diff options
| author |   Robin H. Johnson <robbat2@gentoo.org> | 2013-08-09 16:45:16 +0000 |
|---|---|---|
| committer | Robin H. Johnson <robbat2@gentoo.org> | 2013-08-09 16:45:16 +0000 |
| commit | 10ff114b3a1ca8aff6d18dd637ce9153a408c6c4 (patch) | |
| tree | 685b718be493ad6f349e0936f77e10bca2bc6a6b /mail-mta/nullmailer | |
| parent | Bump to fix security bug #480376, /etc/nullmailer/remotes world-readable (diff) | |
| download | historical-10ff114b3a1ca8aff6d18dd637ce9153a408c6c4.tar.gz historical-10ff114b3a1ca8aff6d18dd637ce9153a408c6c4.tar.bz2 historical-10ff114b3a1ca8aff6d18dd637ce9153a408c6c4.zip | |
Bump to fix security bug #480376, /etc/nullmailer/remotes world-readable (backport to stable)
Package-Manager: portage-2.2.0_alpha177/cvs/Linux x86_64
Diffstat (limited to 'mail-mta/nullmailer')
| -rw-r--r-- | mail-mta/nullmailer/ChangeLog | 9 | ||||
| -rw-r--r-- | mail-mta/nullmailer/Manifest | 5 | ||||
| -rw-r--r-- | mail-mta/nullmailer/nullmailer-1.11-r2.ebuild | 132 | ||||
| -rw-r--r-- | mail-mta/nullmailer/nullmailer-1.13-r1.ebuild | 4 |
4 files changed, 145 insertions, 5 deletions
diff --git a/mail-mta/nullmailer/ChangeLog b/mail-mta/nullmailer/ChangeLog index da18eaba2d16..45acd84d57ee 100644 --- a/mail-mta/nullmailer/ChangeLog +++ b/mail-mta/nullmailer/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for mail-mta/nullmailer # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/mail-mta/nullmailer/ChangeLog,v 1.67 2013/08/09 16:42:54 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-mta/nullmailer/ChangeLog,v 1.68 2013/08/09 16:45:11 robbat2 Exp $ + +*nullmailer-1.11-r2 (09 Aug 2013) + + 09 Aug 2013; Robin H. Johnson <robbat2@gentoo.org> +nullmailer-1.11-r2.ebuild, + nullmailer-1.13-r1.ebuild: + Bump to fix security bug #480376, /etc/nullmailer/remotes world-readable + (backport to stable) *nullmailer-1.13-r1 (09 Aug 2013) diff --git a/mail-mta/nullmailer/Manifest b/mail-mta/nullmailer/Manifest index 3b3cd17ad431..8438f27f5529 100644 --- a/mail-mta/nullmailer/Manifest +++ b/mail-mta/nullmailer/Manifest @@ -8,8 +8,9 @@ DIST nullmailer-1.11.tar.gz 203239 SHA256 bf61c839b5f0927e0998c6183f229fa644f971 DIST nullmailer-1.13.tar.gz 205431 SHA256 3f8861ebb1b46cea0a1caf1e6236e1e0d2a5a91def19551b7cad12eab676277d SHA512 96dcb3ddecde77a73e5ca1afa5167d35f965d04999f02cc2ef60b54ea7eb7a006e5cf5678fc34a54d4be4f9fd71bd0f784a8671aca40c70dbc307666c548e1d7 WHIRLPOOL b041f7cc33a257fad11c5f4c9bf74f8d849d9c45f0dc19be28268462b9d029c07e1d5802698e647a4208d5f66cac2177a1d12e49a03caac51e0244c3f9a0599c DIST nullmailer_1.11-1.debian.tar.gz 33187 SHA256 86d64b37220c4e92680509152b20d08c2702ad313350b8e65dd1d754bd1b76c9 SHA512 67bdb686bc62ff924c2d4b1aac2f528d51e4d7b0d72df438b3197d7a8b3fd6a875be7eb681e092c024ed3d47ba5ed5e5b0bca4f4d07200ca4bbbdbe8fea4c2c9 WHIRLPOOL c2661a17fcf6686825079063d55500a4095b6bc6938729247fc1ef78c2476e352ee9101d56f8d082d537d2e8cab99e5e12eee6195d5c1c891f41f327fde79121 EBUILD nullmailer-1.11-r1.ebuild 