Version in base suite: 1.00.104-1

Base version: freetds_1.00.104-1
Target version: freetds_1.00.104-1+deb10u1
Base file: /srv/ftp-master.debian.org/ftp/pool/main/f/freetds/freetds_1.00.104-1.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/f/freetds/freetds_1.00.104-1+deb10u1.dsc

 debian/changelog |    7 +++++++
 src/tds/data.c   |    2 ++
 2 files changed, 9 insertions(+)

diff -u freetds-1.00.104/debian/changelog freetds-1.00.104/debian/changelog
--- freetds-1.00.104/debian/changelog
+++ freetds-1.00.104/debian/changelog
@@ -1,3 +1,10 @@
+freetds (1.00.104-1+deb10u1) buster; urgency=medium
+
+  * Non-maintainer upload.
+  * tds: Make sure UDT has varint set to 8 (CVE-2019-13508) (Closes: #944012)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Mon, 27 Jan 2020 17:28:42 +0100
+
 freetds (1.00.104-1) unstable; urgency=medium
 
   * New upstream release.
diff -u freetds-1.00.104/src/tds/data.c freetds-1.00.104/src/tds/data.c
--- freetds-1.00.104/src/tds/data.c
+++ freetds-1.00.104/src/tds/data.c
@@ -1418,6 +1418,7 @@
 	tds_get_string(tds, tds_get_usmallint(tds), NULL, 0);
 
 	col->column_size = 0x7ffffffflu;
+	col->column_varint_size = 8;
 
 	return TDS_SUCCESS;
 }
@@ -1425,6 +1426,7 @@
 TDS_INT
 tds_clrudt_row_len(TDSCOLUMN *col)
 {
+	col->column_varint_size = 8;
 	/* TODO save other fields */
 	return sizeof(TDSBLOB);
 }