summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFernando J. Pereda <ferdy@gentoo.org>2005-05-26 16:31:37 +0000
committerFernando J. Pereda <ferdy@gentoo.org>2005-05-26 16:31:37 +0000
commit654616a8c16909a04ed22b907f959a960145ed1d (patch)
tree2494264521bbfb35e468b02b7e832acb1ebf05d3 /net-mail/mailutils
parentRemove patch included upstream in 3.4.1. (diff)
downloadgentoo-2-654616a8c16909a04ed22b907f959a960145ed1d.tar.gz
gentoo-2-654616a8c16909a04ed22b907f959a960145ed1d.tar.bz2
gentoo-2-654616a8c16909a04ed22b907f959a960145ed1d.zip
added security patches backported from 0.6.90, wrt #94053. Dropped ~alpha keyword, doesn't compile. Removed vulnerable ebuilds
(Portage version: 2.0.51.19)
Diffstat (limited to 'net-mail/mailutils')
-rw-r--r--net-mail/mailutils/Manifest15
-rw-r--r--net-mail/mailutils/files/digest-mailutils-0.51
-rw-r--r--net-mail/mailutils/files/digest-mailutils-0.6-r1 (renamed from net-mail/mailutils/files/digest-mailutils-0.6)0
-rw-r--r--net-mail/mailutils/files/mailutils-0.5-mh-Makefile.in.patch16
-rw-r--r--net-mail/mailutils/files/mailutils-IDEF0954-IDEF0955.patch72
-rw-r--r--net-mail/mailutils/files/mailutils-IDEF0956.patch18
-rw-r--r--net-mail/mailutils/files/mailutils-IDEF0957.patch16
-rw-r--r--net-mail/mailutils/mailutils-0.6-r1.ebuild (renamed from net-mail/mailutils/mailutils-0.5.ebuild)8
-rw-r--r--net-mail/mailutils/mailutils-0.6.ebuild88
9 files changed, 117 insertions, 117 deletions
diff --git a/net-mail/mailutils/Manifest b/net-mail/mailutils/Manifest
index acc9c07c14b2..f1a843adb542 100644
--- a/net-mail/mailutils/Manifest
+++ b/net-mail/mailutils/Manifest
@@ -1,19 +1,14 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
MD5 058aea5b0edf680f0b01a4d7988c4d09 mailutils-0.6.ebuild 2629
MD5 6c6c449bad2cac47977e500bcdb844c9 mailutils-0.5.ebuild 2621
+MD5 536272ff5fb7020c391277f985ad5be5 mailutils-0.6-r1.ebuild 2779
MD5 5f41971bb0f2df9b1aa619e13f6c3064 ChangeLog 2316
MD5 5721b86fd871bdfab77231abc6e02f68 metadata.xml 161
+MD5 5506f2c85d65395b8e6ebd712e308303 files/mailutils-IDEF0954-IDEF0955.patch 1952
MD5 57cb849f954ba9a185a41751d998d0fd files/mailutils-0.6-mh-Makefile.in.patch 536
MD5 eb67c156401bde48c7d5a23a0bd960df files/mail.rc 271
+MD5 c78624e9d37cb3a280aea7281b6bae45 files/mailutils-IDEF0956.patch 524
MD5 57cb849f954ba9a185a41751d998d0fd files/mailutils-0.5-mh-Makefile.in.patch 536
+MD5 47773bdea3fdc18d485aadf3e41ca9c9 files/mailutils-IDEF0957.patch 590
+MD5 ac9d32bbb54e8d1d2ea52039bea81c29 files/digest-mailutils-0.6-r1 67
MD5 67ce1d29fd43d38b57485205ed97cf11 files/digest-mailutils-0.5 67
MD5 ac9d32bbb54e8d1d2ea52039bea81c29 files/digest-mailutils-0.6 67
