pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2006Q4]: pkgsrc/mail/dovecot Pullup ticket 2061 - requested by...
details: https://anonhg.NetBSD.org/pkgsrc/rev/582f5f25d322
branches: pkgsrc-2006Q4
changeset: 523086:582f5f25d322
user: salo <salo%pkgsrc.org@localhost>
date: Tue Apr 03 16:58:21 2007 +0000
description:
Pullup ticket 2061 - requested by ghen
security fix for dovecot
Updated via patch provided by the submitter.
http://dovecot.org/list/dovecot-cvs/2007-March/008488.html
diffstat:
mail/dovecot/Makefile | 3 ++-
mail/dovecot/distinfo | 3 ++-
mail/dovecot/patches/patch-ad | 31 +++++++++++++++++++++++++++++++
3 files changed, 35 insertions(+), 2 deletions(-)
diffs (62 lines):
diff -r aea6a6d1b531 -r 582f5f25d322 mail/dovecot/Makefile
--- a/mail/dovecot/Makefile Sat Mar 24 21:03:57 2007 +0000
+++ b/mail/dovecot/Makefile Tue Apr 03 16:58:21 2007 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.76 2006/12/15 17:35:20 joerg Exp $
+# $NetBSD: Makefile,v 1.76.2.1 2007/04/03 16:58:21 salo Exp $
DISTNAME= dovecot-1.0.rc15
PKGNAME= ${DISTNAME:S/.rc/rc/}
+PKGREVISION= 1
CATEGORIES= mail
MASTER_SITES= http://www.dovecot.org/releases/
diff -r aea6a6d1b531 -r 582f5f25d322 mail/dovecot/distinfo
--- a/mail/dovecot/distinfo Sat Mar 24 21:03:57 2007 +0000
+++ b/mail/dovecot/distinfo Tue Apr 03 16:58:21 2007 +0000
@@ -1,8 +1,9 @@
-$NetBSD: distinfo,v 1.48 2006/11/19 10:36:34 ghen Exp $
+$NetBSD: distinfo,v 1.48.2.1 2007/04/03 16:58:21 salo Exp $
SHA1 (dovecot-1.0.rc15.tar.gz) = 9b618d0c1562aa64bd1e055ffa9fe5f2412514af
RMD160 (dovecot-1.0.rc15.tar.gz) = 904ef7d1f0fbfe8055f13d9036f7107f498b522e
Size (dovecot-1.0.rc15.tar.gz) = 1463069 bytes
SHA1 (patch-aa) = 6258057d49add91f06d4dd51ded72e42f6774354
SHA1 (patch-ab) = 7a6441459bcf6d291d9fef7d99f46e825283f673
+SHA1 (patch-ad) = 91c8246f73c8858ac032c364385a1a348b09b5c7
SHA1 (patch-ag) = bd180441a0983ceccc898024370a3bdefdc11b1f
diff -r aea6a6d1b531 -r 582f5f25d322 mail/dovecot/patches/patch-ad
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/dovecot/patches/patch-ad Tue Apr 03 16:58:21 2007 +0000
@@ -0,0 +1,31 @@
+$NetBSD: patch-ad,v 1.4.6.1 2007/04/03 16:58:21 salo Exp $
+
+Security fix taken from dovecot-1.0rc29:
+http://www.dovecot.org/list/dovecot-news/2007-March/000038.html
+
+--- src/lib-storage/index/mbox/mbox-storage.c.orig 2007-04-01 13:32:47.000000000 +0200
++++ src/lib-storage/index/mbox/mbox-storage.c
+@@ -706,6 +706,11 @@ mbox_mailbox_open(struct mail_storage *_
+
+ mail_storage_clear_error(_storage);
+
++ if (!mbox_is_valid_existing_name(_storage, name)) {
++ mail_storage_set_error(_storage, "Invalid mailbox name");
++ return NULL;
++ }
++
+ if (input != NULL)
+ return mbox_mailbox_open_stream(storage, name, input, flags);
+
+@@ -716,11 +721,6 @@ mbox_mailbox_open(struct mail_storage *_
+ return mbox_open(storage, "INBOX", flags);
+ }
+
+- if (!mbox_is_valid_existing_name(_storage, name)) {
+- mail_storage_set_error(_storage, "Invalid mailbox name");
+- return NULL;
+- }
+-
+ path = mbox_get_path(istorage, name);
+ if (stat(path, &st) == 0) {
+ if (S_ISDIR(st.st_mode)) {
Home |
Main Index |
Thread Index |
Old Index