rpms/evolution-data-server/F-7 evolution-data-server-1.10.2-camel-imap-folder.patch, NONE, 1.1 evolution-data-server.spec, 1.166, 1.167

Matthew Barnes (mbarnes) fedora-extras-commits at redhat.com
Fri Jun 15 16:32:43 UTC 2007 

Author: mbarnes

Update of /cvs/pkgs/rpms/evolution-data-server/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27528

Modified Files:
	evolution-data-server.spec 
Added Files:
	evolution-data-server-1.10.2-camel-imap-folder.patch 
Log Message:

* Fri Jun 15 2007 Matthew Barnes <mbarnes at redhat.com> - 1.10.2-3.fc7
- Add patch for RH bug #244283 (Camel IMAP security flaw).


evolution-data-server-1.10.2-camel-imap-folder.patch:

--- NEW FILE evolution-data-server-1.10.2-camel-imap-folder.patch ---
--- evolution-data-server-1.10.2/camel/providers/imap/camel-imap-folder.c.camel-imap-folder	2007-04-09 08:42:39.000000000 -0400
+++ evolution-data-server-1.10.2/camel/providers/imap/camel-imap-folder.c	2007-06-15 12:23:37.000000000 -0400
@@ -655,7 +655,7 @@ imap_rescan (CamelFolder *folder, int ex
 		uid = g_datalist_get_data (&data, "UID");
 		flags = GPOINTER_TO_UINT (g_datalist_get_data (&data, "FLAGS"));
 		
-		if (!uid || !seq || seq > summary_len) {
+		if (!uid || !seq || seq > summary_len || seq < 0) {
 			g_datalist_clear (&data);
 			continue;
 		}
@@ -2789,7 +2789,7 @@ parse_fetch_response (CamelImapFolder *i
 		
 		if (*response != '*' || *(response + 1) != ' ')
 			return NULL;
-		seq = strtol (response + 2, &response, 10);
+		seq = strtoul (response + 2, &response, 10);
 		if (seq == 0)
 			return NULL;
 		if (g_ascii_strncasecmp (response, " FETCH (", 8) != 0)


Index: evolution-data-server.spec
===================================================================
RCS file: /cvs/pkgs/rpms/evolution-data-server/F-7/evolution-data-server.spec,v
retrieving revision 1.166
retrieving revision 1.167
diff -u -r1.166 -r1.167
--- evolution-data-server.spec	1 Jun 2007 04:20:57 -0000	1.166
+++ evolution-data-server.spec	15 Jun 2007 16:32:07 -0000	1.167
@@ -26,7 +26,7 @@
 
 Name: evolution-data-server
 Version: 1.10.2
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: LGPL
 Group: System Environment/Libraries
 Summary: Backend data server for Evolution
@@ -87,6 +87,9 @@
 # Fix implicit function declarations
 Patch26: evolution-data-server-1.10.2-implicit-function-declarations.patch
 
+# RH bug #244283 / GNOME bug #447414
+Patch27: evolution-data-server-1.10.2-camel-imap-folder.patch
+
 ### Dependencies ###
 
 Requires: GConf2
@@ -183,6 +186,7 @@
 %patch24 -p1 -b .camel-folder-symmary-crash
 %patch25 -p1 -b .camel-certdb-nss-cert-get
 %patch26 -p1 -b .implicit-function-declarations
+%patch27 -p1 -b .camel-imap-folder
 
 mkdir -p krb5-fakeprefix/include
 mkdir -p krb5-fakeprefix/lib
@@ -400,6 +404,9 @@
 %{_libdir}/pkgconfig/libexchange-storage-%{eds_api_version}.pc
 
 %changelog
+* Fri Jun 15 2007 Matthew Barnes <mbarnes at redhat.com> - 1.10.2-3.fc7
+- Add patch for RH bug #244283 (Camel IMAP security flaw).
+
 * Fri Jun 01 2007 Matthew Barnes <mbarnes at redhat.com> - 1.10.2-2.fc7
 - Revise patch for GNOME bug #376991 to fix RH bug #241974.

More information about the fedora-extras-commits mailing list