Overview

File CVE-2020-15917.patch of Package claws-mail.13542

Index: claws-mail-3.17.3/AUTHORS
===================================================================
--- claws-mail-3.17.3.orig/AUTHORS
+++ claws-mail-3.17.3/AUTHORS
@@ -309,7 +309,7 @@ contributors (in addition to the above;
 	Arthur Huillet
 	Blatinox
 	Andy Balaam
-	Hanno Boeck
+	Hanno Böck
 	Ben Hutchings
 	Ralf Bormann
 	Darac Marjal
@@ -326,3 +326,4 @@ contributors (in addition to the above;
 	Eric S. Raymond
 	Avinash Sonawane
 	Alex Smith
+	Damian Poddebniak
Index: claws-mail-3.17.3/src/common/session.c
===================================================================
--- claws-mail-3.17.3.orig/src/common/session.c
+++ claws-mail-3.17.3/src/common/session.c
@@ -421,6 +421,13 @@ gint session_start_tls(Session *session)
 		return -1;
 	}
 
+	if (0 < session->read_buf_len) {
+		g_warning("protocol violation: suffix data after STARTTLS detected.");
+                if (nb_mode)
+			sock_set_nonblocking_mode(session->sock, session->nonblocking);
+		return -1;
+       }
+
 	if (nb_mode)
 		sock_set_nonblocking_mode(session->sock, session->nonblocking);
 
Index: claws-mail-3.17.3/src/gtk/authors.h
===================================================================
--- claws-mail-3.17.3.orig/src/gtk/authors.h
+++ claws-mail-3.17.3/src/gtk/authors.h
@@ -100,7 +100,7 @@ static char *CONTRIBS_LIST[] = {
 "Laurent Bigonville",
 "Jean-Luc Biord",
 "Blatinox",
-"Hanno Boeck",
+"Hanno Böck",
 "Pavlo Bohmat",
 "Ralf Bormann",
 "H. Merijn Brand",
@@ -250,6 +250,7 @@ static char *CONTRIBS_LIST[] = {
 "Thomas Orgis",
 "Reza Pakdel",
 "Richard Palo",
+"Damian Poddebniak",
 "Marcel Pol",
 "Martin Pool",
 "Quar",
openSUSE Build Service is sponsored by
Places