Bug#771474: unblock: claws-mail/3.11.1-2

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#771474: unblock: claws-mail/3.11.1-2
From: Ricardo Mones <mones@debian.org>
Date: Sat, 29 Nov 2014 23:52:04 +0100
Message-id: <[🔎] 20141129225204.5687.94364.reportbug@busgosu>
Reply-to: Ricardo Mones <mones@debian.org>, 771474@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi Release Team,

Please unblock package claws-mail to fix CVE-2010-5109
in claws-mail-tnef-parser reported as #771360.

Full debdiff attached.

Thanks in advance,

unblock claws-mail/3.11.1-2

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru claws-mail-3.11.1/debian/changelog claws-mail-3.11.1/debian/changelog
--- claws-mail-3.11.1/debian/changelog	2014-10-28 01:06:14.000000000 +0100
+++ claws-mail-3.11.1/debian/changelog	2014-11-29 23:11:52.000000000 +0100
@@ -1,3 +1,11 @@
+claws-mail (3.11.1-2) unstable; urgency=high
+
+  * patches/14CVE_2010_5109.patch, patches/series
+  - Fix possible buffer overflow CVE-2010-5109 (Closes: #771360)
+  - Raised urgency because of RC security bug
+
+ -- Ricardo Mones <mones@debian.org>  Sat, 29 Nov 2014 23:03:27 +0100
+
 claws-mail (3.11.1-1) unstable; urgency=medium
 
   * New upstream bugfix release
diff -Nru claws-mail-3.11.1/debian/patches/14CVE_2010_5109.patch claws-mail-3.11.1/debian/patches/14CVE_2010_5109.patch
--- claws-mail-3.11.1/debian/patches/14CVE_2010_5109.patch	1970-01-01 01:00:00.000000000 +0100
+++ claws-mail-3.11.1/debian/patches/14CVE_2010_5109.patch	2014-11-29 23:11:52.000000000 +0100
@@ -0,0 +1,23 @@
+Description: Patch to fix possible buffer overflow
+ in TNEF parser's embedded copy of ytnef library.
+ Originally CVE-2010-5109 in libytnef.
+Author: Petr Písař <ppisar@redhat.com>
+Origin: https://bugzilla.redhat.com/show_bug.cgi?id=831322
+Acked-by: Moritz Muehlenhoff <jmm@debian.org>
+Bug-Debian: https://bugs.debian.org/771360
+Applied-Upstream: commit:a8df3ae48ad5732018934b378abb11a022735c5e
+Last-Update: 2014-11-29
+
+diff --git a/src/plugins/tnef_parse/ytnef.c b/src/plugins/tnef_parse/ytnef.c
+index a2e7ed3..9184836 100644
+--- a/src/plugins/tnef_parse/ytnef.c
++++ b/src/plugins/tnef_parse/ytnef.c
+@@ -1352,7 +1352,7 @@ unsigned char *DecompressRTF(variableLength *p, int *size) {
+ 
+     comp_Prebuf.size = strlen(RTF_PREBUF);
+     comp_Prebuf.data = calloc(comp_Prebuf.size + 1, 1);
+-    strcpy(comp_Prebuf.data, RTF_PREBUF);
++    memcpy(comp_Prebuf.data, RTF_PREBUF, comp_Prebuf.size);
+ 
+     src = p->data;
+     in = 0;
diff -Nru claws-mail-3.11.1/debian/patches/series claws-mail-3.11.1/debian/patches/series
--- claws-mail-3.11.1/debian/patches/series	2014-10-28 01:06:14.000000000 +0100
+++ claws-mail-3.11.1/debian/patches/series	2014-11-29 23:11:52.000000000 +0100
@@ -1,3 +1,4 @@
 11mark_trashed_as_read.patch
 12fix_manpage_header.patch
 13desktop_file_categories.patch
+14CVE_2010_5109.patch

Reply to:

Follow-Ups:
- Bug#771474: marked as done (unblock: claws-mail/3.11.1-2)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#770983: unblock: UEFI installer fixes
Next by Date: Re: MySecureShell 2.0-2 new version
Previous by thread: Bug#771459: marked as done (unblock: pytools/2014.3-2)
Next by thread: Bug#771474: marked as done (unblock: claws-mail/3.11.1-2)
Index(es):
- Date
- Thread