From 318a1a2246a9f521e5a02313dcc1f6d68a0af7ec Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 18:16:14 +0200
Subject: Adding debian version 4.96-15+deb12u4.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 ...ossible-OOB-write-in-external-authenticat.patch | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 debian/patches/75_71-Auths-fix-possible-OOB-write-in-external-authenticat.patch

(limited to 'debian/patches/75_71-Auths-fix-possible-OOB-write-in-external-authenticat.patch')

diff --git a/debian/patches/75_71-Auths-fix-possible-OOB-write-in-external-authenticat.patch b/debian/patches/75_71-Auths-fix-possible-OOB-write-in-external-authenticat.patch
new file mode 100644
index 0000000..f6936a9
--- /dev/null
+++ b/debian/patches/75_71-Auths-fix-possible-OOB-write-in-external-authenticat.patch
@@ -0,0 +1,22 @@
+From 7bb5bc2c6592e062bf0b514cc71afd2d93e2e0dd Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Thu, 11 May 2023 18:02:43 +0100
+Subject: [PATCH 1/4] Auths: fix possible OOB write in external authenticator. 
+ Bug 2999
+
+---
+ doc/doc-txt/ChangeLog    | 3 +++
+ src/src/auths/external.c | 2 +-
+ 2 files changed, 4 insertions(+), 1 deletion(-)
+
+--- a/src/auths/external.c
++++ b/src/auths/external.c
+@@ -103,7 +103,7 @@ if (expand_nmax == 0) 	/* skip if rxd da
+ if (ob->server_param2)
+   {
+   uschar * s = expand_string(ob->server_param2);
+-  auth_vars[expand_nmax] = s;
++  auth_vars[expand_nmax = 1] = s;
+   expand_nstring[++expand_nmax] = s;
+   expand_nlength[expand_nmax] = Ustrlen(s);
+   if (ob->server_param3)
-- 
cgit v1.2.3