Package: ring Version: 20230922.0~ds2-1 Severity: important Tags: patch
Dear Maintainer,
In Ubuntu, the attached patch was applied to achieve the following:
* SECURITY UPDATE: Remote Code Execution
- debian/patches/CVE-2021-37706.patch: fixed a RCE in PJSIP module
- CVE-2021-37706
Thanks for considering the patch.
*** /tmp/tmpqqf2a9ke/ring_20230922.0~ds2-1ubuntu1.debdiff
diff -Nru ring-20230922.0~ds2/debian/patches/CVE-2021-37706.patch
ring-20230922.0~ds2/debian/patches/CVE-2021-37706.patch
--- ring-20230922.0~ds2/debian/patches/CVE-2021-37706.patch 1970-01-01
01:00:00.000000000 +0100
+++ ring-20230922.0~ds2/debian/patches/CVE-2021-37706.patch 2023-12-04
10:22:49.000000000 +0100
@@ -0,0 +1,20 @@
+commit 15663e3f37091069b8c98a7fce680dc04bc8e865
+Author: sauwming <[email protected]>
+Date: Tue Aug 10 11:53:25 2021 +0800
+
+ Merge pull request from GHSA-2qpg-f6wf-w984
+
+Index:
./daemon/contrib/tarballs-unpacked/pjproject-97f45c2040c2b0cf6f3349a365b0e900a2267333.tar.gz/pjproject-97f45c2040c2b0cf6f3349a365b0e900a2267333/pjnath/src/pjnath/stun_msg.c
+===================================================================
+---
ring-20190215.1.f152c98~ds1.orig/daemon/contrib/tarballs-unpacked/pjproject-2.8.tar.gz/pjproject-2.8/pjnath/src/pjnath/stun_msg.c
2023-04-16 11:27:08.746997850 +0200
++++
./daemon/contrib/tarballs-unpacked/pjproject-97f45c2040c2b0cf6f3349a365b0e900a2267333.tar.gz/pjproject-97f45c2040c2b0cf6f3349a365b0e900a2267333/pjnath/src/pjnath/stun_msg.c
2023-04-16 11:27:08.746997850 +0200
+@@ -1767,6 +1767,9 @@
+ /* Get pointer to the string in the message */
+ value.ptr = ((char*)buf + ATTR_HDR_LEN + 4);
+ value.slen = attr->hdr.length - 4;
++ /* Make sure the length is never negative */
++ if (value.slen < 0)
++ value.slen = 0;
+
+ /* Copy the string to the attribute */
+ pj_strdup(pool, &attr->reason, &value);
diff -Nru ring-20230922.0~ds2/debian/patches/series
ring-20230922.0~ds2/debian/patches/series
--- ring-20230922.0~ds2/debian/patches/series 2023-10-21 19:04:56.000000000
+0200
+++ ring-20230922.0~ds2/debian/patches/series 2023-12-04 10:20:40.000000000
+0100
@@ -3,3 +3,4 @@
2000-jsoncpp-rename.patch
2010-dont-force-build-pkgs.patch
2020-system-md4c-tidy.patch
+CVE-2021-37706.patch
OpenPGP_signature.asc
Description: OpenPGP digital signature

