[pkgsrc/trunk]: pkgsrc/mail/pear-Mail Add a fix for http://secunia.com/adviso...

[taca <taca%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/b613515eae17
branches:  trunk
changeset: 567971:b613515eae17
user:      taca <taca%pkgsrc.org@localhost>
date:      Mon Nov 30 06:16:56 2009 +0000

description:
Add a fix for http://secunia.com/advisories/37410/ refering
Debian's patch via http://secunia.com/advisories/37458/

Bump PKGREVISION.

diffstat:

 mail/pear-Mail/Makefile         |   4 ++--
 mail/pear-Mail/distinfo         |   3 ++-
 mail/pear-Mail/patches/patch-aa |  25 +++++++++++++++++++++++++
 3 files changed, 29 insertions(+), 3 deletions(-)

diffs (53 lines):

diff -r bb1874f28d67 -r b613515eae17 mail/pear-Mail/Makefile
--- a/mail/pear-Mail/Makefile   Mon Nov 30 06:14:58 2009 +0000
+++ b/mail/pear-Mail/Makefile   Mon Nov 30 06:16:56 2009 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.9 2009/07/17 18:00:17 adrianp Exp $
+# $NetBSD: Makefile,v 1.10 2009/11/30 06:16:56 taca Exp $
 
 DISTNAME=      Mail-1.1.14
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    mail
 
 CONFLICTS=     php-pear-Mail-[0-9]*
diff -r bb1874f28d67 -r b613515eae17 mail/pear-Mail/distinfo
--- a/mail/pear-Mail/distinfo   Mon Nov 30 06:14:58 2009 +0000
+++ b/mail/pear-Mail/distinfo   Mon Nov 30 06:16:56 2009 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.2 2006/10/14 12:11:56 adrianp Exp $
+$NetBSD: distinfo,v 1.3 2009/11/30 06:16:56 taca Exp $
 
 SHA1 (pear/Mail-1.1.14.tgz) = 6c46636e0df3c0a813df3cbda1fd5afac987069d
 RMD160 (pear/Mail-1.1.14.tgz) = 72c0c7018b92ef97789f723a1970c41471bd165f
 Size (pear/Mail-1.1.14.tgz) = 17537 bytes
+SHA1 (patch-aa) = ef6b0afa4e45789bb82065413c7b1305f92daf72
diff -r bb1874f28d67 -r b613515eae17 mail/pear-Mail/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/pear-Mail/patches/patch-aa   Mon Nov 30 06:16:56 2009 +0000
@@ -0,0 +1,25 @@
+$NetBSD: patch-aa,v 1.1 2009/11/30 06:16:56 taca Exp $
+
+Fix for http://secunia.com/advisories/37410/:
+       refering Debian's patch via http://secunia.com/advisories/37458/
+
+--- Mail/sendmail.php.orig     2006-09-26 21:44:11.000000000 +0900
++++ Mail/sendmail.php
+@@ -108,7 +108,7 @@ class Mail_sendmail extends Mail {
+         if (PEAR::isError($recipients)) {
+             return $recipients;
+         }
+-        $recipients = escapeShellCmd(implode(' ', $recipients));
++        $recipients = implode(' ', array_map('escapeshellarg', $recipients));
+ 
+         $this->_sanitizeHeaders($headers);
+         $headerElements = $this->prepareHeaders($headers);
+@@ -126,7 +126,7 @@ class Mail_sendmail extends Mail {
+             return PEAR::raiseError('From address specified with dangerous characters.');
+         }
+ 
+-        $from = escapeShellCmd($from);
++        $from = escapeShellArg($from);
+         $mail = @popen($this->sendmail_path . (!empty($this->sendmail_args) ? ' ' . $this->sendmail_args : '') . " -f$from -- $recipients", 'w');
+         if (!$mail) {
+             return PEAR::raiseError('Failed to open sendmail [' . $this->sendmail_path . '] for execution.');