diff options
| author | snj <snj@pkgsrc.org> | 2006-03-11 04:10:26 +0000 |
|---|---|---|
| committer | snj <snj@pkgsrc.org> | 2006-03-11 04:10:26 +0000 |
| commit | 4448faae6855560b95ba39759ef935fc2dd04f14 (patch) | |
| tree | 8634334ea6f47cb5842bd8e5e30c48d1e7ba7fc4 | |
| parent | 8f6c9add5e5348533bda7560e395186173c44894 (diff) | |
| download | pkgsrc-4448faae6855560b95ba39759ef935fc2dd04f14.tar.gz | |
Pullup ticket 1204 - requested by Joerg Sonnenberger
security fix for exim3
Revisions pulled up:
- pkgsrc/mail/exim3/Makefile 1.31
- pkgsrc/mail/exim3/distinfo 1.9
- pkgsrc/mail/exim3/patches/patch-ao 1.1
- pkgsrc/mail/exim3/patches/patch-ap 1.1
Module Name: pkgsrc
Committed By: joerg
Date: Mon Mar 6 22:49:16 UTC 2006
Modified Files:
pkgsrc/mail/exim3: Makefile distinfo
Added Files:
pkgsrc/mail/exim3/patches: patch-ao patch-ap
Log Message:
Fix parsing of IPv6 address possibly result in privilege escalation.
| -rw-r--r-- | mail/exim3/Makefile | 4 | ||||
| -rw-r--r-- | mail/exim3/distinfo | 4 | ||||
| -rw-r--r-- | mail/exim3/patches/patch-ao | 13 | ||||
| -rw-r--r-- | mail/exim3/patches/patch-ap | 24 |
4 files changed, 42 insertions, 3 deletions
diff --git a/mail/exim3/Makefile b/mail/exim3/Makefile index 7d4c239fb6a..d604b18bfae 100644 --- a/mail/exim3/Makefile +++ b/mail/exim3/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.24.2.1 2006/02/14 15:04:11 salo Exp $ +# $NetBSD: Makefile,v 1.24.2.2 2006/03/11 04:10:26 snj Exp $ DISTNAME= exim-3.36 -PKGREVISION= 6 +PKGREVISION= 7 CATEGORIES= mail net MASTER_SITES= ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/exim3/ \ http://public.planetmirror.com.au/pub/exim/exim3/ diff --git a/mail/exim3/distinfo b/mail/exim3/distinfo index af6e828f6ea..7e06ae0d22b 100644 --- a/mail/exim3/distinfo +++ b/mail/exim3/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.6.4.1 2006/02/14 15:04:11 salo Exp $ +$NetBSD: distinfo,v 1.6.4.2 2006/03/11 04:10:27 snj Exp $ SHA1 (exim-3.36.tar.bz2) = 2a06a2858ebf8cdedf2e41fa3f258b5e468e270d RMD160 (exim-3.36.tar.bz2) = 2654601eaf54fc15c1ebeabfee53c828f2fd22dd @@ -17,3 +17,5 @@ SHA1 (patch-ak) = 59ec9e8726c00237d631349cf963b2a5112d75d6 SHA1 (patch-al) = dd1263e5d8dd18c6ea1bfbe79cee74d3bc76f4c4 SHA1 (patch-am) = 26f66062bb133340ed2b336008673a78bd017e9e SHA1 (patch-an) = 7d40d720613b88772bb69993ffbfc754c9310acb +SHA1 (patch-ao) = b96e99cf56f205a7273759a2f090c1eed188cc36 +SHA1 (patch-ap) = bba7a0412976e7c022a48ed47207e9d9b42f073f diff --git a/mail/exim3/patches/patch-ao b/mail/exim3/patches/patch-ao new file mode 100644 index 00000000000..95e6d0e8247 --- /dev/null +++ b/mail/exim3/patches/patch-ao @@ -0,0 +1,13 @@ +$NetBSD: patch-ao,v 1.1.2.2 2006/03/11 04:10:27 snj Exp $ + +--- src/lookups/dnsdb.c.orig 2006-02-14 16:38:38.000000000 +0100 ++++ src/lookups/dnsdb.c +@@ -116,7 +116,7 @@ if (equals != NULL) + /* If the type is PTR, we have to construct the relevant magic lookup + key. */ + +-if (type == T_PTR) ++if (type == T_PTR && string_is_ip_address(keystring, NULL)) + { + char *p = keystring + (int)strlen(keystring); + char *pp = buffer; diff --git a/mail/exim3/patches/patch-ap b/mail/exim3/patches/patch-ap new file mode 100644 index 00000000000..a7659c71a83 --- /dev/null +++ b/mail/exim3/patches/patch-ap @@ -0,0 +1,24 @@ +$NetBSD: patch-ap,v 1.1.2.2 2006/03/11 04:10:27 snj Exp $ + +--- src/host.c.orig 2006-02-14 16:41:01.000000000 +0100 ++++ src/host.c +@@ -620,12 +620,18 @@ if (strchr(address, ':') != NULL) + + if (*p == ':') p++; + +- /* Split the address into components separated by colons. */ ++ /* Split the address into components separated by colons. The input address ++ is supposed to be checked for syntax. There was a case where this was ++ overlooked; to guard against that happening again, check here and crash if ++ there is a violation. */ + + while (*p != 0) + { + int len = strcspn(p, ":"); + if (len == 0) nulloffset = ci; ++ if (ci > 7) log_write(0, LOG_MAIN|LOG_PANIC_DIE, ++ "Internal error: invalid IPv6 address \"%s\" passed to host_aton()", ++ address); + component[ci++] = p; + p += len; + if (*p == ':') p++; |