3980 SHA256 405933fd64da2b55b0bed92eab271c4ba30bb4248445254129550fdb9c876f75 SHA512 0ac9a9f48188fe8f1da7ebcb463d4b80c9d2f2bd583d0da78b5f65da789c11c77cf08fd2034da00fb873fdaee1eb91d39af5d00132c640e584460137ba184b6d WHIRLPOOL ab23a28795b52044293f0392aff94e250e8502416dd93c26c196f9eed4a7cedb9d57f92ee5f79a3f59ae36fdabcf6e327a35f7189d0320a03829713edc3bc43c +EBUILD nullmailer-1.11-r2.ebuild 4248 SHA256 18f7410ef3ec80dc3c7c127ce47041226752da9bf28af8ff44825e963901668d SHA512 c5c80a756a16e83fc192688b9df28c2bd9f296ad89fac254525b5881df9e5ab091be3b484b07aece9607af509b02b134160003dde54e6cc50bba0c021b200a27 WHIRLPOOL 3fc8e2fd81f379632a74f6e5f84dcf180e28fe24509ed79435b79906e8fa8fb2e65c860b2947bd0f904361cbd5dac4879f7f8295f7276504739be65052f1752d EBUILD nullmailer-1.11.ebuild 3923 SHA256 0c502a2cde5087c866fb97fbbe490061e885a991abca6b1c33bab2398734d65d SHA512 9c72b5adb7556b1aa612fe5e6846a521f3199dc3af3776aad370cf512b7da2392b63a6c12d32c6b9591d4880ee989dc205289c1f8078863b5a18ac0dd48eb3c2 WHIRLPOOL 742e4b5be4fbce108cde144b11a0479a542e6d2edd4b5a2e62f5f049febd93330c25f3912682e0256e7c707758765697f6a8ea8054c35cf7f8ef6ba947bd51fb -EBUILD nullmailer-1.13-r1.ebuild 4293 SHA256 a687fc457bed5d4690d7083ac6516b38c1798cee416f67d135134986c26c8382 SHA512 0aa1a5c98a01592bd9a8752fd7c4151f139d54b955d716a473ee016962beac40897a29618e66249eba6dace6ed718fb71d626a8200b04835232590b642e32dd8 WHIRLPOOL ff79308765854a99bfd08b70fee21cac441450cd7a93ae5bb0af4779493927c79b968abb1b7f986cfa9f045ac10f8aa670be71578120d37075dac077e229291c +EBUILD nullmailer-1.13-r1.ebuild 4292 SHA256 13f7893433410daae9a371690de77e3de2ad76ba188f7b80ead585335d28d5b2 SHA512 514fdcc3ccffde83f5997ad8705231dd2c1c88554ca73edca3b08ede517ad841c1972ea42b60478f9f982a56091f10f4e5a741b397932a35be88c8cd89de3723 WHIRLPOOL ab139a1415a8c2608eb6d75aa9c044f32228176f7296c0b47c83e6b92c09ccb17ecca592caf8838fbab25f70eb9e5fcf519b40bc76f703d0d2d9fd50606a8580 EBUILD nullmailer-1.13.ebuild 4024 SHA256 5db8e604c3cb9a624ee06a669689152aacf3f52a6e9c6a6661f4ad51abd16496 SHA512 4b56e18ba4aeed2dc14a18c945ba88311c06b4bbaf38630808c8521e4b28f5d2b4a175a72ac213a0eaca1f3a9b9c19e3591430f8ad94f6655c173d1725c171dc WHIRLPOOL bf3017642dd57d7f029c09c3ebe7b6c121d3bcc6f51977cb83b1209334d2a245e440f7b0580c209ee129404ffc2d34ad381599c85a51b67cf29d95581e93fb43 -MISC ChangeLog 12621 SHA256 8f183649ff1b9ef6eb078029cc5ba2b47e7eb5dcc06ed63487e4624fe21c0fe1 SHA512 5faf1231e38f934416aa02b8b40cba808de066c9a73289723b14fc8dbdf732408787038c8fddd930f55296f10032dab44892a49f6f9ba141d08b0ff2ae254c69 WHIRLPOOL c6aa3f83e147fc462a06c42ed3c2df0cbdeef12731898b8ab0ab8c37153d9932d963a5b7f467bb436980fcae9b7729758c10c1ffee9fe51e4d9c332c3773ed4c +MISC ChangeLog 12865 SHA256 4aa2b2174985caa7d09ef8f4268ab77eee9c4b942e9f84b32332da1ef25304f8 SHA512 53824e184eba21d4fff3ecf86dff252b64921d44da844f3d26abfceb2540c6afc88a63087d09079fd83ebd566b6f64a597d9b66e023b400465347b1210b003d0 WHIRLPOOL 