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.1 (GNU/Linux)
-
-iD8DBQFChouDViELBEf1JB0RAsoFAJ9+wnqxE1VM2JO4truElRMt2QaqDQCfTH/G
-otqSUmSLvnFy40Spcu5j9mk=
-=/A44
------END PGP SIGNATURE-----
diff --git a/net-mail/mailutils/files/digest-mailutils-0.5 b/net-mail/mailutils/files/digest-mailutils-0.5
deleted file mode 100644
index 8ba57aae240b..000000000000
--- a/net-mail/mailutils/files/digest-mailutils-0.5
+++ /dev/null
@@ -1 +0,0 @@
-MD5 e61b0520eb33d5f155ebb0224bb332a8 mailutils-0.5.tar.bz2 2098183
diff --git a/net-mail/mailutils/files/digest-mailutils-0.6 b/net-mail/mailutils/files/digest-mailutils-0.6-r1
index f0e8fdbea34f..f0e8fdbea34f 100644
--- a/net-mail/mailutils/files/digest-mailutils-0.6
+++ b/net-mail/mailutils/files/digest-mailutils-0.6-r1
diff --git a/net-mail/mailutils/files/mailutils-0.5-mh-Makefile.in.patch b/net-mail/mailutils/files/mailutils-0.5-mh-Makefile.in.patch
deleted file mode 100644
index be0281fa4715..000000000000
--- a/net-mail/mailutils/files/mailutils-0.5-mh-Makefile.in.patch
+++ /dev/null
@@ -1,16 +0,0 @@
---- mh/Makefile.in.orig 2004-07-08 20:56:01.101223522 -0700
-+++ mh/Makefile.in 2004-07-08 20:56:31.499212613 -0700
-@@ -976,11 +976,8 @@
- install-exec-hook: @BUILD_MH_EXEC_HOOK@
-
- mh_finish_install:
-- @here=`pwd`; \
-- cd $(DESTDIR)$(bindir); \
-- rm -f folders; \
-- $(LN_S) folder folders; \
-- cd $$here
-+ rm -f $(DESTDIR)/$(bindir)/folders; \
-+ $(LN_S) folder $(DESTDIR)/$(bindir)/folders
- # Tell versions [3.59,3.63) of GNU make to not export all variables.
- # Otherwise a system limit (for SysV at least) may be exceeded.
- .NOEXPORT:
diff --git a/net-mail/mailutils/files/mailutils-IDEF0954-IDEF0955.patch b/net-mail/mailutils/files/mailutils-IDEF0954-IDEF0955.patch
new file mode 100644
index 000000000000..a8ad412a711f
--- /dev/null
+++ b/net-mail/mailutils/files/mailutils-IDEF0954-IDEF0955.patch
@@ -0,0 +1,72 @@
+===================================================================
+RCS file: /cvsroot/mailutils/cvsroot/mailutils/mailutils/imap4d/util.c,v
+retrieving revision 1.62
+retrieving revision 1.63
+diff -u -r1.62 -r1.63
+--- mailutils/mailutils/imap4d/util.c 2005/01/04 17:16:42 1.62
++++ mailutils/mailutils/imap4d/util.c 2005/05/13 09:39:22 1.63
+@@ -199,13 +199,14 @@
+ {
+ errno = 0;
+ val = strtoul (s, &s, 10);
+- if (val == ULONG_MAX && errno == ERANGE)
++ if ((val == ULONG_MAX && errno == ERANGE) || val > max)
+ {
+ if (*set)
+ free (*set);
+ *n = 0;
+ return EINVAL;
+ }
++
+ if (low)
+ {
+ /* Reverse it. */
+@@ -400,26 +401,40 @@
+ int
+ util_finish (struct imap4d_command *command, int rc, const char *format, ...)
