1 files changed, 79 insertions, 0 deletions
diff --git a/community/libetpan/CVE-2020-15953.patch b/community/libetpan/CVE-2020-15953.patch
new file mode 100644
index 0000000000..e02b000aad
--- /dev/null
+++ b/community/libetpan/CVE-2020-15953.patch
@@ -0,0 +1,79 @@
+From 1002a0121a8f5a9aee25357769807f2c519fa50b Mon Sep 17 00:00:00 2001
+From: Damian Poddebniak <duesee@users.noreply.github.com>
+Date: Fri, 24 Jul 2020 19:39:53 +0200
+Subject: [PATCH] Detect extra data after STARTTLS response and exit (#387)
+---
+ src/low-level/imap/mailimap.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+diff --git a/src/low-level/imap/mailimap.c b/src/low-level/imap/mailimap.c
+index bb17119d..4ffcf55d 100644
+--- a/src/low-level/imap/mailimap.c
+++ b/src/low-level/imap/mailimap.c
+@@ -2428,6 +2428,13 @@ int mailimap_starttls(mailimap * session)
+ 
+   mailimap_response_free(response);
+ 
+  // Detect if the server send extra data after the STARTTLS response.
+  // This *may* be a "response injection attack".
+  if (session->imap_stream->read_buffer_len != 0) {
+      // Since it is also an IMAP protocol violation, exit.
+      return MAILIMAP_ERROR_STARTTLS;
+  }
+
+   switch (error_code) {
+   case MAILIMAP_RESP_COND_STATE_OK:
+     return MAILIMAP_NO_ERROR;
+From 298460a2adaabd2f28f417a0f106cb3b68d27df9 Mon Sep 17 00:00:00 2001
+From: Fabian Ising <Murgeye@users.noreply.github.com>
+Date: Fri, 24 Jul 2020 19:40:48 +0200
+Subject: [PATCH] Detect extra data after STARTTLS responses in SMTP and POP3
+ and exit (#388)
+* Detect extra data after STLS response and return error
+* Detect extra data after SMTP STARTTLS response and return error
+---
+ src/low-level/pop3/mailpop3.c | 8 ++++++++
+ src/low-level/smtp/mailsmtp.c | 8 ++++++++
+ 2 files changed, 16 insertions(+)
+diff --git a/src/low-level/pop3/mailpop3.c b/src/low-level/pop3/mailpop3.c
+index ab9535be..e2124bf8 100644
+--- a/src/low-level/pop3/mailpop3.c
+++ b/src/low-level/pop3/mailpop3.c
+@@ -959,6 +959,14 @@ int mailpop3_stls(mailpop3 * f)
+ 
+   if (r != RESPONSE_OK)
+     return MAILPOP3_ERROR_STLS_NOT_SUPPORTED;
+
+  // Detect if the server send extra data after the STLS response.
+  // This *may* be a "response injection attack".
+  if (f->pop3_stream->read_buffer_len != 0) {
+    // Since it is also protocol violation, exit.
+    // There is no error type for STARTTLS errors in POP3
+    return MAILPOP3_ERROR_SSL;
+  }
+   
+   return MAILPOP3_NO_ERROR;
+ }
+diff --git a/src/low-level/smtp/mailsmtp.c b/src/low-level/smtp/mailsmtp.c
+index b7fc459e..3145cadf 100644
+--- a/src/low-level/smtp/mailsmtp.c
+++ b/src/low-level/smtp/mailsmtp.c
+@@ -1111,6 +1111,14 @@ int mailesmtp_starttls(mailsmtp * session)
+     return MAILSMTP_ERROR_STREAM;
+   r = read_response(session);
+ 
+  // Detect if the server send extra data after the STARTTLS response.
+  // This *may* be a "response injection attack".
+  if (session->stream->read_buffer_len != 0) {
+    // Since it is also protocol violation, exit.
