diff --git a/SOURCES/evolution-data-server-3.28.5-CVE-2020-16117.patch b/SOURCES/evolution-data-server-3.28.5-CVE-2020-16117.patch new file mode 100644 index 0000000..6b656f8 --- /dev/null +++ b/SOURCES/evolution-data-server-3.28.5-CVE-2020-16117.patch @@ -0,0 +1,13 @@ +diff -up evolution-data-server-3.28.5/src/camel/providers/imapx/camel-imapx-server.c.CVE-2020-16117 evolution-data-server-3.28.5/src/camel/providers/imapx/camel-imapx-server.c +--- evolution-data-server-3.28.5/src/camel/providers/imapx/camel-imapx-server.c.CVE-2020-16117 2018-07-30 15:17:06.000000000 +0200 ++++ evolution-data-server-3.28.5/src/camel/providers/imapx/camel-imapx-server.c 2020-09-30 09:10:32.240788043 +0200 +@@ -2979,7 +2979,8 @@ connected: + + /* See if we got new capabilities + * in the STARTTLS response. */ +- imapx_free_capability (is->priv->cinfo); ++ if (is->priv->cinfo) ++ imapx_free_capability (is->priv->cinfo); + is->priv->cinfo = NULL; + if (ic->status->condition == IMAPX_CAPABILITY) { + is->priv->cinfo = ic->status->u.cinfo; diff --git a/SPECS/evolution-data-server.spec b/SPECS/evolution-data-server.spec index 3e24775..55cb1ec 100644 --- a/SPECS/evolution-data-server.spec +++ b/SPECS/evolution-data-server.spec @@ -32,7 +32,7 @@ Name: evolution-data-server Version: 3.28.5 -Release: 14%{?dist} +Release: 15%{?dist} Group: System Environment/Libraries Summary: Backend data server for Evolution License: LGPLv2+ @@ -85,6 +85,9 @@ Patch10: evolution-data-server-3.28.5-test-cal-meta-backend-without-evolution.pa # RH bug #1859141 Patch11: evolution-data-server-3.28.5-CVE-2020-14928.patch +# RH bug #1862403 +Patch12: evolution-data-server-3.28.5-CVE-2020-16117.patch + ### Dependencies ### Requires: dconf @@ -215,6 +218,7 @@ the functionality of the installed %{name} package. %patch09 -p1 -b .delay-new-module-load %patch10 -p1 -b .test-cal-meta-backend-without-evolution %patch11 -p1 -b .CVE-2020-14928 +%patch12 -p1 -b .CVE-2020-16117 %build @@ -476,6 +480,9 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &>/dev/null || : %{_datadir}/installed-tests %changelog +* Wed Sep 30 2020 Milan Crha - 3.28.5-15 +- Resolves: #1862403 (CVE-2020-16117: Crash on malformed server response with minimal capabilities) + * Thu Jul 23 2020 Milan Crha - 3.28.5-14 - Resolves: #1859141 (CVE-2020-14928: Response Injection via STARTTLS in SMTP and POP3)