diff options
author | salo <salo@pkgsrc.org> | 2005-11-22 00:34:24 +0000 |
---|---|---|
committer | salo <salo@pkgsrc.org> | 2005-11-22 00:34:24 +0000 |
commit | 5bf71b681a1cb57e2cf92ff2cae113c4a65e2862 (patch) | |
tree | 1d7721912c4d1079c34c49f8ac07ec21dd1297c3 | |
parent | ae3658b717ae4dfd72beb276756534a5b3ef9430 (diff) | |
download | pkgsrc-5bf71b681a1cb57e2cf92ff2cae113c4a65e2862.tar.gz |
Pullup ticket 919 - requested by Klaus Heinz
security fix for spamassassin
Revisions pulled up:
- pkgsrc/mail/spamassassin/Makefile 1.61
- pkgsrc/mail/spamassassin/distinfo 1.31
- pkgsrc/mail/spamassassin/patches/patch-ax 1.1
Module Name: pkgsrc
Committed By: heinz
Date: Sun Nov 13 05:08:00 UTC 2005
Modified Files:
pkgsrc/mail/spamassassin: Makefile distinfo
Added Files:
pkgsrc/mail/spamassassin/patches: patch-ax
Log Message:
Added a patch to fix a potential DoS vulnerability (CVE-2005-3351).
See
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570
http://secunia.com/advisories/17386
-rw-r--r-- | mail/spamassassin/Makefile | 4 | ||||
-rw-r--r-- | mail/spamassassin/distinfo | 3 | ||||
-rw-r--r-- | mail/spamassassin/patches/patch-ax | 13 |
3 files changed, 17 insertions, 3 deletions
diff --git a/mail/spamassassin/Makefile b/mail/spamassassin/Makefile index 29c537064a8..6a8a5da3f79 100644 --- a/mail/spamassassin/Makefile +++ b/mail/spamassassin/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.59 2005/08/06 06:19:22 jlam Exp $ +# $NetBSD: Makefile,v 1.59.2.1 2005/11/22 00:34:24 salo Exp $ DISTNAME= Mail-SpamAssassin-${SPAMASSASSIN_VERSION} PKGNAME= spamassassin-${SPAMASSASSIN_VERSION} -PKGREVISION= 1 +PKGREVISION= 2 SVR4_PKGNAME= sa CATEGORIES= mail perl5 MASTER_SITES= ${MASTER_SITE_APACHE:=spamassassin/source/} \ diff --git a/mail/spamassassin/distinfo b/mail/spamassassin/distinfo index d95b971c6cb..abb817a6e40 100644 --- a/mail/spamassassin/distinfo +++ b/mail/spamassassin/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.30 2005/06/19 22:29:35 heinz Exp $ +$NetBSD: distinfo,v 1.30.4.1 2005/11/22 00:34:24 salo Exp $ SHA1 (Mail-SpamAssassin-3.0.4.tar.gz) = df37b629ab7b8a3fbb370c16537c59749eac1927 RMD160 (Mail-SpamAssassin-3.0.4.tar.gz) = a2c975585f20cd9dba09b645ef69993faed17fb4 @@ -6,3 +6,4 @@ Size (Mail-SpamAssassin-3.0.4.tar.gz) = 1001430 bytes SHA1 (patch-ab) = 36280764366900829205be94466a77662c422524 SHA1 (patch-ae) = 7d57eb154af72ea82cb8fdafd7277823e33b7dd5 SHA1 (patch-aq) = c918a738e0c7048183f5efbb0b7265d355ded7b3 +SHA1 (patch-ax) = d874d0b0b03a90e2db1242ec6c2f99f60452abc4 diff --git a/mail/spamassassin/patches/patch-ax b/mail/spamassassin/patches/patch-ax new file mode 100644 index 00000000000..db62484b2a5 --- /dev/null +++ b/mail/spamassassin/patches/patch-ax @@ -0,0 +1,13 @@ +$NetBSD: patch-ax,v 1.2.2.2 2005/11/22 00:34:24 salo Exp $ + +--- lib/Mail/SpamAssassin/Message.pm.orig Mon Jun 6 03:31:23 2005 ++++ lib/Mail/SpamAssassin/Message.pm +@@ -324,7 +324,7 @@ sub get_pristine_header { + my ($self, $hdr) = @_; + + return $self->{pristine_headers} unless $hdr; +- my(@ret) = $self->{pristine_headers} =~ /^(?:$hdr:[ \t]+(.*\n(?:\s+\S.*\n)*))/mig; ++ my(@ret) = $self->{pristine_headers} =~ /^\Q$hdr\E:[ \t]+(.*?\n(?![ \t]))/smgi; + if (@ret) { + return wantarray ? @ret : $ret[-1]; + } |