Version in base suite: 2.0-22-gce67c55-1

Base version: csync2_2.0-22-gce67c55-1
Target version: csync2_2.0-22-gce67c55-1+deb10u1
Base file: /srv/ftp-master.debian.org/ftp/pool/main/c/csync2/csync2_2.0-22-gce67c55-1.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/c/csync2/csync2_2.0-22-gce67c55-1+deb10u1.dsc

 changelog                    |    6 ++++++
 patches/CVE-2019-15522.patch |   21 +++++++++++++++++++++
 patches/series               |    1 +
 3 files changed, 28 insertions(+)

diff -Nru csync2-2.0-22-gce67c55/debian/changelog csync2-2.0-22-gce67c55/debian/changelog
--- csync2-2.0-22-gce67c55/debian/changelog	2018-10-06 21:05:46.000000000 +0000
+++ csync2-2.0-22-gce67c55/debian/changelog	2020-04-05 10:55:07.000000000 +0000
@@ -1,3 +1,9 @@
+csync2 (2.0-22-gce67c55-1+deb10u1) buster; urgency=medium
+
+  * Add patch for CVE-2019-15522 (Closes: #955445)
+
+ -- Valentin Vidic <vvidic@debian.org>  Sun, 05 Apr 2020 12:55:07 +0200
+
 csync2 (2.0-22-gce67c55-1) unstable; urgency=medium
 
   * New upstream version 2.0-22-gce67c55
diff -Nru csync2-2.0-22-gce67c55/debian/patches/CVE-2019-15522.patch csync2-2.0-22-gce67c55/debian/patches/CVE-2019-15522.patch
--- csync2-2.0-22-gce67c55/debian/patches/CVE-2019-15522.patch	1970-01-01 00:00:00.000000000 +0000
+++ csync2-2.0-22-gce67c55/debian/patches/CVE-2019-15522.patch	2020-04-05 10:55:07.000000000 +0000
@@ -0,0 +1,21 @@
+From 0ecfc333da51575f188dd7cf6ac4974d13a800b1 Mon Sep 17 00:00:00 2001
+From: Malte Kraus <malte.kraus@suse.com>
+Date: Tue, 13 Aug 2019 11:25:57 +0200
+Subject: [PATCH] fail HELLO command when SSL is required
+
+---
+ daemon.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/daemon.c b/daemon.c
+index 2d8407d..2a1a8af 100644
+--- a/daemon.c
++++ b/daemon.c
+@@ -747,6 +747,7 @@ void csync_daemon_session()
+ 						goto conn_without_ssl_ok;
+ 				}
+ 				cmd_error = conn_response(CR_ERR_SSL_EXPECTED);
++				peer = NULL;
+ 			}
+ conn_without_ssl_ok:;
+ #endif
diff -Nru csync2-2.0-22-gce67c55/debian/patches/series csync2-2.0-22-gce67c55/debian/patches/series
--- csync2-2.0-22-gce67c55/debian/patches/series	2018-04-18 20:30:48.000000000 +0000
+++ csync2-2.0-22-gce67c55/debian/patches/series	2020-04-05 10:55:07.000000000 +0000
@@ -3,3 +3,4 @@
 spelling.patch
 fix-manpage-header.patch
 fix-parallel-build.patch
+CVE-2019-15522.patch