[meta-networking,dunfell,3/3] dovecot: Fix CVE-2020-12674

Message ID	20211203122958.2366-1-sanakazisk19@gmail.com
State	New
Headers	show Return-Path: <sanakazisk19@gmail.com> ip: 209.85.216.51, mailfrom: sanakazisk19@gmail.com) From: Sana Kazi <sanakazisk19@gmail.com> To: openembedded-devel@lists.openembedded.org Cc: Sana Kazi <sanakazisk19@gmail.com> Subject: [oe][meta-networking][dunfell][PATCH 3/3] dovecot: Fix CVE-2020-12674 Date: Fri, 3 Dec 2021 17:59:58 +0530 Message-Id: <20211203122958.2366-1-sanakazisk19@gmail.com>
Series	[meta-networking,dunfell,1/3] dovecot: Fix CVE-2020-12100 \| expand [meta-networking,dunfell,1/3] dovecot: Fix CVE-2020-12100 [meta-networking,dunfell,2/3] dovecot: Fix CVE-2020-12673 [meta-networking,dunfell,3/3] dovecot: Fix CVE-2020-12674

Message ID

20211203122958.2366-1-sanakazisk19@gmail.com

State

New

Headers

From: Sana Kazi <sanakazisk19@gmail.com>
To: openembedded-devel@lists.openembedded.org
Cc: Sana Kazi <sanakazisk19@gmail.com>
Subject: [oe][meta-networking][dunfell][PATCH 3/3] dovecot: Fix CVE-2020-12674
Date: Fri,  3 Dec 2021 17:59:58 +0530
Message-Id: <20211203122958.2366-1-sanakazisk19@gmail.com>

Series

[meta-networking,dunfell,1/3] dovecot: Fix CVE-2020-12100 | expand

Commit Message

Sana Kazi Dec. 3, 2021, 12:29 p.m. UTC

Added patch for CVE-2020-12674

Link: http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz

Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Sana Kazi <sanakazisk19@gmail.com>
---
 ...uth-mech-rpa-Fail-on-zero-len-buffer.patch | 30 +++++++++++++++++++
 .../dovecot/dovecot_2.2.36.4.bb               |  1 +
 2 files changed, 31 insertions(+)
 create mode 100644 meta-networking/recipes-support/dovecot/dovecot/0001-auth-mech-rpa-Fail-on-zero-len-buffer.patch

diff --git a/meta-networking/recipes-support/dovecot/dovecot/0001-auth-mech-rpa-Fail-on-zero-len-buffer.patch b/meta-networking/recipes-support/dovecot/dovecot/0001-auth-mech-rpa-Fail-on-zero-len-buffer.patch
new file mode 100644
index 0000000000..5580cd409f
--- /dev/null
+++ b/meta-networking/recipes-support/dovecot/dovecot/0001-auth-mech-rpa-Fail-on-zero-len-buffer.patch
@@ -0,0 +1,30 @@ 
+From bd9d2fe7da833f0e4705a8280efc56930371806b Mon Sep 17 00:00:00 2001
+From: Aki Tuomi <aki.tuomi@open-xchange.com>
+Date: Wed, 6 May 2020 13:40:36 +0300
+Subject: [PATCH 1/3] auth: mech-rpa - Fail on zero len buffer
+
+---
+ src/auth/mech-rpa.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
+
+CVE: CVE-2020-12674
+Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz]
+Comment: No change in any hunk
+
+diff --git a/src/auth/mech-rpa.c b/src/auth/mech-rpa.c
+index 08298ebdd6..2de8705b4f 100644
+--- a/src/auth/mech-rpa.c
++++ b/src/auth/mech-rpa.c
+@@ -224,7 +224,7 @@ rpa_read_buffer(pool_t pool, const unsigned char **data,
+ 		return 0;
+ 
+ 	len = *p++;
+-	if (p + len > end)
++	if (p + len > end || len == 0)
+ 		return 0;
+ 
+ 	*buffer = p_malloc(pool, len);
+-- 
+2.11.0
diff --git a/meta-networking/recipes-support/dovecot/dovecot_2.2.36.4.bb b/meta-networking/recipes-support/dovecot/dovecot_2.2.36.4.bb
index e36e51c283..29905196b6 100644
--- a/meta-networking/recipes-support/dovecot/dovecot_2.2.36.4.bb
+++ b/meta-networking/recipes-support/dovecot/dovecot_2.2.36.4.bb
@@ -25,6 +25,7 @@  SRC_URI = "http://dovecot.org/releases/2.2/dovecot-${PV}.tar.gz \
            file://0013-lib-mail-Fix-parse_too_many_nested_mime_parts.patch \
            file://buffer_free_fix.patch \
            file://0002-lib-ntlm-Check-buffer-length-on-responses.patch \
+           file://0001-auth-mech-rpa-Fail-on-zero-len-buffer.patch \
            "
 
 SRC_URI[md5sum] = "66c4d71858b214afee5b390ee602dee2"

[meta-networking,dunfell,3/3] dovecot: Fix CVE-2020-12674

Commit Message

Patch