diff options
| author | ghen <ghen> | 2006-06-20 11:00:56 +0000 |
|---|---|---|
| committer | ghen <ghen> | 2006-06-20 11:00:56 +0000 |
| commit | ed5dcdcc2aa8cc18ef54b6a6ce2901bb8da4cb91 (patch) | |
| tree | d34992baab4aa39a913ade2f6c9b8f3718d7f0d5 | |
| parent | cdfd6922279ef3bff82087eef4a75f3f89d1fb85 (diff) | |
| download | pkgsrc-ed5dcdcc2aa8cc18ef54b6a6ce2901bb8da4cb91.tar.gz | |
Pullup ticket 1705 - requested by tron
security fix for mutt
Revisions pulled up:
- pkgsrc/mail/mutt/Makefile via patch
- pkgsrc/mail/mutt/distinfo 1.30
- pkgsrc/mail/mutt/patches/patch-ae 1.4
Module Name: pkgsrc
Committed By: tron
Date: Tue Jun 20 09:14:47 UTC 2006
Modified Files:
pkgsrc/mail/mutt: Makefile PLIST distinfo
Added Files:
pkgsrc/mail/mutt/patches: patch-ae
Log Message:
Add fix from the "mutt" CVS repository for a buffer overflow in the
IMAP code which could be exploited by a malicious IMAP server.
Bump package revision.
| -rw-r--r-- | mail/mutt/Makefile | 4 | ||||
| -rw-r--r-- | mail/mutt/distinfo | 3 | ||||
| -rw-r--r-- | mail/mutt/patches/patch-ae | 29 |
3 files changed, 33 insertions, 3 deletions
diff --git a/mail/mutt/Makefile b/mail/mutt/Makefile index 087b3058923..10fa75adce7 100644 --- a/mail/mutt/Makefile +++ b/mail/mutt/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.136 2006/03/14 01:14:30 jlam Exp $ +# $NetBSD: Makefile,v 1.136.2.1 2006/06/20 11:00:56 ghen Exp $ DISTNAME= mutt-1.4.2.1i PKGNAME= ${DISTNAME:C/i$//} -PKGREVISION= 6 +PKGREVISION= 7 CATEGORIES= mail MASTER_SITES= ftp://ftp.mutt.org/mutt/ \ ftp://ftp.stealth.net/pub/mirrors/ftp.mutt.org/pub/mutt/ \ diff --git a/mail/mutt/distinfo b/mail/mutt/distinfo index c5912ad8135..ec1c7e89e04 100644 --- a/mail/mutt/distinfo +++ b/mail/mutt/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.28 2006/02/07 00:00:51 minskim Exp $ +$NetBSD: distinfo,v 1.28.2.1 2006/06/20 11:00:56 ghen Exp $ SHA1 (mutt-1.4.2.1i.tar.gz) = 10fae2eef5a671d1ea6e17acd6e64cd1f37c3961 RMD160 (mutt-1.4.2.1i.tar.gz) = 314536f77e0494dc6e4a5d57c681de791c8ce0fc @@ -7,6 +7,7 @@ SHA1 (patch-aa) = 057c11486bb855e321853a106992c8792b75b812 SHA1 (patch-ab) = 9eb4d0d861fff0a6a387d035293e28c6dd17a06c SHA1 (patch-ac) = acfece3438c1cadc43247c590045699be7212ede SHA1 (patch-ad) = 6d7647913a0442ce474d02129d9bec0dbbd3df52 +SHA1 (patch-ae) = 442e3be4d0a5483e55f8e218cfbfc026e28235f5 SHA1 (patch-ag) = c369b0b5d4855e50a016530f81190b2cbd47cef1 SHA1 (patch-ah) = 04549728683b4250a26f6d6c7a212b8d505014d2 SHA1 (patch-ai) = 317b736d6b9a896e1ee185cce37a1c2184c02cde diff --git a/mail/mutt/patches/patch-ae b/mail/mutt/patches/patch-ae new file mode 100644 index 00000000000..2e1a11e48c8 --- /dev/null +++ b/mail/mutt/patches/patch-ae @@ -0,0 +1,29 @@ +$NetBSD: patch-ae,v 1.3.14.1 2006/06/20 11:00:57 ghen Exp $ + +--- imap/browse.c.orig 2002-02-26 10:38:56.000000000 +0000 ++++ imap/browse.c 2006-06-20 10:05:32.000000000 +0100 +@@ -452,7 +452,7 @@ + if (*s == '\"') + { + s++; +- while (*s && *s != '\"') ++ while (*s && *s != '\"' && n < sizeof (ns) - 1) + { + if (*s == '\\') + s++; +@@ -463,12 +463,14 @@ + s++; + } + else +- while (*s && !ISSPACE (*s)) ++ while (*s && !ISSPACE (*s) && n < sizeof (ns) - 1) + { + ns[n++] = *s; + s++; + } + ns[n] = '\0'; ++ if (n == sizeof (ns) - 1) ++ dprint (1, (debugfile, "browse_get_namespace: too long: [%s]\n", ns)); + /* delim? */ + s = imap_next_word (s); + /* delimiter is meaningless if namespace is "". Why does |