Re: prozilla security update

To: pkgsrc-wip-discuss%lists.sourceforge.net@localhost
Subject: Re: prozilla security update
From: Geert Hendrickx <ghen%telenet.be@localhost>
Date: Thu, 6 Oct 2005 17:12:54 +0200 See http://spamassassin.org/tag/ for more details. Report problems to http://sf.net/tracker/?func=add&group_id=1&atid=200001 1.0 FORGED_RCVD_HELO Received: contains a forged HELO

On Thu, Oct 06, 2005 at 05:08:22PM +0200, Geert Hendrickx wrote:
> Diff attached

Traditionally forgotten, here it is.  

        Geert

Index: Makefile
===================================================================
RCS file: /cvsroot/pkgsrc-wip/wip/prozilla/Makefile,v
retrieving revision 1.5
diff -u -r1.5 Makefile
--- Makefile    24 May 2005 10:31:21 -0000      1.5
+++ Makefile    6 Oct 2005 15:05:00 -0000
@@ -2,6 +2,7 @@
 #
 
 DISTNAME=              prozilla-1.3.6
+PKGREVISION=           1
 CATEGORIES=            net
 MASTER_SITES=          http://prozilla.genesys.ro/downloads/prozilla/tarballs/
 
Index: distinfo
===================================================================
RCS file: /cvsroot/pkgsrc-wip/wip/prozilla/distinfo,v
retrieving revision 1.5
diff -u -r1.5 distinfo
--- distinfo    28 Sep 2005 06:41:34 -0000      1.5
+++ distinfo    6 Oct 2005 15:05:00 -0000
@@ -7,7 +7,7 @@
 SHA1 (patch-ab) = a1720193d73ce1fc57e040fd1f39b5bf06a45504
 SHA1 (patch-ac) = 29738e446a0e4a2473535cbb526bba15e4716885
 SHA1 (patch-ad) = d114546cb0ecfa92cef67b4f4e367eef98ade8ce
-SHA1 (patch-ae) = 170edfe8cc118d65cf8ace4f3f9c69f908ae3f82
+SHA1 (patch-ae) = 5a8002e321bec571542ea007e4a8001f2a4dc473
 SHA1 (patch-af) = c9909eb506a78a5af6d564c309fd9306b0005da3
 SHA1 (patch-ag) = 815718d056df484e5cfce8d03020494cb0fb2be7
 SHA1 (patch-ah) = fdb7aca2dd1378dab31ce6e1251b4ae531b62d20
Index: patches/patch-ae
===================================================================
RCS file: /cvsroot/pkgsrc-wip/wip/prozilla/patches/patch-ae,v
retrieving revision 1.2
diff -u -r1.2 patch-ae
--- patches/patch-ae    21 Jun 2004 07:49:43 -0000      1.2
+++ patches/patch-ae    6 Oct 2005 15:05:00 -0000
@@ -1,7 +1,7 @@
 $NetBSD$
 
 --- src/ftpsearch.c.orig       2001-08-18 01:38:28.000000000 +0200
-+++ src/ftpsearch.c    2004-06-19 20:15:55.000000000 +0200
++++ src/ftpsearch.c
 @@ -26,7 +26,6 @@
  #include <fcntl.h>
  #include <netdb.h>
@@ -10,3 +10,12 @@
  #include <arpa/inet.h>
  #include <errno.h>
  #include <string.h>
+@@ -94,7 +93,7 @@ char *get_string_ahref(char *buf, char *
+     p3 = find_closed_a(p2);
+     assert(p3 != NULL);
+ 
+-    strncpy(out, p2 + 1, p3 - p2 - 1);
++    strncpy(out, p2 + 1, (p3 - p2 - 1 > 1024) ? 1024 : p3 - p2 - 1);
+     out[p3 - p2 - 1] = 0;
+     return p3;
+

References:
- prozilla security update
  - From: Geert Hendrickx

Prev by Date: Re: prozilla security update
Next by Date: Re: prozilla security update
Previous by Thread: Re: prozilla security update
Next by Thread: added Xara LX bin package to pkgsrc-wip
Indexes:

Home | Main Index | Thread Index | Old Index