diff options
| author | spz <spz@pkgsrc.org> | 2017-12-20 16:36:27 +0000 |
|---|---|---|
| committer | spz <spz@pkgsrc.org> | 2017-12-20 16:36:27 +0000 |
| commit | d815e85fe20458b42cf8dfd8f11cffc9b07548ff (patch) | |
| tree | f74a1de7f04f2293defd3a7ea3fbc7b6a73caca9 | |
| parent | 35ea757ce2556281248256a036d17e6c3f0dbb5f (diff) | |
| download | pkgsrc-d815e85fe20458b42cf8dfd8f11cffc9b07548ff.tar.gz | |
Pullup ticket #5653 - requested by bsiegert
mail/procmail: security patch
Revisions pulled up:
- mail/procmail/Makefile 1.50
- mail/procmail/distinfo 1.17
- mail/procmail/patches/patch-bd 1.4
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: snj
Date: Sun Nov 26 20:39:41 UTC 2017
Modified Files:
pkgsrc/mail/procmail: Makefile distinfo
pkgsrc/mail/procmail/patches: patch-bd
Log Message:
procmail: Fix CVE-2017-16844
Patch from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug‡6511
Bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.50 pkgsrc/mail/procmail/Makefile
cvs rdiff -u -r1.16 -r1.17 pkgsrc/mail/procmail/distinfo
cvs rdiff -u -r1.3 -r1.4 pkgsrc/mail/procmail/patches/patch-bd
| -rw-r--r-- | mail/procmail/Makefile | 4 | ||||
| -rw-r--r-- | mail/procmail/distinfo | 4 | ||||
| -rw-r--r-- | mail/procmail/patches/patch-bd | 19 |
3 files changed, 20 insertions, 7 deletions
diff --git a/mail/procmail/Makefile b/mail/procmail/Makefile index 035a9e7bb42..d3b3e9aa1e3 100644 --- a/mail/procmail/Makefile +++ b/mail/procmail/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.49 2014/10/09 14:06:40 wiz Exp $ +# $NetBSD: Makefile,v 1.49.26.1 2017/12/20 16:36:27 spz Exp $ DISTNAME= procmail-3.22 -PKGREVISION= 4 +PKGREVISION= 5 CATEGORIES= mail MASTER_SITES= ftp://ftp.procmail.org/pub/procmail/ diff --git a/mail/procmail/distinfo b/mail/procmail/distinfo index 93d421db013..8287658adec 100644 --- a/mail/procmail/distinfo +++ b/mail/procmail/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.16 2015/11/03 23:27:17 agc Exp $ +$NetBSD: distinfo,v 1.16.18.1 2017/12/20 16:36:27 spz Exp $ SHA1 (procmail-3.22.tar.gz) = cd4e44c15559816453fd60349e5a32289f6f2965 RMD160 (procmail-3.22.tar.gz) = e609ec94ea9ab3b93629c62b3e29add497806483 @@ -14,4 +14,4 @@ SHA1 (patch-ag) = 8f2ae1f2e7bdc3c2295148c33183176423802fee SHA1 (patch-ba) = 2ebbd43d2773b147ee6410e37ab3696aeda3c07c SHA1 (patch-bb) = 5b273bd60d24168794189bb844e39e94bd688ea8 SHA1 (patch-bc) = 7344d3c2fce1bcd3276d8e5014bf9537c6dece5c -SHA1 (patch-bd) = fb6f2fb4b5fe1ea01682a319b6655b023e5c5fd0 +SHA1 (patch-bd) = 27a7711e400f934bc82937eae68681e0b5c30c4a diff --git a/mail/procmail/patches/patch-bd b/mail/procmail/patches/patch-bd index 7ebb3f13a0e..64f07236d78 100644 --- a/mail/procmail/patches/patch-bd +++ b/mail/procmail/patches/patch-bd @@ -1,14 +1,18 @@ -$NetBSD: patch-bd,v 1.3 2014/09/04 07:37:44 wiz Exp $ +$NetBSD: patch-bd,v 1.3.28.1 2017/12/20 16:36:28 spz Exp $ First chunk: https://bugzilla.redhat.com/show_bug.cgi?id=1121299 CVE-2014-3618 Second chunk: +https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876511 +CVE-2017-16844 + +Third chunk: Avoid conflict with existing getline() functions. ---- src/formisc.c.orig 2001-06-29 02:20:45.000000000 +0000 -+++ src/formisc.c +--- src/formisc.c.orig 2001-06-28 19:20:45.000000000 -0700 ++++ src/formisc.c 2017-11-26 12:21:14.260042851 -0800 @@ -84,12 +84,11 @@ normal: *target++= *start++; case '"':*target++=delim='"';start++; } @@ -23,6 +27,15 @@ Avoid conflict with existing getline() functions. } hitspc=2; } +@@ -104,7 +103,7 @@ void loadsaved(sp)const struct saved*con + } + /* append to buf */ + void loadbuf(text,len)const char*const text;const size_t len; +-{ if(buffilled+len>buflen) /* buf can't hold the text */ ++{ while(buffilled+len>buflen) /* buf can't hold the text */ + buf=realloc(buf,buflen+=Bsize); + tmemmove(buf+buffilled,text,len);buffilled+=len; + } @@ -115,7 +114,7 @@ void loadchar(c)const int c; /* a buf[buffilled++]=c; } |