diff options
| author | adrianp <adrianp> | 2005-11-01 19:16:52 +0000 |
|---|---|---|
| committer | adrianp <adrianp> | 2005-11-01 19:16:52 +0000 |
| commit | c5701f7387e52ff22b90f1f9582fc5b83f014c88 (patch) | |
| tree | 5a012eff4e118699e0f3e52564159f7210989f4c /mail/fetchmail | |
| parent | 93cd0fda837e3fcdc60c4fc235289f4c98569af2 (diff) | |
| download | pkgsrc-c5701f7387e52ff22b90f1f9582fc5b83f014c88.tar.gz | |
Add patch-ak for a fetchmailconf security issue. This patch does
not impact the fetchmail package so no version bump is required.
Diffstat (limited to 'mail/fetchmail')
| -rw-r--r-- | mail/fetchmail/distinfo | 3 | ||||
| -rw-r--r-- | mail/fetchmail/patches/patch-ak | 46 |
2 files changed, 48 insertions, 1 deletions
diff --git a/mail/fetchmail/distinfo b/mail/fetchmail/distinfo index 729f2e1dc91..b26b0d84066 100644 --- a/mail/fetchmail/distinfo +++ b/mail/fetchmail/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.32 2005/10/21 20:56:50 tonio Exp $ +$NetBSD: distinfo,v 1.33 2005/11/01 19:16:52 adrianp Exp $ SHA1 (fetchmail-6.2.5.tar.gz) = 4656ec4393ccd1c137fe7b331f77cb26b576ac0e RMD160 (fetchmail-6.2.5.tar.gz) = e32b91a959d0e80c4bd45a8758811cbe95a98180 @@ -13,3 +13,4 @@ SHA1 (patch-ag) = e27a4769dc804bec71b449bed7ff318d15ae8bdf SHA1 (patch-ah) = d6d08403b241a3e1a891faadbb36b0cd00df1398 SHA1 (patch-ai) = 16449ab08c266936d80b8be11c93a3dd1ac5c2fe SHA1 (patch-aj) = 1051c1eb754b9c9cffad2eab4561791975aebbe1 +SHA1 (patch-ak) = d75b42146597a17a1ce91dddc7ed0821697d7ec2 diff --git a/mail/fetchmail/patches/patch-ak b/mail/fetchmail/patches/patch-ak new file mode 100644 index 00000000000..4c07d246251 --- /dev/null +++ b/mail/fetchmail/patches/patch-ak @@ -0,0 +1,46 @@ +$NetBSD: patch-ak,v 1.1 2005/11/01 19:16:52 adrianp Exp $ + +--- fetchmailconf.orig 2003-10-15 20:22:31.000000000 +0100 ++++ fetchmailconf 2005-10-21 14:48:02.000000000 +0100 +@@ -4,7 +4,19 @@ + # by Eric S. Raymond, <esr@snark.thyrsus.com>. + # Requires Python with Tkinter, and the following OS-dependent services: + # posix, posixpath, socket +-version = "1.43" ++# ++# Changes by Matthias Andree, in 2005: ++# ++# 1.43.1 - unsuccessful attempt to fix a password exposure bug ++# ++# thanks to Thomas Wolff and Miloslav Trmac for pointing ++# out the fix was insufficient ++# ++# 1.43.2 - fix password exposure bug, by restricting umask to 077 ++# before opening the file ++# - record fetchmailconf version in output file ++# ++version = "1.43.2" + + from Tkinter import * + from Dialog import * +@@ -858,14 +870,17 @@ + # Pre-1.5.2 compatibility... + except os.error: + pass ++ old_umask = os.umask(077) + fm = open(self.outfile, 'w') ++ os.umask(old_umask) + if fm: +- fm.write("# Configuration created %s by fetchmailconf\n" % time.ctime(time.time())) ++ if fm != sys.stdout: ++ os.chmod(self.outfile, 0600) ++ fm.write("# Configuration created %s by fetchmailconf %s\n" ++ % (time.ctime(time.time()), version)) + fm.write(`self.configuration`) + if self.outfile: + fm.close() +- if fm != sys.stdout: +- os.chmod(self.outfile, 0600) + self.destruct() + + # |