Package list cyrus-sasl2 / 0668e38
Off-by-one in _sasl_add_string function (CVE-2019-19906) (Closes: #947043) Roberto C. Sánchez 1 year, 7 months ago
3 changed file(s) with 28 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
0 cyrus-sasl2 (2.1.27+dfsg-2) unstable; urgency=medium
1
2 [ Salvatore Bonaccorso ]
3 * Off-by-one in _sasl_add_string function (CVE-2019-19906) (Closes: #947043)
4
5 -- Roberto C. Sanchez <roberto@debian.org> Thu, 26 Dec 2019 09:48:32 -0500
6
07 cyrus-sasl2 (2.1.27+dfsg-1) unstable; urgency=medium
18
29 [ Ryan Tandy ]
0 Description: CVE-2019-19906: Off-by-one in _sasl_add_string function
1 Origin: vendor
2 Bug: https://github.com/cyrusimap/cyrus-sasl/issues/587
3 Bug-Debian: https://bugs.debian.org/947043
4 Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-19906
5 Author: Stephan Zeisberg <stephan@srlabs.de>
6 Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
7 Last-Update: 2019-12-19
8
9 --- a/lib/common.c
10 +++ b/lib/common.c
11 @@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t
12
13 if (add==NULL) add = "(null)";
14
15 - addlen=strlen(add); /* only compute once */
16 + addlen=strlen(add)+1; /* only compute once */
17 if (_buf_alloc(out, alloclen, (*outlen)+addlen)!=SASL_OK)
18 return SASL_NOMEM;
19
1717 0033-cross.patch
1818 0019-Stop-importing-docutils_version-in-sphinx-build-manp.patch
1919 0020-Restore-LIBS-after-checking-gss_inquire_sec_context_.patch
20 0034-CVE-2019-19906.patch