This is CVE-2006-1721, for which I am about to upload an NMU with the
following patch. I'm skipping the normal DELAYED queue because the
maintainer appears to be inactive and this is security issue.
diff -u cyrus-sasl2-2.1.19.dfsg1/debian/changelog
cyrus-sasl2-2.1.19.dfsg1/debian/changelog
--- cyrus-sasl2-2.1.19.dfsg1/debian/changelog
+++ cyrus-sasl2-2.1.19.dfsg1/debian/changelog
@@ -1,3 +1,12 @@
+cyrus-sasl2 (2.1.19.dfsg1-0.2) unstable; urgency=high
+
+ * Non-maintainer upload
+ * Applied upstream patch to fix remote denial of service
+ [debian/patches/27_CVE-2006-1721.diff]
+ Closes: #361937.
+
+ -- dann frazier <[EMAIL PROTECTED]> Tue, 25 Apr 2006 09:39:43 -0600
+
cyrus-sasl2 (2.1.19.dfsg1-0.1) unstable; urgency=low
* Non-maintainer upload.
only in patch2:
unchanged:
--- cyrus-sasl2-2.1.19.dfsg1.orig/debian/patches/27_CVE-2006-1721.diff
+++ cyrus-sasl2-2.1.19.dfsg1/debian/patches/27_CVE-2006-1721.diff
@@ -0,0 +1,13 @@
+diff -u -p -Nr --exclude CVS cyrus-sasl-2.1.19.dfsg1.orig/plugins/digestmd5.c
cyrus-sasl-2.1.19.dfsg1/plugins/digestmd5.c
+--- cyrus-sasl-2.1.19.dfsg1.orig/plugins/digestmd5.c 2006-04-24
18:59:38.000000000 +0200
++++ cyrus-sasl-2.1.19.dfsg1/plugins/digestmd5.c 2006-04-24
19:01:13.000000000 +0200
+@@ -2242,7 +2242,8 @@ static int digestmd5_server_mech_step2(s
+ }
+
+ /* Sanity check the parameters */
+- if (strcmp(realm, text->realm) != 0) {
++ if (((realm != NULL) && (strcmp(realm, text->realm) != 0)) &&
++ (text->realm[0] != 0)) {
+ SETERROR(sparams->utils,
+ "realm changed: authentication aborted");
+ result = SASL_BADAUTH;
--
dann frazier | HP Open Source and Linux Organization
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