+ {
+- char *tempbuf = NULL;
++ size_t size;
+ char *buf = NULL;
++ char *tempbuf = NULL;
+ int new_state;
+ int status = 0;
+ va_list ap;
+-
+- asprintf (&tempbuf, "%s %s%s %s\r\n", command->tag, sc2string (rc),
+- command->name, format);
++ char *sc = sc2string (rc);
++
+ va_start (ap, format);
+- vasprintf (&buf, tempbuf, ap);
++ vasprintf (&tempbuf, format, ap);
+ va_end (ap);
++ if (!tempbuf)
++ imap4d_bye (ERR_NO_MEM);
++
++ size = strlen (command->tag) + 1 +
++ strlen (sc) + strlen (command->name) + 1 +
++ strlen (tempbuf) + 1;
++ buf = malloc (size);
+ if (!buf)
+ imap4d_bye (ERR_NO_MEM);
++ strcpy (buf, command->tag);
++ strcat (buf, " ");
++ strcat (buf, sc);
++ strcat (buf, command->name);
++ strcat (buf, " ");
++ strcat (buf, tempbuf);
++ free (tempbuf);
+
+ if (daemon_param.transcript)
+- syslog (LOG_DEBUG, "sent: %s", buf);
++ syslog (LOG_DEBUG, "sent: %s\r\n", buf);
+
+- status = stream_sequential_write (ostream, buf, strlen (buf));
++ stream_sequential_write (ostream, buf, strlen (buf));
+ free (buf);
+- free (tempbuf);
++ stream_sequential_write (ostream, "\r\n", 2);
+
+ /* Reset the state. */
+ if (rc == RESP_OK)
diff --git a/net-mail/mailutils/files/mailutils-IDEF0956.patch b/net-mail/mailutils/files/mailutils-IDEF0956.patch
new file mode 100644
index 000000000000..821904ac0047
--- /dev/null
+++ b/net-mail/mailutils/files/mailutils-IDEF0956.patch
@@ -0,0 +1,18 @@
+===================================================================
+RCS file: /cvsroot/mailutils/cvsroot/mailutils/mailutils/imap4d/fetch.c,v
+retrieving revision 1.47
+retrieving revision 1.48
+diff -u -r1.47 -r1.48
+--- mailutils/mailutils/imap4d/fetch.c 2003/07/26 11:07:04 1.47
++++ mailutils/mailutils/imap4d/fetch.c 2005/05/13 09:38:56 1.48
+@@ -1155,6 +1168,10 @@
+ }
+ else
+ util_send (" \"\"");
++ }
++ else if (end + 2 < end) /* Check for integer overflow */
++ {
++ return RESP_BAD;
+ }
+ else
+ {
diff --git a/net-mail/mailutils/files/mailutils-IDEF0957.patch b/net-mail/mailutils/files/mailutils-IDEF0957.patch
new file mode 100644
index 000000000000..2cba9e660ff9
--- /dev/null
+++ b/net-mail/mailutils/files/mailutils-IDEF0957.patch
@@ -0,0 +1,16 @@
+===================================================================
+RCS file: /cvsroot/mailutils/cvsroot/mailutils/mailutils/mailbox/header.c,v
+retrieving revision 1.65
+retrieving revision 1.66
+diff -u -r1.65 -r1.66
+--- mailutils/mailutils/mailbox/header.c 2004/06/02 11:03:36 1.65
++++ mailutils/mailutils/mailbox/header.c 2005/05/13 09:39:57 1.66
+@@ -710,7 +710,7 @@
+ {
+ /* save one for the null */
+ --buflen;
+- len = (len > buflen) ? len : len;
++ len = (len > buflen) ? buflen : len;
+ memcpy (buf, header->hdr[num].fn, len);
+ buf[len] = '\0';
+ }
diff --git a/net-mail/mailutils/mailutils-0.5.ebuild b/net-mail/mailutils/mailutils-0.6-r1.ebuild
index 54f079d02cc7..182a156bbcb0 100644
--- a/net-mail/mailutils/mailutils-0.5.ebuild
+++ b/net-mail/mailutils/mailutils-0.6-r1.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2005 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-mail/mailutils/mailutils-0.5.ebuild,v 1.8 2005/05/14 23:35:59 ferdy Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-mail/mailutils/mailutils-0.6-r1.ebuild,v 1.1 2005/05/26 16:31:37 ferdy Exp $
inherit eutils
DESCRIPTION="A useful collection of mail servers, clients, and filters."
