diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2019-05-01 19:49:49 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2019-05-02 08:59:46 +0200 |
commit | 142b0e6d20ea4d01d0fbf3b0a2329d6c4c98842c (patch) | |
tree | 7898be0d2599fb77e7a149360a2b87b76299257a /source/n/dovecot/fix-mysql-double-free.patch | |
parent | d20b8960352742059551ee7c8b5bc041616d9349 (diff) | |
download | current-20190501194949.tar.gz current-20190501194949.tar.xz |
Wed May 1 19:49:49 UTC 201920190501194949
ap/tmux-2.9a-x86_64-1.txz: Upgraded.
n/dovecot-2.3.6-x86_64-1.txz: Upgraded.
This update fixes two security issues:
Submission-login crashed with signal 11 due to null pointer access when
authentication was aborted by disconnecting.
Submission-login crashed when authentication was started over TLS secured
channel and invalid authentication message was sent.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11499
(* Security fix *)
n/php-7.2.18-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue
Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036
(* Security fix *)
xfce/exo-0.12.5-x86_64-1.txz: Upgraded.
Diffstat (limited to 'source/n/dovecot/fix-mysql-double-free.patch')
-rw-r--r-- | source/n/dovecot/fix-mysql-double-free.patch | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/source/n/dovecot/fix-mysql-double-free.patch b/source/n/dovecot/fix-mysql-double-free.patch deleted file mode 100644 index 47842f706..000000000 --- a/source/n/dovecot/fix-mysql-double-free.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 3c5101ffdd2a8115e03ed7180d53578765dea4c9 Mon Sep 17 00:00:00 2001 -From: Aki Tuomi <aki.tuomi@dovecot.fi> -Date: Tue, 4 Dec 2018 14:40:04 +0200 -Subject: [PATCH] driver-mysql: Avoid double-closing MySQL connection - -Fixes double-free ---- - src/lib-sql/driver-mysql.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/src/lib-sql/driver-mysql.c b/src/lib-sql/driver-mysql.c -index c87e825e4b..5dd1c3124f 100644 ---- a/src/lib-sql/driver-mysql.c -+++ b/src/lib-sql/driver-mysql.c -@@ -173,7 +173,9 @@ static int driver_mysql_connect(struct sql_db *_db) - static void driver_mysql_disconnect(struct sql_db *_db) - { - struct mysql_db *db = (struct mysql_db *)_db; -- mysql_close(db->mysql); -+ if (db->mysql != NULL) -+ mysql_close(db->mysql); -+ db->mysql = NULL; - } - - static int driver_mysql_parse_connect_string(struct mysql_db *db, -@@ -311,7 +313,9 @@ static void driver_mysql_deinit_v(struct sql_db *_db) - _db->no_reconnect = TRUE; - sql_db_set_state(&db->api, SQL_DB_STATE_DISCONNECTED); - -- mysql_close(db->mysql); -+ if (db->mysql != NULL) -+ mysql_close(db->mysql); -+ db->mysql = NULL; - - sql_connection_log_finished(_db); - event_unref(&_db->event); |