diff options
| author | Simon Barner <barner@FreeBSD.org> | 2008-07-01 16:35:50 +0000 |
|---|---|---|
| committer | Simon Barner <barner@FreeBSD.org> | 2008-07-01 16:35:50 +0000 |
| commit | a227f4d51112c35d209109f7f606cf87e82b3d57 (patch) | |
| tree | bd8d9bc5cd772b2e523f40436a2d82a66ed7053c /mail/fetchmail | |
| parent | 781cb19f4482e545b042e89b0f7e38fb1298effe (diff) | |
| download | ports-a227f4d51112c35d209109f7f606cf87e82b3d57.tar.gz ports-a227f4d51112c35d209109f7f606cf87e82b3d57.zip | |
- Use revised patch for CVE-2008-2711
- Bump port revision
Security: http://fetchmail.berlios.de/fetchmail-SA-2008-01.txt
Security: http://www.vuxml.org/freebsd/1e8e63c0-478a-11dd-a88d-000ea69a5213.html
Notes
Notes:
svn path=/head/; revision=216094
Diffstat (limited to 'mail/fetchmail')
| -rw-r--r-- | mail/fetchmail/Makefile | 2 | ||||
| -rw-r--r-- | mail/fetchmail/files/patch-CVE-2008-2711 | 41 |
2 files changed, 32 insertions, 11 deletions
diff --git a/mail/fetchmail/Makefile b/mail/fetchmail/Makefile index 5c5bf8667d46..fd920ae61ba3 100644 --- a/mail/fetchmail/Makefile +++ b/mail/fetchmail/Makefile @@ -11,7 +11,7 @@ PORTNAME= fetchmail PORTVERSION= 6.3.8 -PORTREVISION= 6 +PORTREVISION= 7 CATEGORIES= mail ipv6 MASTER_SITES= ${MASTER_SITE_BERLIOS} \ ${MASTER_SITE_SUNSITE:S/$/:sunsite/}\ diff --git a/mail/fetchmail/files/patch-CVE-2008-2711 b/mail/fetchmail/files/patch-CVE-2008-2711 index a8514ac2ff47..adac89b03670 100644 --- a/mail/fetchmail/files/patch-CVE-2008-2711 +++ b/mail/fetchmail/files/patch-CVE-2008-2711 @@ -1,27 +1,48 @@ -diff --git a/report.c b/report.c -index 31d4e48..2a731ac 100644 ---- ./report.c~ -+++ ./report.c -@@ -238,11 +238,17 @@ report_build (FILE *errfp, message, va_alist) +--- report.c.orig 2008-07-01 18:15:58.000000000 +0200 ++++ report.c 2008-07-01 18:18:53.000000000 +0200 +@@ -238,11 +238,17 @@ rep_ensuresize(); - + #if defined(VA_START) - VA_START (args, message); for ( ; ; ) { + /* -+ * args has to be initialized before every call of vsnprintf(), -+ * because vsnprintf() invokes va_arg macro and thus args is ++ * args has to be initialized before every call of vsnprintf(), ++ * because vsnprintf() invokes va_arg macro and thus args is + * undefined after the call. + */ + VA_START(args, message); n = vsnprintf (partial_message + partial_message_size_used, partial_message_size - partial_message_size_used, message, args); + va_end (args); - + if (n >= 0 && (unsigned)n < partial_message_size - partial_message_size_used) -@@ -254,7 +260,6 @@ report_build (FILE *errfp, message, va_alist) +@@ -254,7 +260,6 @@ + partial_message_size += 2048; + partial_message = REALLOC (partial_message, partial_message_size); + } +- va_end (args); + #else + for ( ; ; ) + { +@@ -304,12 +309,13 @@ + rep_ensuresize(); + + #if defined(VA_START) +- VA_START (args, message); + for ( ; ; ) + { ++ VA_START(args, message); + n = vsnprintf (partial_message + partial_message_size_used, + partial_message_size - partial_message_size_used, + message, args); ++ va_end(args); + + /* old glibc versions return -1 for truncation */ + if (n >= 0 +@@ -322,7 +328,6 @@ partial_message_size += 2048; partial_message = REALLOC (partial_message, partial_message_size); } |