summaryrefslogtreecommitdiff
path: root/mail
diff options
context:
space:
mode:
authortron <tron>2007-09-23 12:48:46 +0000
committertron <tron>2007-09-23 12:48:46 +0000
commita27f9583594ae3fe3f3af1cdaf4e6f56c7d013e7 (patch)
tree5e2ee6c11f05f278610704dcd39b405811c235af /mail
parent6a643dc9c0a9f02b5834083ab6a907d9d437f7d6 (diff)
downloadpkgsrc-a27f9583594ae3fe3f3af1cdaf4e6f56c7d013e7.tar.gz
Add fix for security vulnerability reported in CVE-2007-4565.
Bump package revision.
Diffstat (limited to 'mail')
-rw-r--r--mail/fetchmail/Makefile3
-rw-r--r--mail/fetchmail/distinfo3
-rw-r--r--mail/fetchmail/patches/patch-aa13
3 files changed, 17 insertions, 2 deletions
diff --git a/mail/fetchmail/Makefile b/mail/fetchmail/Makefile
index 79c9f23ce5d..6351e4bf297 100644
--- a/mail/fetchmail/Makefile
+++ b/mail/fetchmail/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.162 2007/04/14 22:14:29 tron Exp $
+# $NetBSD: Makefile,v 1.163 2007/09/23 12:48:46 tron Exp $
DISTNAME= fetchmail-6.3.8
+PKGREVISION= 1
CATEGORIES= mail
MASTER_SITES= http://download.berlios.de/fetchmail/ \
http://download2.berlios.de/fetchmail/
diff --git a/mail/fetchmail/distinfo b/mail/fetchmail/distinfo
index 8b2559cca5e..943e3a0bbe0 100644
--- a/mail/fetchmail/distinfo
+++ b/mail/fetchmail/distinfo
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.37 2007/04/14 22:14:29 tron Exp $
+$NetBSD: distinfo,v 1.38 2007/09/23 12:48:46 tron Exp $
SHA1 (fetchmail-6.3.8.tar.bz2) = b8e8c51ed6cf53fc398c821fdb29d166c6713bb0
RMD160 (fetchmail-6.3.8.tar.bz2) = 34034f9ae9fe44ba35f0a16d3128d4a9b0001df2
Size (fetchmail-6.3.8.tar.bz2) = 1323515 bytes
+SHA1 (patch-aa) = d8234f2bbe91003c4cb5c9896dfe33c8226a74de
diff --git a/mail/fetchmail/patches/patch-aa b/mail/fetchmail/patches/patch-aa
new file mode 100644
index 00000000000..4836906bd5e
--- /dev/null
+++ b/mail/fetchmail/patches/patch-aa
@@ -0,0 +1,13 @@
+$NetBSD: patch-aa,v 1.6 2007/09/23 12:48:46 tron Exp $
+
+--- sink.c.orig 2007-03-29 23:45:17.000000000 +0100
++++ sink.c 2007-09-23 13:42:40.000000000 +0100
+@@ -262,7 +262,7 @@
+ const char *md1 = "MAILER-DAEMON", *md2 = "MAILER-DAEMON@";
+
+ /* don't bounce in reply to undeliverable bounces */
+- if (!msg->return_path[0] ||
++ if (!msg || !msg->return_path[0] ||
+ strcmp(msg->return_path, "<>") == 0 ||
+ strcasecmp(msg->return_path, md1) == 0 ||
+ strncasecmp(msg->return_path, md2, strlen(md2)) == 0)