diff options
| author | drochner <drochner@pkgsrc.org> | 2007-06-26 17:24:10 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2007-06-26 17:24:10 +0000 |
| commit | ce0258780b9985586b605e8131c255c5cd745a8e (patch) | |
| tree | 1ba74197c6454736dd0be6104533ce81988323ca /mail | |
| parent | 843d1906de197223e1358270df6746a374747117 (diff) | |
| download | pkgsrc-ce0258780b9985586b605e8131c255c5cd745a8e.tar.gz | |
add a patch from Gnome bug #447414 to fix CVE-2007-3257
(possible code injection by remote IMAP servers due to missing
validation of an integer value used as array index)
bump PKGREVISION
Diffstat (limited to 'mail')
| -rw-r--r-- | mail/evolution-data-server/Makefile | 4 | ||||
| -rw-r--r-- | mail/evolution-data-server/distinfo | 3 | ||||
| -rw-r--r-- | mail/evolution-data-server/patches/patch-as | 22 |
3 files changed, 26 insertions, 3 deletions
diff --git a/mail/evolution-data-server/Makefile b/mail/evolution-data-server/Makefile index 102995b9a87..d820e281ec9 100644 --- a/mail/evolution-data-server/Makefile +++ b/mail/evolution-data-server/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.54 2007/06/05 05:37:08 wiz Exp $ +# $NetBSD: Makefile,v 1.55 2007/06/26 17:24:10 drochner Exp $ # DISTNAME= evolution-data-server-1.10.1 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= mail gnome MASTER_SITES= ${MASTER_SITE_GNOME:=sources/evolution-data-server/1.10/} EXTRACT_SUFX= .tar.bz2 diff --git a/mail/evolution-data-server/distinfo b/mail/evolution-data-server/distinfo index c5ee248a265..f49d8f4e66d 100644 --- a/mail/evolution-data-server/distinfo +++ b/mail/evolution-data-server/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.35 2007/04/10 20:24:22 drochner Exp $ +$NetBSD: distinfo,v 1.36 2007/06/26 17:24:10 drochner Exp $ SHA1 (evolution-data-server-1.10.1.tar.bz2) = 69691cf6fcbe43d5ff485c49755effd8fa8681be RMD160 (evolution-data-server-1.10.1.tar.bz2) = edf55c74c458ed849635ace52340615017ad6a6d @@ -9,3 +9,4 @@ SHA1 (patch-al) = 97d5c7889b886535a7cc63c00b6193130f6fa320 SHA1 (patch-ao) = c98089bab9110eb29339e529fb88b01dbe454623 SHA1 (patch-aq) = 375d592b72f59fa70160bf23aa260338d350c517 SHA1 (patch-ar) = b6b92b068f94954d435cff11543a4de7d07712ac +SHA1 (patch-as) = 509f9994f375f853a932ccd2bab5a028c1433a23 diff --git a/mail/evolution-data-server/patches/patch-as b/mail/evolution-data-server/patches/patch-as new file mode 100644 index 00000000000..0d543ac92db --- /dev/null +++ b/mail/evolution-data-server/patches/patch-as @@ -0,0 +1,22 @@ +$NetBSD: patch-as,v 1.1 2007/06/26 17:24:11 drochner Exp $ + +--- ./camel/providers/imap/camel-imap-folder.c.orig 2007-06-26 17:31:25.000000000 +0200 ++++ ./camel/providers/imap/camel-imap-folder.c +@@ -655,7 +655,7 @@ imap_rescan (CamelFolder *folder, int ex + uid = g_datalist_get_data (&data, "UID"); + flags = GPOINTER_TO_UINT (g_datalist_get_data (&data, "FLAGS")); + +- if (!uid || !seq || seq > summary_len) { ++ if (!uid || !seq || seq > summary_len || seq < 0) { + g_datalist_clear (&data); + continue; + } +@@ -2789,7 +2789,7 @@ parse_fetch_response (CamelImapFolder *i + + if (*response != '*' || *(response + 1) != ' ') + return NULL; +- seq = strtol (response + 2, &response, 10); ++ seq = strtoul (response + 2, &response, 10); + if (seq == 0) + return NULL; + if (g_ascii_strncasecmp (response, " FETCH (", 8) != 0) |