pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2017Q3] pkgsrc/mail/procmail



Module Name:    pkgsrc
Committed By:   spz
Date:           Wed Dec 20 16:36:28 UTC 2017

Modified Files:
        pkgsrc/mail/procmail [pkgsrc-2017Q3]: Makefile distinfo
        pkgsrc/mail/procmail/patches [pkgsrc-2017Q3]: patch-bd

Log Message:
Pullup ticket #5653 - requested by bsiegert
mail/procmail: security patch

Revisions pulled up:
- mail/procmail/Makefile                                        1.50
- mail/procmail/distinfo                                        1.17
- mail/procmail/patches/patch-bd                                1.4

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   snj
   Date:           Sun Nov 26 20:39:41 UTC 2017

   Modified Files:
           pkgsrc/mail/procmail: Makefile distinfo
           pkgsrc/mail/procmail/patches: patch-bd

   Log Message:
   procmail: Fix CVE-2017-16844

   Patch from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug�6511

   Bump PKGREVISION

   To generate a diff of this commit:
   cvs rdiff -u -r1.49 -r1.50 pkgsrc/mail/procmail/Makefile
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/mail/procmail/distinfo
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/mail/procmail/patches/patch-bd


To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.49.26.1 pkgsrc/mail/procmail/Makefile
cvs rdiff -u -r1.16 -r1.16.18.1 pkgsrc/mail/procmail/distinfo
cvs rdiff -u -r1.3 -r1.3.28.1 pkgsrc/mail/procmail/patches/patch-bd

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/mail/procmail/Makefile
diff -u pkgsrc/mail/procmail/Makefile:1.49 pkgsrc/mail/procmail/Makefile:1.49.26.1
--- pkgsrc/mail/procmail/Makefile:1.49  Thu Oct  9 14:06:40 2014
+++ pkgsrc/mail/procmail/Makefile       Wed Dec 20 16:36:27 2017
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.49 2014/10/09 14:06:40 wiz Exp $
+# $NetBSD: Makefile,v 1.49.26.1 2017/12/20 16:36:27 spz Exp $
 
 DISTNAME=      procmail-3.22
-PKGREVISION=   4
+PKGREVISION=   5
 CATEGORIES=    mail
 MASTER_SITES=  ftp://ftp.procmail.org/pub/procmail/
 

Index: pkgsrc/mail/procmail/distinfo
diff -u pkgsrc/mail/procmail/distinfo:1.16 pkgsrc/mail/procmail/distinfo:1.16.18.1
--- pkgsrc/mail/procmail/distinfo:1.16  Tue Nov  3 23:27:17 2015
+++ pkgsrc/mail/procmail/distinfo       Wed Dec 20 16:36:27 2017
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.16 2015/11/03 23:27:17 agc Exp $
+$NetBSD: distinfo,v 1.16.18.1 2017/12/20 16:36:27 spz Exp $
 
 SHA1 (procmail-3.22.tar.gz) = cd4e44c15559816453fd60349e5a32289f6f2965
 RMD160 (procmail-3.22.tar.gz) = e609ec94ea9ab3b93629c62b3e29add497806483
@@ -14,4 +14,4 @@ SHA1 (patch-ag) = 8f2ae1f2e7bdc3c2295148
 SHA1 (patch-ba) = 2ebbd43d2773b147ee6410e37ab3696aeda3c07c
 SHA1 (patch-bb) = 5b273bd60d24168794189bb844e39e94bd688ea8
 SHA1 (patch-bc) = 7344d3c2fce1bcd3276d8e5014bf9537c6dece5c
-SHA1 (patch-bd) = fb6f2fb4b5fe1ea01682a319b6655b023e5c5fd0
+SHA1 (patch-bd) = 27a7711e400f934bc82937eae68681e0b5c30c4a

Index: pkgsrc/mail/procmail/patches/patch-bd
diff -u pkgsrc/mail/procmail/patches/patch-bd:1.3 pkgsrc/mail/procmail/patches/patch-bd:1.3.28.1
--- pkgsrc/mail/procmail/patches/patch-bd:1.3   Thu Sep  4 07:37:44 2014
+++ pkgsrc/mail/procmail/patches/patch-bd       Wed Dec 20 16:36:28 2017
@@ -1,14 +1,18 @@
-$NetBSD: patch-bd,v 1.3 2014/09/04 07:37:44 wiz Exp $
+$NetBSD: patch-bd,v 1.3.28.1 2017/12/20 16:36:28 spz Exp $
 
 First chunk:
 https://bugzilla.redhat.com/show_bug.cgi?id=1121299
 CVE-2014-3618
 
 Second chunk:
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876511
+CVE-2017-16844
+
+Third chunk:
 Avoid conflict with existing getline() functions.
 
---- src/formisc.c.orig 2001-06-29 02:20:45.000000000 +0000
-+++ src/formisc.c
+--- src/formisc.c.orig 2001-06-28 19:20:45.000000000 -0700
++++ src/formisc.c      2017-11-26 12:21:14.260042851 -0800
 @@ -84,12 +84,11 @@ normal:       *target++= *start++;
        case '"':*target++=delim='"';start++;
        }
@@ -23,6 +27,15 @@ Avoid conflict with existing getline() f
        }
       hitspc=2;
     }
+@@ -104,7 +103,7 @@ void loadsaved(sp)const struct saved*con
+ }
+                                                           /* append to buf */
+ void loadbuf(text,len)const char*const text;const size_t len;
+-{ if(buffilled+len>buflen)                      /* buf can't hold the text */
++{ while(buffilled+len>buflen)                   /* buf can't hold the text */
+      buf=realloc(buf,buflen+=Bsize);
+   tmemmove(buf+buffilled,text,len);buffilled+=len;
+ }
 @@ -115,7 +114,7 @@ void loadchar(c)const int c;                     /* a
    buf[buffilled++]=c;
  }



Home | Main Index | Thread Index | Old Index