+    // There is no general error type for STARTTLS errors in SMTP
+    return MAILSMTP_ERROR_SSL;
+  }
+
+   switch (r) {
+   case 220:
+     return MAILSMTP_NO_ERROR;

diff --git a/community/libetpan/CVE-2020-15953.patch b/community/libetpan/CVE-2020-15953.patch new file mode 100644 index 0000000000..e02b000aad --- /dev/null +++ b/community/libetpan/CVE-2020-15953.patch
@@ -0,0 +1,79 @@
	1	From 1002a0121a8f5a9aee25357769807f2c519fa50b Mon Sep 17 00:00:00 2001
	2	From: Damian Poddebniak <duesee@users.noreply.github.com>
	3	Date: Fri, 24 Jul 2020 19:39:53 +0200
	4	Subject: [PATCH] Detect extra data after STARTTLS response and exit (#387)
	5
	6	---
	7	src/low-level/imap/mailimap.c \| 7 +++++++
	8	1 file changed, 7 insertions(+)
	9
	10	diff --git a/src/low-level/imap/mailimap.c b/src/low-level/imap/mailimap.c
	11	index bb17119d..4ffcf55d 100644
	12	--- a/src/low-level/imap/mailimap.c
	13	+++ b/src/low-level/imap/mailimap.c
	14	@@ -2428,6 +2428,13 @@ int mailimap_starttls(mailimap * session)
	15
	16	mailimap_response_free(response);
	17
	18	+ // Detect if the server send extra data after the STARTTLS response.
	19	+ // This may be a "response injection attack".
	20	+ if (session->imap_stream->read_buffer_len != 0) {
	21	+ // Since it is also an IMAP protocol violation, exit.
	22	+ return MAILIMAP_ERROR_STARTTLS;
	23	+ }
	24	+
	25	switch (error_code) {
	26	case MAILIMAP_RESP_COND_STATE_OK:
	27	return MAILIMAP_NO_ERROR;
	28	From 298460a2adaabd2f28f417a0f106cb3b68d27df9 Mon Sep 17 00:00:00 2001
	29	From: Fabian Ising <Murgeye@users.noreply.github.com>
	30	Date: Fri, 24 Jul 2020 19:40:48 +0200
	31	Subject: [PATCH] Detect extra data after STARTTLS responses in SMTP and POP3
	32	and exit (#388)
	33
	34	* Detect extra data after STLS response and return error
	35
	36	* Detect extra data after SMTP STARTTLS response and return error
	37	---
	38	src/low-level/pop3/mailpop3.c \| 8 ++++++++
	39	src/low-level/smtp/mailsmtp.c \| 8 ++++++++
	40	2 files changed, 16 insertions(+)
	41
	42	diff --git a/src/low-level/pop3/mailpop3.c b/src/low-level/pop3/mailpop3.c
	43	index ab9535be..e2124bf8 100644
	44	--- a/src/low-level/pop3/mailpop3.c
	45	+++ b/src/low-level/pop3/mailpop3.c
	46	@@ -959,6 +959,14 @@ int mailpop3_stls(mailpop3 * f)
	47
	48	if (r != RESPONSE_OK)
	49	return MAILPOP3_ERROR_STLS_NOT_SUPPORTED;
	50	+
	51	+ // Detect if the server send extra data after the STLS response.
	52	+ // This may be a "response injection attack".
	53	+ if (f->pop3_stream->read_buffer_len != 0) {
	54	+ // Since it is also protocol violation, exit.
	55	+ // There is no error type for STARTTLS errors in POP3
	56	+ return MAILPOP3_ERROR_SSL;
	57	+ }
	58
	59	return MAILPOP3_NO_ERROR;
	60	}
	61	diff --git a/src/low-level/smtp/mailsmtp.c b/src/low-level/smtp/mailsmtp.c
	62	index b7fc459e..3145cadf 100644
	63	--- a/src/low-level/smtp/mailsmtp.c
	64	+++ b/src/low-level/smtp/mailsmtp.c
	65	@@ -1111,6 +1111,14 @@ int mailesmtp_starttls(mailsmtp * session)
	66	return MAILSMTP_ERROR_STREAM;
	67	r = read_response(session);
	68
	69	+ // Detect if the server send extra data after the STARTTLS response.
	70	+ // This may be a "response injection attack".
	71	+ if (session->stream->read_buffer_len != 0) {
	72	+ // Since it is also protocol violation, exit.
	73	+ // There is no general error type for STARTTLS errors in SMTP
	74	+ return MAILSMTP_ERROR_SSL;
	75	+ }
	76	+
	77	switch (r) {
	78	case 220:
	79	return MAILSMTP_NO_ERROR;