[Pkg-xmpp-commits] [SCM] Jabberd2 XMPP server branch, master, updated. upstream/2.2.8-16-gdec816c
W. van den Akker
wvdakker at wilsoft.nl
Wed Jan 16 08:27:15 UTC 2013
The following commit has been merged in the master branch:
commit a09ef0a9916ebe68d2816abc54db5c25aac8e068
Author: W. van den Akker <wvdakker at wilsoft.nl>
Date: Wed Jan 16 09:13:03 2013 +0100
Patch for billion laughs DoS attack (CVE-2011-1755.dpatch).
diff --git a/debian/changelog b/debian/changelog
index 57fd4fd..950430c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+jabberd2 (2.2.8-2.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Prevent entity expansion in order to prevent about
+ the billion laughs DoS attack (CVE-2011-1755.dpatch).
+
+ -- Nico Golde <nion at debian.org> Mon, 30 May 2011 23:40:50 +0200
+
jabberd2 (2.2.8-2) unstable; urgency=low
* Deletes resolver configuration files (Closes: #528105).
diff --git a/debian/patches/00list b/debian/patches/00list
index 352b3b1..e276d3d 100644
--- a/debian/patches/00list
+++ b/debian/patches/00list
@@ -3,3 +3,4 @@ etc_pidpath.dpatch
etc_logpath.dpatch
etc_dbpath.dpatch
implicit-pointer-conversion.dpatch
+CVE-2011-1755.dpatch
diff --git a/debian/patches/CVE-2011-1755.dpatch b/debian/patches/CVE-2011-1755.dpatch
new file mode 100644
index 0000000..3f4fab6
--- /dev/null
+++ b/debian/patches/CVE-2011-1755.dpatch
@@ -0,0 +1,29 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## CVE-2011-1755.dpatch by Nico Golde <nion at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: disable entity expansian to prevent billion laughs attack
+
+ at DPATCH@
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' jabberd2-2.2.8~/sx/sx.c jabberd2-2.2.8/sx/sx.c
+--- jabberd2-2.2.8~/sx/sx.c 2009-04-27 11:05:13.000000000 +0200
++++ jabberd2-2.2.8/sx/sx.c 2011-05-30 23:40:27.000000000 +0200
+@@ -36,6 +36,7 @@
+ s->expat = XML_ParserCreateNS(NULL, '|');
+ XML_SetReturnNSTriplet(s->expat, 1);
+ XML_SetUserData(s->expat, (void *) s);
++ XML_SetDefaultHandler(s->expat, NULL);
+
+ s->wbufq = jqueue_new();
+ s->rnadq = jqueue_new();
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' jabberd2-2.2.8~/util/nad.c jabberd2-2.2.8/util/nad.c
+--- jabberd2-2.2.8~/util/nad.c 2009-04-27 11:05:15.000000000 +0200
++++ jabberd2-2.2.8/util/nad.c 2011-05-30 23:40:27.000000000 +0200
+@@ -1331,6 +1331,7 @@
+ return NULL;
+
+ XML_SetReturnNSTriplet(p, 1);
++ XML_SetDefaultHandler(p, NULL);
+
+ bd.nad = nad_new();
+ bd.depth = 0;
--
Jabberd2 XMPP server
More information about the Pkg-xmpp-commits
mailing list