summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsalo <salo@pkgsrc.org>2005-11-22 00:34:24 +0000
committersalo <salo@pkgsrc.org>2005-11-22 00:34:24 +0000
commit5bf71b681a1cb57e2cf92ff2cae113c4a65e2862 (patch)
tree1d7721912c4d1079c34c49f8ac07ec21dd1297c3
parentae3658b717ae4dfd72beb276756534a5b3ef9430 (diff)
downloadpkgsrc-5bf71b681a1cb57e2cf92ff2cae113c4a65e2862.tar.gz
Pullup ticket 919 - requested by Klaus Heinz
security fix for spamassassin Revisions pulled up: - pkgsrc/mail/spamassassin/Makefile 1.61 - pkgsrc/mail/spamassassin/distinfo 1.31 - pkgsrc/mail/spamassassin/patches/patch-ax 1.1 Module Name: pkgsrc Committed By: heinz Date: Sun Nov 13 05:08:00 UTC 2005 Modified Files: pkgsrc/mail/spamassassin: Makefile distinfo Added Files: pkgsrc/mail/spamassassin/patches: patch-ax Log Message: Added a patch to fix a potential DoS vulnerability (CVE-2005-3351). See http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570 http://secunia.com/advisories/17386
Diffstat
-rw-r--r--mail/spamassassin/Makefile4
-rw-r--r--mail/spamassassin/distinfo3
-rw-r--r--mail/spamassassin/patches/patch-ax13
3 files changed, 17 insertions, 3 deletions
diff --git a/mail/spamassassin/Makefile b/mail/spamassassin/Makefile
index 29c537064a8..6a8a5da3f79 100644
--- a/mail/spamassassin/Makefile
+++ b/mail/spamassassin/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.59 2005/08/06 06:19:22 jlam Exp $
+# $NetBSD: Makefile,v 1.59.2.1 2005/11/22 00:34:24 salo Exp $
DISTNAME= Mail-SpamAssassin-${SPAMASSASSIN_VERSION}
PKGNAME= spamassassin-${SPAMASSASSIN_VERSION}
-PKGREVISION= 1
+PKGREVISION= 2
SVR4_PKGNAME= sa
CATEGORIES= mail perl5
MASTER_SITES= ${MASTER_SITE_APACHE:=spamassassin/source/} \
diff --git a/mail/spamassassin/distinfo b/mail/spamassassin/distinfo
index d95b971c6cb..abb817a6e40 100644
--- a/mail/spamassassin/distinfo
+++ b/mail/spamassassin/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.30 2005/06/19 22:29:35 heinz Exp $
+$NetBSD: distinfo,v 1.30.4.1 2005/11/22 00:34:24 salo Exp $
SHA1 (Mail-SpamAssassin-3.0.4.tar.gz) = df37b629ab7b8a3fbb370c16537c59749eac1927
RMD160 (Mail-SpamAssassin-3.0.4.tar.gz) = a2c975585f20cd9dba09b645ef69993faed17fb4
@@ -6,3 +6,4 @@ Size (Mail-SpamAssassin-3.0.4.tar.gz) = 1001430 bytes
SHA1 (patch-ab) = 36280764366900829205be94466a77662c422524
SHA1 (patch-ae) = 7d57eb154af72ea82cb8fdafd7277823e33b7dd5
SHA1 (patch-aq) = c918a738e0c7048183f5efbb0b7265d355ded7b3
+SHA1 (patch-ax) = d874d0b0b03a90e2db1242ec6c2f99f60452abc4
diff --git a/mail/spamassassin/patches/patch-ax b/mail/spamassassin/patches/patch-ax
new file mode 100644
index 00000000000..db62484b2a5
--- /dev/null
+++ b/mail/spamassassin/patches/patch-ax
@@ -0,0 +1,13 @@
+$NetBSD: patch-ax,v 1.2.2.2 2005/11/22 00:34:24 salo Exp $
+
+--- lib/Mail/SpamAssassin/Message.pm.orig Mon Jun 6 03:31:23 2005
++++ lib/Mail/SpamAssassin/Message.pm
+@@ -324,7 +324,7 @@ sub get_pristine_header {
+ my ($self, $hdr) = @_;
+
+ return $self->{pristine_headers} unless $hdr;
+- my(@ret) = $self->{pristine_headers} =~ /^(?:$hdr:[ \t]+(.*\n(?:\s+\S.*\n)*))/mig;
++ my(@ret) = $self->{pristine_headers} =~ /^\Q$hdr\E:[ \t]+(.*?\n(?![ \t]))/smgi;
+ if (@ret) {
+ return wantarray ? @ret : $ret[-1];
+ }
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-26 03:03:31 +0000