Hmm... We wouldn't hate it entirely if the git system were to be used as the de facto change/repo system for kannel...
----- Original Message ----- From: Aris Adamantiadis <[email protected]> To: [email protected] Sent: Tue, 05 Feb 2013 12:49:47 -0000 (UTC) Subject: Multiple patches for Kannel Dear Kannel developers, During a security audit of Kannel, we identified several weaknesses in the code, mostly unsafe C functions or data copying used without bound checkings. These patches currently run in production on our site, but we'd prefer to give them out to the community (and this makes our update process easier as well). What is the best way to provide you with these patches ? Currently, they are being tracked in a local git repository. I can make the work of porting them to the latest subversion repository, but you would still need someone to review and publish them on your svn. How can we proceed ? Kind regards, Aris Adamantiadis output of "git diff old_prod..new_prod --stat": addons/opensmppbox/gw/opensmppbox.c | 2 +- gw/smsbox.c | 6 +- gw/smsc/smsc.c | 2 +- gw/smsc/smsc_at.c | 6 +- gw/smsc/smsc_cgw.c | 2 +- gw/smsc/smsc_cimd.c | 47 ++++++------ gw/smsc/smsc_cimd2.c | 4 +- gw/smsc/smsc_emi_x25.c | 74 +++++++++--------- gw/smsc/smsc_ois.c | 140 +++++++++++++++++------------------ gw/smsc/smsc_sema.c | 66 ++++++++++------- gw/smsc/smsc_sema.h | 2 +- gw/smsc/smsc_soap.c | 27 ++++--- gw/wap-appl.c | 10 ++- gw/wap_push_ppg.c | 10 ++- gwlib/accesslog.c | 6 +- gwlib/conn.c | 2 +- gwlib/date.c | 2 +- gwlib/gw_uuid.c | 6 +- gwlib/gwthread-pthread.c | 2 +- gwlib/log.c | 33 +++++---- gwlib/octstr.c | 4 +- gwlib/utils.c | 13 ---- gwlib/utils.h | 6 -- test/fakewap.c | 8 +- utils/run_kannel_box.c | 2 +- utils/seewbmp.c | 8 +- utils/start-stop-daemon.c | 26 ++++--- wap/cookies.c | 8 +- wap/wsp_session.c | 4 +- wmlscript/wsstream_data.c | 12 +-- wmlscript/wsstream_file.c | 6 +- 31 files changed, 288 insertions(+), 258 deletions(-)
