Hi Aris, we would prefer something like patchsets, self contained. If this is not possible we can go with one of following options: 1) post to devel or me privately exposed git repo url so that we can take some parts if needed 2) split patches for example for gwlib, gw, wap, etc and post it here for review
Thanks for your work and looking forward to see your patches. Alex Am 05.02.2013 um 13:49 schrieb Aris Adamantiadis <[email protected]>: > Dear Kannel developers, > > During a security audit of Kannel, we identified several weaknesses in > the code, mostly unsafe C functions or data copying used without bound > checkings. These patches currently run in production on our site, but > we'd prefer to give them out to the community (and this makes our update > process easier as well). > > What is the best way to provide you with these patches ? Currently, they > are being tracked in a local git repository. I can make the work of > porting them to the latest subversion repository, but you would still > need someone to review and publish them on your svn. > > How can we proceed ? > > Kind regards, > > Aris Adamantiadis > > output of "git diff old_prod..new_prod --stat": > > addons/opensmppbox/gw/opensmppbox.c | 2 +- > gw/smsbox.c | 6 +- > gw/smsc/smsc.c | 2 +- > gw/smsc/smsc_at.c | 6 +- > gw/smsc/smsc_cgw.c | 2 +- > gw/smsc/smsc_cimd.c | 47 ++++++------ > gw/smsc/smsc_cimd2.c | 4 +- > gw/smsc/smsc_emi_x25.c | 74 +++++++++--------- > gw/smsc/smsc_ois.c | 140 > +++++++++++++++++------------------ > gw/smsc/smsc_sema.c | 66 ++++++++++------- > gw/smsc/smsc_sema.h | 2 +- > gw/smsc/smsc_soap.c | 27 ++++--- > gw/wap-appl.c | 10 ++- > gw/wap_push_ppg.c | 10 ++- > gwlib/accesslog.c | 6 +- > gwlib/conn.c | 2 +- > gwlib/date.c | 2 +- > gwlib/gw_uuid.c | 6 +- > gwlib/gwthread-pthread.c | 2 +- > gwlib/log.c | 33 +++++---- > gwlib/octstr.c | 4 +- > gwlib/utils.c | 13 ---- > gwlib/utils.h | 6 -- > test/fakewap.c | 8 +- > utils/run_kannel_box.c | 2 +- > utils/seewbmp.c | 8 +- > utils/start-stop-daemon.c | 26 ++++--- > wap/cookies.c | 8 +- > wap/wsp_session.c | 4 +- > wmlscript/wsstream_data.c | 12 +-- > wmlscript/wsstream_file.c | 6 +- > 31 files changed, 288 insertions(+), 258 deletions(-) >
