[pkgsrc/trunk]: pkgsrc/mail/sendmail812 Update sendmail (with vendor patch) t...

[tv <tv%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/8407ab103f76
branches:  trunk
changeset: 510024:8407ab103f76
user:      tv <tv%pkgsrc.org@localhost>
date:      Wed Mar 22 21:19:06 2006 +0000

description:
Update sendmail (with vendor patch) to address the current security issue:
    http://www.kb.cert.org/vuls/id/834865

Bump to nb2.
This will change the internal version of sendmail to 8.12.11.20060308.

>       SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server
>               and client side of sendmail with timeouts in the libsm I/O
>               layer and fix problems in that code.  Also fix handling of
>               a buffer in sm_syslog() which could have been used as an
>               attack vector to exploit the unsafe handling of
>               setjmp(3)/longjmp(3) in combination with signals.
>               Problem detected by Mark Dowd of ISS X-Force.
>       Handle theoretical integer overflows that could triggered if
>               the server accepted headers larger than the maximum
>               (signed) integer value.  This is prevented in the default
>               configuration by restricting the size of a header, and on
>               most machines memory allocations would fail before reaching
>               those values.  Problems found by Phil Brass of ISS.

diffstat:

 mail/sendmail812/Makefile        |  4 ++--
 mail/sendmail812/Makefile.common |  5 ++++-
 mail/sendmail812/distinfo        |  5 ++++-
 3 files changed, 10 insertions(+), 4 deletions(-)

diffs (51 lines):

diff -r 744339f7e4bc -r 8407ab103f76 mail/sendmail812/Makefile
--- a/mail/sendmail812/Makefile Wed Mar 22 21:13:42 2006 +0000
+++ b/mail/sendmail812/Makefile Wed Mar 22 21:19:06 2006 +0000
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.7 2005/12/29 06:21:53 jlam Exp $
+# $NetBSD: Makefile,v 1.8 2006/03/22 21:19:06 tv Exp $
 
 .include "options.mk"
 .include "../../mail/sendmail812/Makefile.common"
 
 PKGNAME=       sendmail-${DIST_VERS}
-PKGREVISION=   1
+PKGREVISION=   2
 COMMENT=       The well known Mail Transport Agent
 
 CONFLICTS+=    postfix-[0-9]* fastforward>=0.51nb2
diff -r 744339f7e4bc -r 8407ab103f76 mail/sendmail812/Makefile.common
--- a/mail/sendmail812/Makefile.common  Wed Mar 22 21:13:42 2006 +0000
+++ b/mail/sendmail812/Makefile.common  Wed Mar 22 21:19:06 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.9 2005/12/05 20:50:35 rillig Exp $
+# $NetBSD: Makefile.common,v 1.10 2006/03/22 21:19:06 tv Exp $
 #
 # Makefile fragment shared with libmilter
 #
@@ -9,6 +9,9 @@
                ftp://ftp.fu-berlin.de/pub/unix/mail/sendmail/ \
                ftp://ftp.kyoto.wide.ad.jp/pub/mail/sendmail/
 
+PATCH_SITES=   ${MASTER_SITES}
+PATCHFILES=    8.12.11.p0
+
 MAINTAINER=    adrianp%NetBSD.org@localhost
 HOMEPAGE=      http://www.sendmail.org/
 
diff -r 744339f7e4bc -r 8407ab103f76 mail/sendmail812/distinfo
--- a/mail/sendmail812/distinfo Wed Mar 22 21:13:42 2006 +0000
+++ b/mail/sendmail812/distinfo Wed Mar 22 21:19:06 2006 +0000
@@ -1,8 +1,11 @@
-$NetBSD: distinfo,v 1.3 2005/09/08 22:32:39 abs Exp $
+$NetBSD: distinfo,v 1.4 2006/03/22 21:19:06 tv Exp $
 
 SHA1 (sendmail.8.12.11.tar.gz) = ce1ba0e50740c548f8555f1a905d8514e6637f95
 RMD160 (sendmail.8.12.11.tar.gz) = a80ceccbe3425ea01ce6cb89f2226f83b3562b64
 Size (sendmail.8.12.11.tar.gz) = 1899112 bytes
+SHA1 (8.12.11.p0) = aeef47bf434c13d91ba1c1e777cf81a2ba283290
+RMD160 (8.12.11.p0) = 267afdf9abc4636d0750bddf3b7bd16fe9b2fd5b
+Size (8.12.11.p0) = 71804 bytes
 SHA1 (patch-aa) = cf9a68f5e6d6fd6e13a806a7d1e6ebab18fc9c6f
 SHA1 (patch-ab) = a2abf6e78772e257e2a1973e7730159ff24a91aa
 SHA1 (patch-ac) = 96c19300b4188dbcbd202768eea912f675dadc27