pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/mail/spamassassin Added a patch to fix a potential DoS...

details:   https://anonhg.NetBSD.org/pkgsrc/rev/805013721ba0
branches:  trunk
changeset: 503035:805013721ba0
user:      heinz <heinz%pkgsrc.org@localhost>
date:      Sun Nov 13 05:08:00 2005 +0000

description:
Added a patch to fix a potential DoS vulnerability (CVE-2005-3351).
See
  http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570
  http://secunia.com/advisories/17386

diffstat:

 mail/spamassassin/Makefile         |   4 ++--
 mail/spamassassin/distinfo         |   3 ++-
 mail/spamassassin/patches/patch-ax |  13 +++++++++++++
 3 files changed, 17 insertions(+), 3 deletions(-)

diffs (45 lines):

diff -r fa77001ae396 -r 805013721ba0 mail/spamassassin/Makefile
--- a/mail/spamassassin/Makefile        Sun Nov 13 04:20:01 2005 +0000
+++ b/mail/spamassassin/Makefile        Sun Nov 13 05:08:00 2005 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.60 2005/11/04 11:09:07 rillig Exp $
+# $NetBSD: Makefile,v 1.61 2005/11/13 05:08:00 heinz Exp $
 
 DISTNAME=      Mail-SpamAssassin-${SPAMASSASSIN_VERSION}
 PKGNAME=       spamassassin-${SPAMASSASSIN_VERSION}
-PKGREVISION=   1
+PKGREVISION=   2
 SVR4_PKGNAME=  sa
 CATEGORIES=    mail perl5
 MASTER_SITES=  ${MASTER_SITE_APACHE:=spamassassin/source/} \
diff -r fa77001ae396 -r 805013721ba0 mail/spamassassin/distinfo
--- a/mail/spamassassin/distinfo        Sun Nov 13 04:20:01 2005 +0000
+++ b/mail/spamassassin/distinfo        Sun Nov 13 05:08:00 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.30 2005/06/19 22:29:35 heinz Exp $
+$NetBSD: distinfo,v 1.31 2005/11/13 05:08:00 heinz Exp $
 
 SHA1 (Mail-SpamAssassin-3.0.4.tar.gz) = df37b629ab7b8a3fbb370c16537c59749eac1927
 RMD160 (Mail-SpamAssassin-3.0.4.tar.gz) = a2c975585f20cd9dba09b645ef69993faed17fb4
@@ -6,3 +6,4 @@
 SHA1 (patch-ab) = 36280764366900829205be94466a77662c422524
 SHA1 (patch-ae) = 7d57eb154af72ea82cb8fdafd7277823e33b7dd5
 SHA1 (patch-aq) = c918a738e0c7048183f5efbb0b7265d355ded7b3
+SHA1 (patch-ax) = d874d0b0b03a90e2db1242ec6c2f99f60452abc4
diff -r fa77001ae396 -r 805013721ba0 mail/spamassassin/patches/patch-ax
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/spamassassin/patches/patch-ax        Sun Nov 13 05:08:00 2005 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ax,v 1.1 2005/11/13 05:08:00 heinz Exp $
+
+--- lib/Mail/SpamAssassin/Message.pm.orig      Mon Jun  6 03:31:23 2005
++++ lib/Mail/SpamAssassin/Message.pm
+@@ -324,7 +324,7 @@ sub get_pristine_header {
+   my ($self, $hdr) = @_;
+   
+   return $self->{pristine_headers} unless $hdr;
+-  my(@ret) = $self->{pristine_headers} =~ /^(?:$hdr:[ \t]+(.*\n(?:\s+\S.*\n)*))/mig;
++  my(@ret) = $self->{pristine_headers} =~ /^\Q$hdr\E:[ \t]+(.*?\n(?![ \t]))/smgi;
+   if (@ret) {
+     return wantarray ? @ret : $ret[-1];
+   }
Home | Main Index | Thread Index | Old Index