 (#453731)
+
 * Wed Feb 13 2008 Marcin Garski <mgarski[AT]post.pl> 1.0.1-2
 - GCC 4.3 compile fix

More information about the scm-commits mailing list