[packages/isync] up to 1.4.1 (fixes CVE-2021-20247)
atler
atler at pld-linux.org
Mon Feb 22 22:04:28 CET 2021
commit 1b3f590674a74110056172e8bb678e53ff51f230
Author: Jan Palus <atler at pld-linux.org>
Date: Mon Feb 22 22:04:05 2021 +0100
up to 1.4.1 (fixes CVE-2021-20247)
isync.spec | 8 +-
unexpected_fetch_response.patch | 162 ----------------------------------------
2 files changed, 3 insertions(+), 167 deletions(-)
---
diff --git a/isync.spec b/isync.spec
index 5d5d283..02e4f4b 100644
--- a/isync.spec
+++ b/isync.spec
@@ -2,13 +2,12 @@
# - new name will be probably mbsync, but project name still stays isync
Summary: Tool to synchronize IMAP4 and Maildir mailboxes
Name: isync
-Version: 1.4.0
-Release: 2
+Version: 1.4.1
+Release: 1
License: GPL v2+
Group: Applications/Networking
Source0: https://downloads.sourceforge.net/isync/%{name}-%{version}.tar.gz
-# Source0-md5: bf60773c0ec03f132aac546df9cc7b87
-Patch0: unexpected_fetch_response.patch
+# Source0-md5: c0c9899c2ff629e4e6de429c394b2613
URL: https://isync.sourceforge.net/
BuildRequires: autoconf
BuildRequires: automake
@@ -28,7 +27,6 @@ is suitable for use in IMAP-disconnected mode.
%prep
%setup -q
-%patch0 -p1
%build
%{__aclocal}
diff --git a/unexpected_fetch_response.patch b/unexpected_fetch_response.patch
deleted file mode 100644
index 8ca55cd..0000000
--- a/unexpected_fetch_response.patch
+++ /dev/null
@@ -1,162 +0,0 @@
-From 32392adbe3fd349e18d282a4e73208c32d6bfd1b Mon Sep 17 00:00:00 2001
-From: Oswald Buddenhagen <ossi at users.sf.net>
-Date: Sun, 14 Feb 2021 21:25:26 +0100
-Subject: [PATCH 1/3] accept unsolicited FETCH responses (without payload)
- after all
-
-while the spec says that the server SHOULD not send FETCH responses
-about STORE FLAGS when .SILENT is used, at least gmail and fastmail seem
-to do it nonetheless. also, in case of concurrent flag updates on the
-affected messages such responses can be legitimately sent.
-
-in earlier versions of mbsync this would lead to duplicate messages
-piling up in the store, though that would pose no problem at that point.
----
- src/drv_imap.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/drv_imap.c b/src/drv_imap.c
-index 9f23e08..c270031 100644
---- a/src/drv_imap.c
-+++ b/src/drv_imap.c
-@@ -1181,7 +1181,8 @@ parse_fetch_rsp( imap_store_t *ctx, list_t *list, char *s ATTR_UNUSED )
- for (cmdp = ctx->in_progress; cmdp; cmdp = cmdp->next)
- if (cmdp->param.uid == uid)
- goto gotuid;
-- goto badrsp;
-+ error( "IMAP error: unexpected FETCH response with BODY (UID %u)\n", uid );
-+ return LIST_BAD;
- gotuid:
- msgdata = ((imap_cmd_fetch_msg_t *)cmdp)->msg_data;
- msgdata->data = body->val;
-@@ -1208,9 +1209,8 @@ parse_fetch_rsp( imap_store_t *ctx, list_t *list, char *s ATTR_UNUSED )
- memcpy( cur->tuid, tuid, TUIDL );
- status &= ~(M_FLAGS | M_RECENT | M_SIZE | M_HEADER);
- } else {
-- badrsp:
-- error( "IMAP error: unexpected FETCH response (UID %u)\n", uid );
-- return LIST_BAD;
-+ // These may come in as a result of STORE FLAGS despite .SILENT.
-+ status &= ~(M_FLAGS | M_RECENT);
- }
-
- if (status) {
---
-2.30.1
-
-From 8c86f34bf0e23c719bdbe69714a48536eb26597c Mon Sep 17 00:00:00 2001
-From: Oswald Buddenhagen <ossi at users.sf.net>
-Date: Sun, 14 Feb 2021 23:06:24 +0100
-Subject: [PATCH 2/3] fix bogus continuation of IMAP list parsing
-
-on error, parse_imap_list() needs to reset the nesting level in the
-state, as imap_socket_read() uses that as an indicator whether list
-parsing is ongoing.
