Mailinglist Archive: opensuse-commit (1187 mails)
| < Previous | Next > |
commit asterisk
- From: root@xxxxxxx (h_root)
- Date: Mon, 24 Apr 2006 15:50:24 +0200 (CEST)
- Message-id: <20060424135024.C81808C463@xxxxxxxxxxxxxxx>
Hello community,
here is the log from the commit of package asterisk
checked in at Mon Apr 24 15:50:24 CEST 2006.
--------
--- asterisk/asterisk.changes 2006-03-20 17:44:57.000000000 +0100
+++ STABLE/asterisk/asterisk.changes 2006-04-24 14:00:58.000000000 +0200
@@ -1,0 +2,6 @@
+Mon Apr 24 13:59:51 CEST 2006 - max@xxxxxxx
+
+- Fixed a buffer overflow in format_jpeg.c.
+ (Bug #168274, CVE-2006-1827)
+
+-------------------------------------------------------------------
New:
----
asterisk-CVE-2006-1827.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ asterisk.spec ++++++
--- /var/tmp/diff_new_pack.CUgRad/_old 2006-04-24 15:49:57.000000000 +0200
+++ /var/tmp/diff_new_pack.CUgRad/_new 2006-04-24 15:49:57.000000000 +0200
@@ -21,7 +21,7 @@
%define build_h323 0
Summary: The Asterisk Open Source PBX
Version: 1.2.5
-Release: 1
+Release: 6
License: GPL, BSD
PreReq: /usr/sbin/useradd
Group: Productivity/Telephony/Servers
@@ -31,6 +31,7 @@
Patch1: %name-%bristuff.patch
Patch2: %name-%spandsp.patch
Patch3: %name-db1-__P.patch
+Patch4: %name-CVE-2006-1827.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -160,6 +161,7 @@
%patch3
popd
%patch0
+%patch4
%build
# build asterisk
@@ -256,6 +258,9 @@
-c "Asterisk PBX" asterisk 2>/dev/null || :
%changelog -n asterisk
+* Mon Apr 24 2006 - max@xxxxxxx
+- Fixed a buffer overflow in format_jpeg.c.
+ (Bug #168274, CVE-2006-1827)
* Mon Mar 20 2006 - max@xxxxxxx
- New versions: asterisk-1.2.5, bristuff-0.3.0-PRE-1k:
- Makefile: Bug 6638 - Use POSIX command for Solaris
++++++ asterisk-CVE-2006-1827.patch ++++++
--- formats/format_jpeg.c
+++ formats/format_jpeg.c
@@ -55,7 +55,7 @@
struct ast_frame fr;
int res;
char buf[65536];
- if (len > sizeof(buf)) {
+ if (len > sizeof(buf) || len < 0) {
ast_log(LOG_WARNING, "JPEG image too large to read\n");
return NULL;
}
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
| < Previous | Next > |