FreeBSD Bugzilla – Attachment 127348 Details for
Bug 171177
[PATCH] mail/fetchmail: security update to 6.3.22
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
fetchmail-6.3.22.patch
fetchmail-6.3.22.patch (text/plain), 5.07 KB, created by
Matthias Andree
on 2012-08-30 00:00:17 UTC
(
hide
)
Description:
fetchmail-6.3.22.patch
Filename:
MIME Type:
Creator:
Matthias Andree
Created:
2012-08-30 00:00:17 UTC
Size:
5.07 KB
patch
obsolete
>diff -ruN --exclude=CVS /usr/ports/mail/fetchmail/Makefile ./Makefile >--- /usr/ports/mail/fetchmail/Makefile 2012-08-27 19:44:23.000000000 +0200 >+++ ./Makefile 2012-08-30 00:39:39.000000000 +0200 >@@ -2,7 +2,7 @@ > # Date created: 25 Feb 2000 > # Whom: Ville Eerola <ve@sci.fi> > # >-# $FreeBSD: ports/mail/fetchmail/Makefile,v 1.222 2012/08/27 17:44:23 mandree Exp $ >+# $FreeBSD: head/mail/fetchmail/Makefile 303238 2012-08-27 17:44:23Z mandree $ > # > # NOTE: The fetchmailconf program (an interactive program for > # writing .fetchmailrc files) requires Python, Tk, X11, etc.. >@@ -11,8 +11,7 @@ > # want fetchmailconf to work, define the X11 option. > > PORTNAME= fetchmail >-PORTVERSION= 6.3.21 >-PORTREVISION= 1 >+PORTVERSION= 6.3.22 > CATEGORIES= mail ipv6 > MASTER_SITES= BERLIOS/${PORTNAME}/ \ > SF/${PORTNAME}/branch_6.3/ \ >diff -ruN --exclude=CVS /usr/ports/mail/fetchmail/distinfo ./distinfo >--- /usr/ports/mail/fetchmail/distinfo 2012-02-25 00:56:18.000000000 +0100 >+++ ./distinfo 2012-08-30 00:39:42.000000000 +0200 >@@ -1,2 +1,2 @@ >-SHA256 (fetchmail-6.3.21.tar.xz) = dc1b92666df7bc4d6be3e66654e9894bcaa76527ea99183deabd9e11486e0f82 >-SIZE (fetchmail-6.3.21.tar.xz) = 1254704 >+SHA256 (fetchmail-6.3.22.tar.xz) = 9ab51a851f79e16258f068e791c39e3e378a99927f70c9635132f4295d70b1a4 >+SIZE (fetchmail-6.3.22.tar.xz) = 1260296 >diff -ruN --exclude=CVS /usr/ports/mail/fetchmail/files/fetchmail.in ./files/fetchmail.in >--- /usr/ports/mail/fetchmail/files/fetchmail.in 2012-01-14 09:55:56.000000000 +0100 >+++ ./files/fetchmail.in 2012-07-17 03:36:34.000000000 +0200 >@@ -1,6 +1,6 @@ > #!/bin/sh > # >-# $FreeBSD: ports/mail/fetchmail/files/fetchmail.in,v 1.11 2012/01/14 08:55:56 dougb Exp $ >+# $FreeBSD$ > # > > # PROVIDE: fetchmail >diff -ruN --exclude=CVS /usr/ports/mail/fetchmail/files/fetchmailconf ./files/fetchmailconf >--- /usr/ports/mail/fetchmail/files/fetchmailconf 2005-12-06 22:07:19.000000000 +0100 >+++ ./files/fetchmailconf 2012-07-17 03:36:34.000000000 +0200 >@@ -3,7 +3,7 @@ > # Wrapper for the real fetchmailconf. Checks whether Python and Tkinter are > # installed, and runs the real fetchmailconf or alerts the user, as appropriate. > # >-# $FreeBSD: ports/mail/fetchmail/files/fetchmailconf,v 1.7 2005/12/06 21:07:19 barner Exp $ >+# $FreeBSD$ > > LOCALBASE=@LOCALBASE@ > >diff -ruN --exclude=CVS /usr/ports/mail/fetchmail/files/patch-CVE-2012-3482 ./files/patch-CVE-2012-3482 >--- /usr/ports/mail/fetchmail/files/patch-CVE-2012-3482 2012-08-27 19:44:23.000000000 +0200 >+++ ./files/patch-CVE-2012-3482 1970-01-01 01:00:00.000000000 +0100 >@@ -1,53 +0,0 @@ >-diff --git a/ntlm.h b/ntlm.h >-index 1469633..ad83520 100644 >---- a/ntlm.h >-+++ b/ntlm.h >-@@ -32,8 +32,8 @@ uint32 msgType; >- tSmbStrHeader uDomain; >- uint32 flags; >- uint8 challengeData[8]; >--uint8 reserved[8]; >--tSmbStrHeader emptyString; >-+uint32 context[2]; >-+tSmbStrHeader targetInfo; >- uint8 buffer[1024]; >- uint32 bufIndex; >- }tSmbNtlmAuthChallenge; >-diff --git a/ntlmsubr.c b/ntlmsubr.c >-index f9d2733..63cbed8 100644 >---- a/ntlmsubr.c >-+++ b/ntlmsubr.c >-@@ -55,7 +55,32 @@ int ntlm_helper(int sock, struct query *ctl, const char *proto) >- if ((result = gen_recv(sock, msgbuf, sizeof msgbuf))) >- goto cancelfail; >- >-- (void)from64tobits (&challenge, msgbuf, sizeof(challenge)); >-+ if ((result = from64tobits (&challenge, msgbuf, sizeof(challenge))) < 0 >-+ || result < ((void *)&challenge.context - (void *)&challenge)) >-+ { >-+ report (stderr, GT_("could not decode BASE64 challenge\n")); >-+ /* We do not goto cancelfail; the server has already sent the >-+ * tagged reply, so the protocol exchange has ended, no need >-+ * for us to send the asterisk. */ >-+ return PS_AUTHFAIL; >-+ } >-+ >-+ /* validate challenge: >-+ * - ident >-+ * - message type >-+ * - that offset points into buffer >-+ * - that offset + length does not wrap >-+ * - that offset + length is not bigger than buffer */ >-+ if (0 != memcmp("NTLMSSP", challenge.ident, 8) >-+ || challenge.msgType != 2 >-+ || challenge.uDomain.offset > result >-+ || challenge.uDomain.offset + challenge.uDomain.len < challenge.uDomain.offset >-+ || challenge.uDomain.offset + challenge.uDomain.len > result) >-+ { >-+ report (stderr, GT_("NTLM challenge contains invalid data.\n")); >-+ result = PS_AUTHFAIL; >-+ goto cancelfail; >-+ } >- >- if (outlevel >= O_DEBUG) >- dumpSmbNtlmAuthChallenge(stdout, &challenge); >diff -ruN --exclude=CVS /usr/ports/mail/fetchmail/pkg-plist ./pkg-plist >--- /usr/ports/mail/fetchmail/pkg-plist 2011-07-09 12:07:49.000000000 +0200 >+++ ./pkg-plist 2012-08-30 00:41:12.000000000 +0200 >@@ -1,4 +1,4 @@ >-@comment $FreeBSD: ports/mail/fetchmail/pkg-plist,v 1.30 2011/07/09 10:07:49 crees Exp $ >+@comment $FreeBSD$ > bin/fetchmail > bin/fetchmailconf > libexec/fetchmailconf.py >@@ -33,6 +33,7 @@ > %%NLS%%share/locale/ru/LC_MESSAGES/fetchmail.mo > %%NLS%%share/locale/sk/LC_MESSAGES/fetchmail.mo > %%NLS%%share/locale/sq/LC_MESSAGES/fetchmail.mo >+%%NLS%%share/locale/sv/LC_MESSAGES/fetchmail.mo > %%NLS%%share/locale/tr/LC_MESSAGES/fetchmail.mo > %%NLS%%share/locale/vi/LC_MESSAGES/fetchmail.mo > %%NLS%%share/locale/zh_CN/LC_MESSAGES/fetchmail.mo
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=127348">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 171177
: 127348