mail-mta/opensmtpd: bump release for urgent security issue

Committing this as stable and removing the old version too, because it's
being exploited in the wild.

Package-Manager: portage-2.2.22

2 files changed, 28 insertions, 0 deletions

diff --git a/mail-mta/opensmtpd/files/opensmtpd-5.7.2-remote-header-crash.patch b/mail-mta/opensmtpd/files/opensmtpd-5.7.2-remote-header-crash.patch
new file mode 100644
index 000000000000..f9da33b5f2aa
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-5.7.2-remote-header-crash.patch
@@ -0,0 +1,26 @@
+diff --git a/smtpd/filter.c b/smtpd/filter.c
+index 062f00f..8af6eab 100644
+--- a/smtpd/filter.c
++++ b/smtpd/filter.c
+@@ -726,7 +726,6 @@ filter_tx_io(struct io *io, int evt)
+ 	struct filter_session	*s = io->arg;
+ 	size_t			 len, n;
+ 	char			*data;
+-	char			buf[65535];
+ 
+ 	log_trace(TRACE_FILTERS, "filter: filter_tx_io(%p, %s)", s, io_strevent(evt));
+ 
+@@ -734,10 +733,9 @@ filter_tx_io(struct io *io, int evt)
+ 	case IO_DATAIN:
+ 		data = iobuf_data(&s->ibuf);
+ 		len = iobuf_len(&s->ibuf);
+-		memmove(buf, data, len);
+-		buf[len] = 0;
+-		log_trace(TRACE_FILTERS, "filter: filter_tx_io: datain (%zu) for req %016"PRIx64": %s",
+-		    len, s->id, buf);
++
++		log_trace(TRACE_FILTERS, "filter: filter_tx_io: datain (%zu) for req %016"PRIx64"",
++		    len, s->id);
+ 
+ 		n = fwrite(data, 1, len, s->ofile);
+ 		if (n != len) {
diff --git a/mail-mta/opensmtpd/opensmtpd-5.7.2_p1.ebuild b/mail-mta/opensmtpd/opensmtpd-5.7.2_p1-r1.ebuild
index fe35e0f7025a..deba857e02ce 100644
--- a/mail-mta/opensmtpd/opensmtpd-5.7.2_p1.ebuild
+++ b/mail-mta/opensmtpd/opensmtpd-5.7.2_p1-r1.ebuild
@@ -47,6 +47,8 @@ src_prepare() {
 	# Use /run instead of /var/run
 	sed -i -e '/pidfile_path/s:_PATH_VARRUN:"/run/":' openbsd-compat/pidfile.c || die
 
+	epatch "${FILESDIR}"/"${PN}"-5.7.2-remote-header-crash.patch
+
 	epatch_user
 	eautoreconf
 }