diff options
| author | ghen <ghen> | 2006-06-27 16:59:27 +0000 |
|---|---|---|
| committer | ghen <ghen> | 2006-06-27 16:59:27 +0000 |
| commit | 75765d0d799beb2d35595e488099b16379483877 (patch) | |
| tree | f703df2ff43a728600eb70e821bab00a5cc7bdce | |
| parent | 82aa951688f7a145743d49e781e4e1384b386db8 (diff) | |
| download | pkgsrc-75765d0d799beb2d35595e488099b16379483877.tar.gz | |
Pullup ticket 1713 - requested by salo
security fix for mutt-devel
Revisions pulled up:
- pkgsrc/mail/mutt-devel/Makefile 1.50
- pkgsrc/mail/mutt-devel/distinfo 1.30
- pkgsrc/mail/mutt-devel/patches/patch-ae 1.5
Module Name: pkgsrc
Committed By: tonio
Date: Tue Jun 20 14:07:31 UTC 2006
Modified Files:
pkgsrc/mail/mutt-devel: Makefile distinfo
Log Message:
Add fix for imap code from mutt's cvs repository:
A malicious IMAP server could cause at least DoS
Bomp PKGREVISION
---
Module Name: pkgsrc
Committed By: tonio
Date: Tue Jun 20 14:08:05 UTC 2006
Added Files:
pkgsrc/mail/mutt-devel/patches: patch-ae
Log Message:
The patch for imap/browse
| -rw-r--r-- | mail/mutt-devel/Makefile | 4 | ||||
| -rw-r--r-- | mail/mutt-devel/distinfo | 3 | ||||
| -rw-r--r-- | mail/mutt-devel/patches/patch-ae | 29 |
3 files changed, 33 insertions, 3 deletions
diff --git a/mail/mutt-devel/Makefile b/mail/mutt-devel/Makefile index c07696ef04b..d2c24e5e0f4 100644 --- a/mail/mutt-devel/Makefile +++ b/mail/mutt-devel/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.45 2006/03/14 01:14:30 jlam Exp $ +# $NetBSD: Makefile,v 1.45.2.1 2006/06/27 16:59:27 ghen Exp $ DISTNAME= mutt-1.5.11 -PKGREVISION= 3 +PKGREVISION= 5 CATEGORIES= mail MUTT_SITES= ftp://ftp.mutt.org/mutt/ \ ftp://ftp.stealth.net/pub/mirrors/ftp.mutt.org/pub/mutt/ \ diff --git a/mail/mutt-devel/distinfo b/mail/mutt-devel/distinfo index 2b826d3a019..6e9661afbec 100644 --- a/mail/mutt-devel/distinfo +++ b/mail/mutt-devel/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.28 2005/10/05 20:08:32 tonio Exp $ +$NetBSD: distinfo,v 1.28.4.1 2006/06/27 16:59:27 ghen Exp $ SHA1 (mutt-1.5.11.tar.gz) = cc5823016fe7de6ee3a131b19a3f78796f9f53d5 RMD160 (mutt-1.5.11.tar.gz) = 812bfa6b1c9bfb1650341f7522298699c7b214a5 @@ -7,6 +7,7 @@ SHA1 (patch-aa) = 59d89dce24110be2927c8a1ea1fa5b780d644372 SHA1 (patch-ab) = deab9098ad64ab77b29233a3bf3df1439f36989a SHA1 (patch-ac) = b48ff9f66ff2b483b5aa0c312e08bd22c7cf03be SHA1 (patch-ad) = c427d4ef5129018f26e5a4b3ee2fa5bfb59af3b9 +SHA1 (patch-ae) = 442e3be4d0a5483e55f8e218cfbfc026e28235f5 SHA1 (patch-ag) = 84637d95fa9aa0cf58a6e6b2c82b783efa21cf66 SHA1 (patch-ah) = 4227c5768b900e58fa4a679e6ad67efc974a70b5 SHA1 (patch-ai) = 7d9883198a22615fb1792a41fce3ee9821f48f08 diff --git a/mail/mutt-devel/patches/patch-ae b/mail/mutt-devel/patches/patch-ae new file mode 100644 index 00000000000..91bdc974c7a --- /dev/null +++ b/mail/mutt-devel/patches/patch-ae @@ -0,0 +1,29 @@ +$NetBSD: patch-ae,v 1.4.4.1 2006/06/27 16:59:27 ghen Exp $ + +--- imap/browse.c.orig 2002-02-26 10:38:56.000000000 +0000 ++++ imap/browse.c 2006-06-20 10:05:32.000000000 +0100 +@@ -452,7 +452,7 @@ + if (*s == '\"') + { + s++; +- while (*s && *s != '\"') ++ while (*s && *s != '\"' && n < sizeof (ns) - 1) + { + if (*s == '\\') + s++; +@@ -463,12 +463,14 @@ + s++; + } + else +- while (*s && !ISSPACE (*s)) ++ while (*s && !ISSPACE (*s) && n < sizeof (ns) - 1) + { + ns[n++] = *s; + s++; + } + ns[n] = '\0'; ++ if (n == sizeof (ns) - 1) ++ dprint (1, (debugfile, "browse_get_namespace: too long: [%s]\n", ns)); + /* delim? */ + s = imap_next_word (s); + /* delimiter is meaningless if namespace is "". Why does |