[pkgsrc/trunk]: pkgsrc/mail/evolution12 as with 2.0.3:

[drochner <drochner%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/469731ea1dcd
branches:  trunk
changeset: 488434:469731ea1dcd
user:      drochner <drochner%pkgsrc.org@localhost>
date:      Mon Jan 31 17:33:57 2005 +0000

description:
as with 2.0.3:
> apply a patch from evution CVS:
> 2005-01-20  Not Zed  <NotZed%Ximian.com@localhost>
> * camel-lock-helper.c (main): since malloc(MAXINT+1) returns a
>   valid pointer, validate the length of the path before using it.
>   set maximum path to 65000 characters.  Spotted by Max Vozeler
>     <max%hinterhof.net@localhost>
>
> This fixes the security vulnerability refered to as CAN-2005-0102.
> bump PKGREVISION

diffstat:

 mail/evolution12/Makefile         |   4 ++--
 mail/evolution12/distinfo         |   3 ++-
 mail/evolution12/patches/patch-am |  16 ++++++++++++++++
 3 files changed, 20 insertions(+), 3 deletions(-)

diffs (48 lines):

diff -r 22c25b64d013 -r 469731ea1dcd mail/evolution12/Makefile
--- a/mail/evolution12/Makefile Mon Jan 31 15:49:48 2005 +0000
+++ b/mail/evolution12/Makefile Mon Jan 31 17:33:57 2005 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.14 2004/12/28 23:18:16 reed Exp $
+# $NetBSD: Makefile,v 1.15 2005/01/31 17:33:57 drochner Exp $
 
 DISTNAME=              evolution-1.2.4
 PKGNAME=               ${DISTNAME:S/evolution/evolution12/}
-PKGREVISION=           3
+PKGREVISION=           4
 CATEGORIES=            mail time gnome
 MASTER_SITES=          ftp://ftp.ximian.com/pub/ximian-evolution/source/ \
                        ftp://ximian.netnitco.net/pub/mirrors/ximian/ximian-evolution/source/ \
diff -r 22c25b64d013 -r 469731ea1dcd mail/evolution12/distinfo
--- a/mail/evolution12/distinfo Mon Jan 31 15:49:48 2005 +0000
+++ b/mail/evolution12/distinfo Mon Jan 31 17:33:57 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.1.1.1 2004/01/04 21:39:50 rh Exp $
+$NetBSD: distinfo,v 1.2 2005/01/31 17:33:57 drochner Exp $
 
 SHA1 (evolution-1.2.4.tar.bz2) = 924ef022d39ab437e41b784181ba572e8a16e59d
 Size (evolution-1.2.4.tar.bz2) = 12940769 bytes
@@ -14,3 +14,4 @@
 SHA1 (patch-aj) = 0e132d78a59631d443a8fe03a838033089e1802c
 SHA1 (patch-ak) = 3c1f314f16743221a2ce9db659c0877b70f00f51
 SHA1 (patch-al) = de0b84420c20aabe4d9eadf5f322b117a71ca2dc
+SHA1 (patch-am) = 18b9a5eda1ca81ef158e04295e13a33c54683ae1
diff -r 22c25b64d013 -r 469731ea1dcd mail/evolution12/patches/patch-am
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/evolution12/patches/patch-am Mon Jan 31 17:33:57 2005 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-am,v 1.1 2005/01/31 17:33:57 drochner Exp $
+
+--- camel/camel-lock-helper.c.orig     2001-11-03 01:26:18.000000000 +0100
++++ camel/camel-lock-helper.c
+@@ -360,8 +360,9 @@ int main(int argc, char **argv)
+                       switch(msg.id) {
+                       case CAMEL_LOCK_HELPER_LOCK:
+                               res = CAMEL_LOCK_HELPER_STATUS_NOMEM;
+-                              path = malloc(msg.data+1);
+-                              if (path != NULL) {
++                              if (msg.data > 0xffff) {
++                                      res = CAMEL_LOCK_HELPER_STATUS_PROTOCOL;
++                              } else if ((path = malloc(msg.data+1)) != NULL) {
+                                       res = CAMEL_LOCK_HELPER_STATUS_PROTOCOL;
+                                       len = read_n(STDIN_FILENO, path, msg.data);
+                                       if (len == msg.data) {