@@ -8,11 +8,12 @@ HOMEPAGE="http://www.gnu.org/software/mailutils/mailutils.html"
SRC_URI="http://ftp.gnu.org/gnu/mailutils/${P}.tar.bz2"
LICENSE="GPL-2 LGPL-2.1"
SLOT="0"
-KEYWORDS="~alpha ~ppc x86"
+KEYWORDS="~ppc ~sparc x86"
IUSE="mailwrapper nls pam mysql postgres gdbm"
PROVIDE="virtual/mailx"
DEPEND="!virtual/mailx
!mail-client/nmh
+ !mail-client/elm
dev-util/guile
gdbm? ( sys-libs/gdbm )
mysql? ( dev-db/mysql )
@@ -40,6 +41,9 @@ src_unpack() {
cd ${S}
epatch ${FILESDIR}/${P}-mh-Makefile.in.patch
+ epatch ${FILESDIR}/${PN}-IDEF0954-IDEF0955.patch
+ epatch ${FILESDIR}/${PN}-IDEF0956.patch
+ epatch ${FILESDIR}/${PN}-IDEF0957.patch
}
src_compile() {
diff --git a/net-mail/mailutils/mailutils-0.6.ebuild b/net-mail/mailutils/mailutils-0.6.ebuild
deleted file mode 100644
index 5552baab1117..000000000000
--- a/net-mail/mailutils/mailutils-0.6.ebuild
+++ /dev/null
@@ -1,88 +0,0 @@
-# Copyright 1999-2005 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-mail/mailutils/mailutils-0.6.ebuild,v 1.3 2005/05/14 23:35:59 ferdy Exp $
-
-inherit eutils
-DESCRIPTION="A useful collection of mail servers, clients, and filters."
-HOMEPAGE="http://www.gnu.org/software/mailutils/mailutils.html"
-SRC_URI="http://ftp.gnu.org/gnu/mailutils/${P}.tar.bz2"
-LICENSE="GPL-2 LGPL-2.1"
-SLOT="0"
-KEYWORDS="~alpha ~ppc ~sparc ~x86"
-IUSE="mailwrapper nls pam mysql postgres gdbm"
-PROVIDE="virtual/mailx"
-DEPEND="!virtual/mailx
- !mail-client/nmh
- dev-util/guile
- gdbm? ( sys-libs/gdbm )
- mysql? ( dev-db/mysql )
- postgres? ( dev-db/postgresql )
- nls? ( sys-devel/gettext )
- virtual/mta"
-
-pkg_setup() {
- # Default to MySQL if USE="mysql postgres', bug #58162.
- if use mysql && use postgres; then
- echo
- ewarn "You have both 'mysql' and 'postgres' in your USE flags."
- ewarn "Portage will build this package with MySQL support."
- echo
- ewarn "If this is not what you want; please hit Control-C now;"
- ewarn "change you USE flags then emerge this package again."
- echo
- ewarn "Waiting 30 seconds before continuing..."
- ewarn "(Control-C to abort)..."
- epause 30
- fi
-}
-src_unpack() {
- unpack ${A}
- cd ${S}
-
- epatch ${FILESDIR}/${P}-mh-Makefile.in.patch
-}
-
-src_compile() {
-
- local myconf="--localstatedir=/var --sharedstatedir=/var --enable-mh-utils"
-
- # bug in autoconf logic treats both --with and --without as set,
- # so we cannot do use_with
- # use mysql && myconf="${myconf} --with-mysql"
- # use postgres && myconf="${myconf} --with-postgres"
- if use mysql && use postgres; then
- einfo "build with MySQL support."
- myconf="${myconf} --with-mysql"
- elif use mysql; then
- einfo "build with MySQL support."
- myconf="${myconf} --with-mysql"
- elif use postgres; then
- einfo "build with PotsgreSQL support."
- myconf="${myconf} --with-postgres"
- fi
-
- # do not disable-sendmail for postfix user w/o mailwrapper, bug #44249.
- mymta=$(best_version virtual/mta)
- mymta=${mymta%-[0-9]*}
- mymta=${mymta##*\/}
- if ! use mailwrapper && [ "$mymta" == "postfix" ]; then
- myconf="${myconf} --enable-sendmail"
- einfo "My MTA is: $mymta"
- einfo "enable-sendmail"
- else
- myconf="${myconf} --disable-sendmail"
- einfo "My MTA is: $mymta"
- einfo "disable-sendmail"
- fi
-
- myconf="${myconf} $(use_enable nls) $(use_enable pam) $(use_enable gdbm)"
- econf ${myconf} || die "configure failed"
- emake || die "compile failed"
-}
-
-src_install() {
- make DESTDIR=${D} install || die
- # mail.rc stolen from mailx, resolve bug #37302.
- insinto /etc
- doins "${FILESDIR}/mail.rc"
-}