pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2005Q2]: pkgsrc/mail/fetchmail Pullup ticket 623 - requested b...
details: https://anonhg.NetBSD.org/pkgsrc/rev/183dd87c0001
branches: pkgsrc-2005Q2
changeset: 495900:183dd87c0001
user: snj <snj%pkgsrc.org@localhost>
date: Sun Jul 24 22:12:21 2005 +0000
description:
Pullup ticket 623 - requested by Thorsten Frueauf
security fix for fetchmail
Revisions pulled up:
- pkgsrc/mail/fetchmail/Makefile 1.153
- pkgsrc/mail/fetchmail/distinfo 1.31
- pkgsrc/mail/fetchmail/patches/patch-ag 1.3
Include patch for fetchmail 6.2.5.2 because of CAN-2005-2335.
For more details have a look at
http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt
Changes listed within the NEWS file since 6.2.5:
fetchmail-6.2.5.2 (Fri Jul 22 01:52 GMT 2005):
* NOTE: Due to a Makefile.in bug, you may need to use GNU make.
* SECURITY FIX: truncate UIDL replies, lest malicious or compromised
POP3 servers overflow fetchmail's stack. Debian bug #212762.
This is a remote root exploit. CVE Name: CAN-2005-2335.
Thanks: Miloslav Trmac for pointing out the fix in 6.2.5.1 was buggy.
Thanks: Ludwig Nussel for a much simpler fix.
* Critical fix: omit blank between MAIL FROM: and <user%example.org@localhost>,
as this causes mail loss with some listeners.
* Fix: POP2 driver wouldn't properly check authentication failure.
* Sunil Shetye's fix to force fetchsizelimit to 1 for APOP and RPOP.
diffstat:
mail/fetchmail/Makefile | 4 +-
mail/fetchmail/distinfo | 3 +-
mail/fetchmail/patches/patch-ag | 184 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 188 insertions(+), 3 deletions(-)
diffs (215 lines):
diff -r 6853f326a035 -r 183dd87c0001 mail/fetchmail/Makefile
--- a/mail/fetchmail/Makefile Fri Jul 22 16:42:50 2005 +0000
+++ b/mail/fetchmail/Makefile Sun Jul 24 22:12:21 2005 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.152 2005/05/22 21:04:41 jlam Exp $
+# $NetBSD: Makefile,v 1.152.2.1 2005/07/24 22:12:21 snj Exp $
DISTNAME= fetchmail-6.2.5
-PKGREVISION= 4
+PKGREVISION= 5
CATEGORIES= mail
MASTER_SITES= http://www.catb.org/~esr/fetchmail/ \
http://sunsite.unc.edu/pub/Linux/system/mail/pop/
diff -r 6853f326a035 -r 183dd87c0001 mail/fetchmail/distinfo
--- a/mail/fetchmail/distinfo Fri Jul 22 16:42:50 2005 +0000
+++ b/mail/fetchmail/distinfo Sun Jul 24 22:12:21 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.30 2005/04/21 11:13:18 frueauf Exp $
+$NetBSD: distinfo,v 1.30.2.1 2005/07/24 22:12:21 snj Exp $
SHA1 (fetchmail-6.2.5.tar.gz) = 4656ec4393ccd1c137fe7b331f77cb26b576ac0e
RMD160 (fetchmail-6.2.5.tar.gz) = e32b91a959d0e80c4bd45a8758811cbe95a98180
@@ -9,3 +9,4 @@
SHA1 (patch-ad) = b6bffc59f28992fa0d3de0f9dad250c73bbeffc6
SHA1 (patch-ae) = 3acbacee78ab2084a615b0c02b7f83e563bfc7ac
SHA1 (patch-af) = 06e7b84566b0d3ed50b56f88baf23f15ae21eb21
+SHA1 (patch-ag) = e27a4769dc804bec71b449bed7ff318d15ae8bdf
diff -r 6853f326a035 -r 183dd87c0001 mail/fetchmail/patches/patch-ag
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/fetchmail/patches/patch-ag Sun Jul 24 22:12:21 2005 +0000
@@ -0,0 +1,184 @@
+$NetBSD: patch-ag,v 1.2.14.1 2005/07/24 22:12:21 snj Exp $
+
+This patch originates from
+http://download.berlios.de/fetchmail/fetchmail-patch-6.2.5.2.gz
+
+and upgrades fetchmail 6.2.5 to 6.2.5.2, which among other stuff fixes
+CAN-2005-2355: buffer overflow in "fetchmail".
+
+*** Makefile.in Wed Oct 15 22:38:18 2003
+--- Makefile.in Fri Jul 22 01:55:44 2005
+***************
+*** 4,10 ****
+ # So just uncomment all the lines marked QNX.
+
+ PACKAGE = fetchmail
+! VERSION = 6.2.5
+
+ # Ultrix 2.2 make doesn't expand the value of VPATH.
+ srcdir = @srcdir@
+--- 4,10 ----
+ # So just uncomment all the lines marked QNX.
+
+ PACKAGE = fetchmail
+! VERSION = 6.2.5.2
+
+ # Ultrix 2.2 make doesn't expand the value of VPATH.
+ srcdir = @srcdir@
+*** NEWS Wed Oct 15 22:40:17 2003
+--- NEWS Fri Jul 22 01:52:16 2005
+***************
+*** 2,7 ****
+--- 2,20 ----
+
+ (The `lines' figures total .c, .h, .l, and .y files under version control.)
+
++ fetchmail-6.2.5.2 (Fri Jul 22 01:52 GMT 2005):
++
++ * NOTE: Due to a Makefile.in bug, you may need to use GNU make.
++ * SECURITY FIX: truncate UIDL replies, lest malicious or compromised
++ POP3 servers overflow fetchmail's stack. Debian bug #212762.
