aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--security/cyrus-sasl2/Makefile2
-rw-r--r--security/cyrus-sasl2/files/patch-lib::common.c16
2 files changed, 17 insertions, 1 deletions
diff --git a/security/cyrus-sasl2/Makefile b/security/cyrus-sasl2/Makefile
index a8ac4a6a6263..fc374ad963a3 100644
--- a/security/cyrus-sasl2/Makefile
+++ b/security/cyrus-sasl2/Makefile
@@ -7,7 +7,7 @@
PORTNAME= cyrus-sasl
PORTVERSION= 2.1.19
-#PORTREVISION= 0
+PORTREVISION= 1
CATEGORIES= security ipv6
MASTER_SITES= ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%SUBDIR%/ \
ftp://ftp.westbend.net/pub/cyrus-mail/%SUBDIR%/ \
diff --git a/security/cyrus-sasl2/files/patch-lib::common.c b/security/cyrus-sasl2/files/patch-lib::common.c
new file mode 100644
index 000000000000..76b66e7b5e86
--- /dev/null
+++ b/security/cyrus-sasl2/files/patch-lib::common.c
@@ -0,0 +1,16 @@
+Index: lib/common.c
+diff -u -p lib/common.c.orig lib/common.c
+--- lib/common.c.orig Wed Jul 7 01:03:05 2004
++++ lib/common.c Sat Oct 9 02:03:02 2004
+@@ -1838,7 +1838,10 @@ _sasl_getpath(void *context __attribute_
+ if (! path)
+ return SASL_BADPARAM;
+
+- *path = getenv(SASL_PATH_ENV_VAR);
++ /* Honor external variable only in a safe environment */
++ if (getuid() == geteuid() && getgid() == getegid())
++ *path = getenv(SASL_PATH_ENV_VAR);
++
+ if (! *path)
+ *path = PLUGINDIR;
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-06 08:08:03 +0000