[pkgsrc/trunk]: pkgsrc/mail/fetchmail Add fix for security vulnerability repo...

[tron <tron%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/3c16e16c6ee8
branches:  trunk
changeset: 533664:3c16e16c6ee8
user:      tron <tron%pkgsrc.org@localhost>
date:      Sun Sep 23 12:48:46 2007 +0000

description:
Add fix for security vulnerability reported in CVE-2007-4565.
Bump package revision.

diffstat:

 mail/fetchmail/Makefile         |   3 ++-
 mail/fetchmail/distinfo         |   3 ++-
 mail/fetchmail/patches/patch-aa |  13 +++++++++++++
 3 files changed, 17 insertions(+), 2 deletions(-)

diffs (40 lines):

diff -r 2d7826316f20 -r 3c16e16c6ee8 mail/fetchmail/Makefile
--- a/mail/fetchmail/Makefile   Sun Sep 23 12:05:44 2007 +0000
+++ b/mail/fetchmail/Makefile   Sun Sep 23 12:48:46 2007 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.162 2007/04/14 22:14:29 tron Exp $
+# $NetBSD: Makefile,v 1.163 2007/09/23 12:48:46 tron Exp $
 
 DISTNAME=      fetchmail-6.3.8
+PKGREVISION=   1
 CATEGORIES=    mail
 MASTER_SITES=  http://download.berlios.de/fetchmail/   \
                http://download2.berlios.de/fetchmail/
diff -r 2d7826316f20 -r 3c16e16c6ee8 mail/fetchmail/distinfo
--- a/mail/fetchmail/distinfo   Sun Sep 23 12:05:44 2007 +0000
+++ b/mail/fetchmail/distinfo   Sun Sep 23 12:48:46 2007 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.37 2007/04/14 22:14:29 tron Exp $
+$NetBSD: distinfo,v 1.38 2007/09/23 12:48:46 tron Exp $
 
 SHA1 (fetchmail-6.3.8.tar.bz2) = b8e8c51ed6cf53fc398c821fdb29d166c6713bb0
 RMD160 (fetchmail-6.3.8.tar.bz2) = 34034f9ae9fe44ba35f0a16d3128d4a9b0001df2
 Size (fetchmail-6.3.8.tar.bz2) = 1323515 bytes
+SHA1 (patch-aa) = d8234f2bbe91003c4cb5c9896dfe33c8226a74de
diff -r 2d7826316f20 -r 3c16e16c6ee8 mail/fetchmail/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/fetchmail/patches/patch-aa   Sun Sep 23 12:48:46 2007 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-aa,v 1.6 2007/09/23 12:48:46 tron Exp $
+
+--- sink.c.orig        2007-03-29 23:45:17.000000000 +0100
++++ sink.c     2007-09-23 13:42:40.000000000 +0100
+@@ -262,7 +262,7 @@
+     const char *md1 = "MAILER-DAEMON", *md2 = "MAILER-DAEMON@";
+ 
+     /* don't bounce in reply to undeliverable bounces */
+-    if (!msg->return_path[0] ||
++    if (!msg || !msg->return_path[0] ||
+       strcmp(msg->return_path, "<>") == 0 ||
+       strcasecmp(msg->return_path, md1) == 0 ||
+       strncasecmp(msg->return_path, md2, strlen(md2)) == 0)