2749066b45ec9afbad5249d3b3685c0eea7e60a50f21205611e843108e448c339196be84ce9eeb9cbda2e44837091f620537e25c999646f4f253b2cc5f0f4d8c MISC metadata.xml 266 SHA256 38cdb0bc3e04f07076b7e05385fb2e6fc0f8612bd4f95705c6d074798c7d2f2e SHA512 8ee40378a6f599e559b588a4fd4df8ffa3bb715ab79c3039e8824282ffd7030d6aa71288d2e20f768c9c39dae6b9a87969972ec1c0261c18c867e937c0d88d23 WHIRLPOOL b5c68a36c2fe07a7be08116af25dfc5f8a6e957b8c4376c5a19edb1abfeafec0d32af7515a3c898f18c35bf54e8860ed74113a509f86333e78ccfd52f0728f00 diff --git a/mail-mta/nullmailer/nullmailer-1.11-r2.ebuild b/mail-mta/nullmailer/nullmailer-1.11-r2.ebuild new file mode 100644 index 000000000000..c815f79ef8ee --- /dev/null +++ b/mail-mta/nullmailer/nullmailer-1.11-r2.ebuild @@ -0,0 +1,132 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/mail-mta/nullmailer/nullmailer-1.11-r2.ebuild,v 1.1 2013/08/09 16:45:11 robbat2 Exp $ + +EAPI=4 +WANT_AUTOMAKE="1.10.3" +inherit eutils flag-o-matic autotools user multilib + +MY_P="${P/_rc/RC}" +S=${WORKDIR}/${MY_P} +DEBIAN_PV=1.11 +DEBIAN_PR="1" +DEBIAN_P="${PN}-${DEBIAN_PV}" +DEBIAN_PF="${DEBIAN_P/-/_}-${DEBIAN_PR}" +DEBIAN_SRC="${DEBIAN_PF}.debian.tar.gz" +DESCRIPTION="Simple relay-only local mail transport agent" +SRC_URI="http://untroubled.org/${PN}/archive/${MY_P}.tar.gz + mirror://debian/pool/main/n/${PN}/${DEBIAN_SRC}" +HOMEPAGE="http://untroubled.org/nullmailer/" + +SLOT="0" +LICENSE="GPL-2" +KEYWORDS="~amd64 ~ppc ~x86" + +IUSE="ssl" + +DEPEND="sys-apps/groff + ssl? ( net-libs/gnutls )" +RDEPEND="virtual/shadow + virtual/logger + ssl? ( net-libs/gnutls ) + !mail-mta/courier + !mail-mta/esmtp + !mail-mta/exim + !mail-mta/mini-qmail + !mail-mta/msmtp + !mail-mta/netqmail + !mail-mta/postfix + !mail-mta/qmail-ldap + !mail-mta/sendmail + !mail-mta/opensmtpd + !mail-mta/ssmtp" + +src_prepare() { + sed -i -e 's/nullmailer-1.10/nullmailer-1.11/g' \ + "${WORKDIR}"/debian/patches/*.diff || die + EPATCH_OPTS="-d ${S} -p1" \ + epatch "${DISTDIR}"/${DEBIAN_SRC} + # why revert? Ask Robin when he is back! + EPATCH_OPTS="-d ${WORKDIR} -p0 -R" \ + epatch "${WORKDIR}"/debian/patches/02_ipv6.diff + # this fixes the debian daemon/syslog to actually compile + sed -i.orig \ + -e '/^nullmailer_send_LDADD/s, =, = ../lib/cli++/libcli++.a,' \ + "${S}"/src/Makefile.am || die "Sed failed" + eautoreconf +} + +pkg_setup() { + enewgroup nullmail 88 + enewuser nullmail 88 -1 /var/nullmailer nullmail +} + +src_configure() { + # Note that we pass a different directory below due to bugs in the makefile! + econf \ + --localstatedir=/var \ + $(use_enable ssl tls) +} + +src_install () { + einstall localstatedir="${D}"/var/nullmailer + dodoc AUTHORS BUGS HOWTO INSTALL ChangeLog NEWS README TODO + # A small bit of sample config + insinto /etc/nullmailer + newins "${FILESDIR}"/remotes.sample-${PV} remotes + # This contains passwords, so should be secure + fperms 0640 /etc/nullmailer/remotes + fowners root:nullmail /etc/nullmailer/remotes + # daemontools stuff + dodir /var/nullmailer/service{,/log} + insinto /var/nullmailer/service + newins scripts/nullmailer.run run + fperms 700 /var/nullmailer/service/run + insinto /var/nullmailer/service/log + newins scripts/nullmailer-log.run run + fperms 700 /var/nullmailer/service/log/run + # usability + dodir /usr/$(get_libdir) + dosym /usr/sbin/sendmail usr/$(get_libdir)/sendmail + # permissions stuff + keepdir /var/log/nullmailer /var/nullmailer/{tmp,queue} + fperms 770 /var/log/nullmailer /var/nullmailer/{tmp,queue} + fowners nullmail:nullmail /usr/sbin/nullmailer-queue /usr/bin/mailq + fperms 4711 /usr/sbin/nullmailer-queue /usr/bin/mailq + fowners nullmail:nullmail /var/log/nullmailer /var/nullmailer/{tmp,queue,trigger} + fperms 660 /var/nullmailer/trigger + newinitd "${FILESDIR}"/init.d-nullmailer-r2 nullmailer +} + +pkg_postinst() { + [ ! -e "${ROOT}"/var/nullmailer/trigger ] && mkfifo "${ROOT}"/var/nullmailer/trigger + chown nullmail:nullmail "${ROOT}"/var/log/nullmailer "${ROOT}"/var/nullmailer/{tmp,queue,trigger} + chmod 770 "${ROOT}"/var/log/nullmailer "${ROOT}"/var/nullmailer/{tmp,queue} + chmod 660 "${ROOT}"/var/nullmailer/trigger + + # This contains passwords, so should be secure + chmod 0640 /etc/nullmailer/remotes + chown root:nullmail /etc/nullmailer/remotes + + if [[ -z ${REPLACING_VERSIONS} ]]; then + elog "To create an initial setup, please do:" + elog "emerge --config =${CATEGORY}/${PF}" + fi + #echo + #elog "To start nullmailer at boot you may use either the nullmailer init.d" + #elog "script, or emerge sys-process/supervise-scripts, enable the" + #elog "svscan init.d script and create the following link:" + #elog "ln -fs /var/nullmailer/service /service/nullmailer" + #echo +} + +pkg_config() { + if [ ! -s "${ROOT}"/etc/nullmailer/me ]; then + einfo "Setting /etc/nullmailer/me" + /bin/hostname --fqdn > "${ROOT}"/etc/nullmailer/me + fi + if [ ! -s "${ROOT}"/etc/nullmailer/defaultdomain ]; then + einfo "Setting /etc/nullmailer/defaultdomain" + /bin/hostname --domain > "${ROOT}"/etc/nullmailer/defaultdomain + fi +} diff --git a/mail-mta/nullmailer/nullmailer-1.13-r1.ebuild b/mail-mta/nullmailer/nullmailer-1.13-r1.ebuild index 4d1b3efa71ae..f6562660eb11 100644 --- a/mail-mta/nullmailer/nullmailer-1.13-r1.ebuild +++ b/mail-mta/nullmailer/nullmailer-1.13-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2013 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/mail-mta/nullmailer/nullmailer-1.13-r1.ebuild,v 1.1 2013/08/09 16:42:54 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-mta/nullmailer/nullmailer-1.13-r1.ebuild,v 1.2 2013/08/09 16:45:11 robbat2 Exp $ EAPI=5 @@ -108,7 +108,7 @@ pkg_postinst() { chown nullmail:nullmail "${ROOT}"/var/log/nullmailer "${ROOT}"/var/nullmailer/{tmp,queue,trigger} chmod 770 "${ROOT}"/var/log/nullmailer "${ROOT}"/var/nullmailer/{tmp,queue} chmod 660 "${ROOT}"/var/nullmailer/trigger - + # This contains passwords, so should be secure chmod 0640 /etc/nullmailer/remotes chown root:nullmail /etc/nullmailer/remotes |