rpms/gmime22/F-12 gmime-uuencode-buffer-overflow.patch, NONE, 1.1 gmime22.spec, 1.3, 1.4

Bernard Johnson bjohnson at fedoraproject.org
Thu Feb 4 02:12:37 UTC 2010 

Author: bjohnson

Update of /cvs/pkgs/rpms/gmime22/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv21781/F-12

Modified Files:
	gmime22.spec 
Added Files:
	gmime-uuencode-buffer-overflow.patch 
Log Message:
- Buffer overflow by calculating the maximum number of output bytes generated
  by an uuencode operation (bz #561457)


gmime-uuencode-buffer-overflow.patch:
 gmime-utils.h |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- NEW FILE gmime-uuencode-buffer-overflow.patch ---
diff -Naur gmime-2.2.23-pristine/gmime/gmime-utils.h gmime-2.2.23/gmime/gmime-utils.h
--- gmime-2.2.23-pristine/gmime/gmime-utils.h	2008-06-12 06:29:28.000000000 -0600
+++ gmime-2.2.23/gmime/gmime-utils.h	2010-02-03 19:01:18.145483975 -0700
@@ -106,7 +106,7 @@
  * Returns the number of output bytes needed to uuencode an input
  * buffer of size @x.
  **/
-#define GMIME_UUENCODE_LEN(x)      ((size_t) (((((x) + 2) / 45) * 62) + 62))
+#define GMIME_UUENCODE_LEN(x)      ((size_t) (((((x) + 2) / 45) * 62) + 64))
 
 
 /**


Index: gmime22.spec
===================================================================
RCS file: /cvs/pkgs/rpms/gmime22/F-12/gmime22.spec,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -p -r1.3 -r1.4
--- gmime22.spec	25 Jul 2009 00:28:08 -0000	1.3
+++ gmime22.spec	4 Feb 2010 02:12:37 -0000	1.4
@@ -1,6 +1,6 @@
 Name:           gmime22
 Version:        2.2.23
-Release:        7%{?dist}
+Release:        8%{?dist}
 Summary:        Library for creating and parsing MIME messages
 
 Group:          System Environment/Libraries
@@ -15,6 +15,7 @@ BuildRequires:  automake, libtool, gette
 
 Patch1: gmime-2.2.3-use-pkg-config.patch
 Patch2: gmime-2.2.3-libdir.patch
+Patch3: gmime-uuencode-buffer-overflow.patch
 
 # no mono on s390 for now, thus exclude s390 s390x
 %ifarch s390 s390x ppc64
@@ -66,6 +67,7 @@ for developing mono applications that us
 %setup -q -n gmime-%{version}
 %patch1 -p1 -b .use-pkg-config
 %patch2 -p1 -b .libdir
+%patch3 -p1 -b .uuencode-buffer-overflow
 
 %build
 #cp %{_datadir}/gettext/config.rpath .
@@ -127,6 +129,10 @@ rm -rf $RPM_BUILD_ROOT
 %endif
 
 %changelog
+* Wed Feb 03 2010 Bernard Johnson <bjohnson at symetrix.com> - 2.2.23-8
+- Buffer overflow by calculating the maximum number of output bytes generated
+  by an uuencode operation (bz #561457) 
+
 * Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.2.23-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

More information about the scm-commits mailing list