Branches for Wheezy

Author: Markus Koschany
Revision Date: 2014-02-11 14:27:45 UTC

* Fix CVE-2012-5645 and CVE-2012-6083.
  - CVE-2012-5645: Added return value indicating success or failure for all
    dio_get_xxx() functions, and check that value to avoid infinite loop in
    reading arrays from network when there's no more data even though it's
    expected.
  - CVE-2012-6083: Sanity check packet length received over network against
    values less than header length alone to avoid situation where body length
    is considered negative.