----
- src/drv_imap.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/drv_imap.c b/src/drv_imap.c
-index c270031..2ade80e 100644
---- a/src/drv_imap.c
-+++ b/src/drv_imap.c
-@@ -924,6 +924,7 @@ parse_imap_list( imap_store_t *ctx, char **sp, parse_list_state_t *sts )
- }
- bail:
- free_list( sts->head );
-+ sts->level = 0;
- return LIST_BAD;
- }
-
---
-2.30.1
-
-From 95a83c8220861185906df5b38eed589984847bfb Mon Sep 17 00:00:00 2001
-From: Oswald Buddenhagen <ossi at users.sf.net>
-Date: Sun, 14 Feb 2021 23:37:39 +0100
-Subject: [PATCH 3/3] be more tolerant of formally malformed response codes
-
-fastmail sends flags containing ']' in PERMANENTFLAGS, which is formally
-illegal. however, if we parse the embedded list before looking for the
-response code's closing ']', things work out fine.
-
-as a side effect we won't complain about similarly or completely
-malformed response codes we don't recognize at all, which may or may not
-be considered an improvement ...
----
- src/drv_imap.c | 29 +++++++++++++++++------------
- 1 file changed, 17 insertions(+), 12 deletions(-)
-
-diff --git a/src/drv_imap.c b/src/drv_imap.c
-index 2ade80e..e6e4b26 100644
---- a/src/drv_imap.c
-+++ b/src/drv_imap.c
-@@ -1253,48 +1253,53 @@ parse_response_code( imap_store_t *ctx, imap_cmd_t *cmd, char *s )
- if (!s || *s != '[')
- return RESP_OK; /* no response code */
- s++;
-- if (!(p = strchr( s, ']' ))) {
-- bad_resp:
-+ if (!(arg = next_arg( &s ))) {
- error( "IMAP error: malformed response code\n" );
- return RESP_CANCEL;
- }
-- *p++ = 0;
-- if (!(arg = next_arg( &s )))
-- goto bad_resp;
- if (!strcmp( "UIDVALIDITY", arg )) {
- if (!(arg = next_arg( &s )) ||
-- (ctx->uidvalidity = strtoul( arg, &earg, 10 ), *earg))
-+ (ctx->uidvalidity = strtoul( arg, &earg, 10 ), *earg != ']'))
- {
- error( "IMAP error: malformed UIDVALIDITY status\n" );
- return RESP_CANCEL;
- }
- } else if (!strcmp( "UIDNEXT", arg )) {
- if (!(arg = next_arg( &s )) ||
-- (ctx->uidnext = strtoul( arg, &earg, 10 ), *earg))
-+ (ctx->uidnext = strtoul( arg, &earg, 10 ), *earg != ']'))
- {
- error( "IMAP error: malformed UIDNEXT status\n" );
- return RESP_CANCEL;
- }
- } else if (!strcmp( "CAPABILITY", arg )) {
-+ if (!(p = strchr( s, ']' ))) {
-+ error( "IMAP error: malformed CAPABILITY status\n" );
-+ return RESP_CANCEL;
-+ }
-+ *p = 0;
- parse_capability( ctx, s );
-- } else if (!strcmp( "ALERT", arg )) {
-+ } else if (!strcmp( "ALERT]", arg )) {
- /* RFC2060 says that these messages MUST be displayed
- * to the user
- */
-- for (; isspace( (uchar)*p ); p++);
-- error( "*** IMAP ALERT *** %s\n", p );
-+ if (!s) {
-+ error( "IMAP error: malformed ALERT status\n" );
-+ return RESP_CANCEL;
-+ }
-+ for (; isspace( (uchar)*s ); s++);
-+ error( "*** IMAP ALERT *** %s\n", s );
- } else if (cmd && !strcmp( "APPENDUID", arg )) {
- if (!(arg = next_arg( &s )) ||
- (ctx->uidvalidity = strtoul( arg, &earg, 10 ), *earg) ||
- !(arg = next_arg( &s )) ||
-- (((imap_cmd_out_uid_t *)cmd)->out_uid = strtoul( arg, &earg, 10 ), *earg))
-+ (((imap_cmd_out_uid_t *)cmd)->out_uid = strtoul( arg, &earg, 10 ), *earg != ']'))
- {
- error( "IMAP error: malformed APPENDUID status\n" );
- return RESP_CANCEL;
- }
- } else if (!strcmp( "PERMANENTFLAGS", arg )) {
- parse_list_init( &ctx->parse_list_sts );
-- if (parse_imap_list( NULL, &s, &ctx->parse_list_sts ) != LIST_OK) {
-+ if (parse_imap_list( NULL, &s, &ctx->parse_list_sts ) != LIST_OK || *s != ']') {
- error( "IMAP error: malformed PERMANENTFLAGS status\n" );
- return RESP_CANCEL;
- }
---
-2.30.1
-
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/isync.git/commitdiff/1b3f590674a74110056172e8bb678e53ff51f230
More information about the pld-cvs-commit
mailing list