ALT Linux Bugzilla
– Attachment 5760 Details for
Bug 28006
Conflicts between attempted installs of exim-common-4.76-alt2 and sendmail-common-1.7-alt3
New bug
|
Search
|
[?]
|
Help
Register
|
Log In
[x]
|
Forgot Password
Login:
[x]
|
EN
|
RU
[patch]
CVE-2012-5671.patch
CVE-2012-5671.patch (text/plain), 1.78 KB, created by
Chess
on 2013-03-05 09:48:12 MSK
(
hide
)
Description:
CVE-2012-5671.patch
Filename:
MIME Type:
Creator:
Chess
Created:
2013-03-05 09:48:12 MSK
Size:
1.78 KB
patch
obsolete
>From 4263f395efd136dece52d765dfcff3c96f17506e Mon Sep 17 00:00:00 2001 >From: Phil Pennock <pdp@exim.org> >Date: Wed, 24 Oct 2012 23:26:29 -0400 >Subject: [PATCH 1/3] SECURITY: DKIM DNS buffer overflow protection > >CVE-2012-5671 > >malloc/heap overflow, with a 60kB window of overwrite. >Requires DNS under control of person sending email, leaves plenty of >evidence, but is very likely exploitable on OSes that have not been >well hardened. >--- > doc/doc-txt/ChangeLog | 8 ++++++++ > src/src/dkim.c | 3 +++ > src/src/pdkim/pdkim.h | 4 ++-- > 3 files changed, 13 insertions(+), 2 deletions(-) > >Index: exim4-4.76/src/dkim.c >=================================================================== >--- exim4-4.76.orig/src/dkim.c 2011-05-09 04:36:25.000000000 -0400 >+++ exim4-4.76/src/dkim.c 2012-10-25 08:26:24.009726695 -0400 >@@ -44,6 +44,9 @@ > "%.*s", (int)len, (char *)((rr->data)+rr_offset)); > rr_offset+=len; > answer_offset+=len; >+ if (answer_offset >= PDKIM_DNS_TXT_MAX_RECLEN) { >+ return PDKIM_FAIL; >+ } > } > } > else return PDKIM_FAIL; >Index: exim4-4.76/src/pdkim/pdkim.h >=================================================================== >--- exim4-4.76.orig/src/pdkim/pdkim.h 2011-05-09 04:36:25.000000000 -0400 >+++ exim4-4.76/src/pdkim/pdkim.h 2012-10-25 08:26:24.009726695 -0400 >@@ -29,8 +29,8 @@ > > /* -------------------------------------------------------------------------- */ > /* Length of the preallocated buffer for the "answer" from the dns/txt >- callback function. */ >-#define PDKIM_DNS_TXT_MAX_RECLEN 4096 >+ callback function. This should match the maximum RDLENGTH from DNS. */ >+#define PDKIM_DNS_TXT_MAX_RECLEN (1 << 16) > > /* -------------------------------------------------------------------------- */ > /* Function success / error codes */
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=5760">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 28006
: 5760