++ This is a remote root exploit. CVE Name: CAN-2005-2335.
++ Thanks: Miloslav Trmac for pointing out the fix in 6.2.5.1 was buggy.
++ Thanks: Ludwig Nussel for a much simpler fix.
++ * Critical fix: omit blank between MAIL FROM: and <user%example.org@localhost>,
++ as this causes mail loss with some listeners.
++ * Fix: POP2 driver wouldn't properly check authentication failure.
++ * Sunil Shetye's fix to force fetchsizelimit to 1 for APOP and RPOP.
++
+ fetchmail-6.2.5 (Wed Oct 15 18:39:22 EDT 2003), 23079 lines:
+
+ * Updated Spanish, Turkish, and German translation files.
+*** driver.c Wed Oct 15 19:22:31 2003
+--- driver.c Fri Jul 22 01:49:49 2005
+***************
+*** 429,436 ****
+ /* for POP3, we can get the size of one mail only! Unfortunately, this
+ * protocol specific test cannot be done elsewhere as the protocol
+ * could be "auto". */
+! if (ctl->server.protocol == P_POP3)
+ fetchsizelimit = 1;
+
+ /* Time to allocate memory to store the sizes */
+ xalloca(msgsizes, int *, sizeof(int) * fetchsizelimit);
+--- 429,439 ----
+ /* for POP3, we can get the size of one mail only! Unfortunately, this
+ * protocol specific test cannot be done elsewhere as the protocol
+ * could be "auto". */
+! switch (ctl->server.protocol)
+! {
+! case P_POP3: case P_APOP: case P_RPOP:
+ fetchsizelimit = 1;
++ }
+
+ /* Time to allocate memory to store the sizes */
+ xalloca(msgsizes, int *, sizeof(int) * fetchsizelimit);
+*** pop2.c Wed Oct 15 19:17:43 2003
+--- pop2.c Fri Jul 22 01:47:28 2005
+***************
+*** 61,66 ****
+--- 61,67 ----
+ "HELO %s %s",
+ ctl->remotename, ctl->password);
+ shroud[0] = '\0';
++ return status;
+ }
+
+ static int pop2_getrange(int sock, struct query *ctl, const char *folder,
+*** pop3.c Wed Oct 15 19:22:31 2003
+--- pop3.c Fri Jul 22 01:44:00 2005
+***************
+*** 613,618 ****
+--- 613,620 ----
+ return 0;
+ }
+
++ #define str(s) #s
++ #define UIDLFMT(n) "%d %" str(n) "s"
+ static int pop3_getuidl( int sock, int num , char *id)
+ {
+ int ok;
+***************
+*** 620,626 ****
+ gen_send(sock, "UIDL %d", num);
+ if ((ok = pop3_ok(sock, buf)) != 0)
+ return(ok);
+! if (sscanf(buf, "%d %s", &num, id) != 2)
+ return(PS_PROTOCOL);
+ return(PS_SUCCESS);
+ }
+--- 622,628 ----
+ gen_send(sock, "UIDL %d", num);
+ if ((ok = pop3_ok(sock, buf)) != 0)
+ return(ok);
+! if (sscanf(buf, UIDLFMT(IDLEN), &num, id) != 2)
+ return(PS_PROTOCOL);
+ return(PS_SUCCESS);
+ }
+***************
+*** 862,868 ****
+ {
+ if (DOTLINE(buf))
+ break;
+! else if (sscanf(buf, "%d %s", &num, id) == 2)
+ {
+ struct idlist *old, *new;
+
+--- 864,870 ----
+ {
+ if (DOTLINE(buf))
+ break;
+! else if (sscanf(buf, UIDLFMT(IDLEN), &num, id) == 2)
+ {
+ struct idlist *old, *new;
+
+*** sink.c Fri Oct 10 22:06:36 2003
+--- sink.c Fri Jul 22 01:42:23 2005
+***************
+*** 724,730 ****
+
+ /* see the ap computation under the SMTP branch */
+ fprintf(sinkfp,
+! "MAIL FROM: %s", (msg->return_path[0]) ? msg->return_path : user);
+
+ if (ctl->pass8bits || (ctl->mimemsg & MSG_IS_8BIT))
+ fputs(" BODY=8BITMIME", sinkfp);
+--- 724,730 ----
+
+ /* see the ap computation under the SMTP branch */
+ fprintf(sinkfp,
+! "MAIL FROM:%s", (msg->return_path[0]) ? msg->return_path : user);
+
+ if (ctl->pass8bits || (ctl->mimemsg & MSG_IS_8BIT))
+ fputs(" BODY=8BITMIME", sinkfp);
+*** smtp.c Wed Aug 6 03:30:18 2003
+--- smtp.c Fri Jul 22 01:42:23 2005
+***************
+*** 232,244 ****
+ int ok;
+ char buf[MSGBUFSIZE];
+
+! if (strchr(from, '<'))
+ #ifdef HAVE_SNPRINTF
+ snprintf(buf, sizeof(buf),
+ #else
+ sprintf(buf,
+ #endif /* HAVE_SNPRINTF */
+! "MAIL FROM: %s", from);
+ else
+ #ifdef HAVE_SNPRINTF
+ snprintf(buf, sizeof(buf),
+--- 232,244 ----
+ int ok;
+ char buf[MSGBUFSIZE];
+
+! if (from[0]=='<')
+ #ifdef HAVE_SNPRINTF
+ snprintf(buf, sizeof(buf),
+ #else
+ sprintf(buf,
+ #endif /* HAVE_SNPRINTF */
+! "MAIL FROM:%s", from);
+ else
+ #ifdef HAVE_SNPRINTF
+ snprintf(buf, sizeof(buf),
Home |
Main Index |
Thread Index |
Old Index