128 lines
4.4 KiB
Text
128 lines
4.4 KiB
Text
-----BEGIN PGP SIGNED MESSAGE-----
|
|
Hash: SHA512
|
|
|
|
=============================================================================
|
|
FreeBSD-EN-15:10.iconv Errata Notice
|
|
The FreeBSD Project
|
|
|
|
Topic: Improved iconv(3) UTF-7 support
|
|
|
|
Category: core
|
|
Module: libc/iconv
|
|
Announced: 2015-06-30
|
|
Credits: Tijl Coosemans
|
|
Affects: FreeBSD 10.x
|
|
Corrected: 2015-06-02 09:42:00 UTC (stable/10, 10.1-STABLE)
|
|
2015-06-30 23:21:37 UTC (releng/10.1, 10.1-RELEASE-p14)
|
|
|
|
For general information regarding FreeBSD Errata Notices and Security
|
|
Advisories, including descriptions of the fields above, security
|
|
branches, and the following sections, please visit
|
|
<URL:https://security.freebsd.org/>.
|
|
|
|
I. Background
|
|
|
|
The iconv(3) API allows converting text data from one character set
|
|
encoding to another. Applications first open a converter between two
|
|
encodings using iconv_open(3) and then convert text using iconv(3).
|
|
|
|
UTF-7 is a variable-length character encoding representing Unicode text
|
|
using a stream of ASCII characters.
|
|
|
|
II. Problem Description
|
|
|
|
A defect in the iconv(3) UTF-7 decoding process causes the end of base64
|
|
symbols ("-") to be treated as an incomplete character when they exist
|
|
at the end of the string.
|
|
|
|
III. Impact
|
|
|
|
Applications that use iconv(3) to decode UTF-7 may receive an incorrect
|
|
encoded result.
|
|
|
|
IV. Workaround
|
|
|
|
No workaround is available.
|
|
|
|
V. Solution
|
|
|
|
Perform one of the following:
|
|
|
|
1) Upgrade your system to a supported FreeBSD stable or release / security
|
|
branch (releng) dated after the correction date.
|
|
|
|
2) To update your present system via a binary patch:
|
|
|
|
Systems running a RELEASE version of FreeBSD on the i386 or amd64
|
|
platforms can be updated via the freebsd-update(8) utility:
|
|
|
|
# freebsd-update fetch
|
|
# freebsd-update install
|
|
|
|
3) To update your present system via a source code patch:
|
|
|
|
The following patches have been verified to apply to the applicable
|
|
FreeBSD release branches.
|
|
|
|
a) Download the relevant patch from the location below, and verify the
|
|
detached PGP signature using your PGP utility.
|
|
|
|
# fetch https://security.FreeBSD.org/patches/EN-15:10/iconv.patch
|
|
# fetch https://security.FreeBSD.org/patches/EN-15:10/iconv.patch.asc
|
|
# gpg --verify iconv.patch.asc
|
|
|
|
b) Apply the patch. Execute the following commands as root:
|
|
|
|
# cd /usr/src
|
|
# patch < /path/to/patch
|
|
|
|
c) Recompile the operating system using buildworld and installworld as
|
|
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
|
|
|
|
Restart all deamons using the library, or reboot the system.
|
|
|
|
VI. Correction details
|
|
|
|
The following list contains the correction revision numbers for each
|
|
affected branch.
|
|
|
|
Branch/path Revision
|
|
- -------------------------------------------------------------------------
|
|
stable/10/ r283908
|
|
releng/10.1/ r284985
|
|
- -------------------------------------------------------------------------
|
|
|
|
To see which files were modified by a particular revision, run the
|
|
following command, replacing NNNNNN with the revision number, on a
|
|
machine with Subversion installed:
|
|
|
|
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
|
|
|
|
Or visit the following URL, replacing NNNNNN with the revision number:
|
|
|
|
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
|
|
|
|
VII. References
|
|
|
|
<URL:https://bugs.freebsd.org/200398>
|
|
|
|
The latest revision of this Errata Notice is available at
|
|
https://security.FreeBSD.org/advisories/FreeBSD-EN-15:10.iconv.asc
|
|
|
|
-----BEGIN PGP SIGNATURE-----
|
|
Version: GnuPG v2.1.5 (FreeBSD)
|
|
|
|
iQIcBAEBCgAGBQJVkyZQAAoJEO1n7NZdz2rnue4P/2TGL5ucl/YypMQAcgDxRn77
|
|
3zky6DhJSWx0ydnoCsFNogiK2A9qdw6YHvYMyqwjcVTZ9NpjeXSOnuEgaD6SN9Xj
|
|
elIkvxPkbome8QDJAVsW+amqw1ipfJ4deN4XQqzbRTaNBd0Yo0jsC4S7zjVq+gwE
|
|
0EJ98vYQz8KfOFRW5Y1DlCS2OkapuGHPcxBJsRGoz5Y4Qe8KYDivRDZPJsrhbEWY
|
|
+QF+xjZ+ZDvCl6qBSVcYgsVNeMr6jHjmIS2BYSeWypKmI1LfPgZszOMCZsS/rvAs
|
|
DKsm9N7GcbMVCD0tUWSOQmN1jtfBEoYtgqoHg1/wg5/jTOlcVQgANVMF5p9jqo/Q
|
|
BGBUWfwQACZ4cJI/lXTqUt87Dg1n15JtU011nDCfbK4Ll9ZaYioAisqx2kXdUgBP
|
|
ojP3XMwoFtq2tJGJZLlIG3nWm3IatsOL+vtZxw6N4Y5PVksZeCctFikm7FhsCXjk
|
|
SCVSn3w+rLP1klWSCbqUUtpvRSMP3JZDH7auytvykUZ2pncKAzwhfb+TI9Qqnguk
|
|
RkSDUDnRvLEuwezZOAZ3lErVV/G38zyi6Hn/ODeO0Cg6w70XKdbuWqgf0z3etz7M
|
|
HiHk4dpVNO7S4Y12wNdin1XgXa94s08wyiY7bSGpDaqL22O6CHgd0B+NAsqUqJSx
|
|
lAsbtw23ytA4JwkVwIdf
|
|
=hK2X
|
|
-----END PGP SIGNATURE-----
|