diff options
| author | drochner <drochner> | 2005-01-31 17:33:57 +0000 |
|---|---|---|
| committer | drochner <drochner> | 2005-01-31 17:33:57 +0000 |
| commit | 2b4646c2194f33f10bd4154baa3b21bce8930687 (patch) | |
| tree | c89396d1d50fd6d277dc150d1d7e0dd0370061db /mail | |
| parent | 1c23d87ba980355185e1200d3e3ecb91d7309214 (diff) | |
| download | pkgsrc-2b4646c2194f33f10bd4154baa3b21bce8930687.tar.gz | |
as with 2.0.3:
> apply a patch from evution CVS:
> 2005-01-20 Not Zed <NotZed@Ximian.com>
> * camel-lock-helper.c (main): since malloc(MAXINT+1) returns a
> valid pointer, validate the length of the path before using it.
> set maximum path to 65000 characters. Spotted by Max Vozeler
> <max@hinterhof.net>
>
> This fixes the security vulnerability refered to as CAN-2005-0102.
> bump PKGREVISION
Diffstat (limited to 'mail')
| -rw-r--r-- | mail/evolution12/Makefile | 4 | ||||
| -rw-r--r-- | mail/evolution12/distinfo | 3 | ||||
| -rw-r--r-- | mail/evolution12/patches/patch-am | 16 |
3 files changed, 20 insertions, 3 deletions
diff --git a/mail/evolution12/Makefile b/mail/evolution12/Makefile index ccdb4c722be..84f5b51b572 100644 --- a/mail/evolution12/Makefile +++ b/mail/evolution12/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.14 2004/12/28 23:18:16 reed Exp $ +# $NetBSD: Makefile,v 1.15 2005/01/31 17:33:57 drochner Exp $ DISTNAME= evolution-1.2.4 PKGNAME= ${DISTNAME:S/evolution/evolution12/} -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= mail time gnome MASTER_SITES= ftp://ftp.ximian.com/pub/ximian-evolution/source/ \ ftp://ximian.netnitco.net/pub/mirrors/ximian/ximian-evolution/source/ \ diff --git a/mail/evolution12/distinfo b/mail/evolution12/distinfo index b23f27cfbb3..895d59813af 100644 --- a/mail/evolution12/distinfo +++ b/mail/evolution12/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.1.1.1 2004/01/04 21:39:50 rh Exp $ +$NetBSD: distinfo,v 1.2 2005/01/31 17:33:57 drochner Exp $ SHA1 (evolution-1.2.4.tar.bz2) = 924ef022d39ab437e41b784181ba572e8a16e59d Size (evolution-1.2.4.tar.bz2) = 12940769 bytes @@ -14,3 +14,4 @@ SHA1 (patch-ai) = 2d73b5a3a2a006bb29b83650154ca64d721ef09d SHA1 (patch-aj) = 0e132d78a59631d443a8fe03a838033089e1802c SHA1 (patch-ak) = 3c1f314f16743221a2ce9db659c0877b70f00f51 SHA1 (patch-al) = de0b84420c20aabe4d9eadf5f322b117a71ca2dc +SHA1 (patch-am) = 18b9a5eda1ca81ef158e04295e13a33c54683ae1 diff --git a/mail/evolution12/patches/patch-am b/mail/evolution12/patches/patch-am new file mode 100644 index 00000000000..dcd9453c083 --- /dev/null +++ b/mail/evolution12/patches/patch-am @@ -0,0 +1,16 @@ +$NetBSD: patch-am,v 1.1 2005/01/31 17:33:57 drochner Exp $ + +--- camel/camel-lock-helper.c.orig 2001-11-03 01:26:18.000000000 +0100 ++++ camel/camel-lock-helper.c +@@ -360,8 +360,9 @@ int main(int argc, char **argv) + switch(msg.id) { + case CAMEL_LOCK_HELPER_LOCK: + res = CAMEL_LOCK_HELPER_STATUS_NOMEM; +- path = malloc(msg.data+1); +- if (path != NULL) { ++ if (msg.data > 0xffff) { ++ res = CAMEL_LOCK_HELPER_STATUS_PROTOCOL; ++ } else if ((path = malloc(msg.data+1)) != NULL) { + res = CAMEL_LOCK_HELPER_STATUS_PROTOCOL; + len = read_n(STDIN_FILENO, path, msg.data); + if (len == msg.data) { |