Bug 240505 - mail/opendmarc: fix multiple addresses in From vulnerability
Summary: mail/opendmarc: fix multiple addresses in From vulnerability
Status: Open
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Kurt Jaeger
URL:
Keywords: security
Depends on:
Blocks:
 
Reported: 2019-09-11 12:40 UTC by Kurt Jaeger
Modified: 2019-09-15 09:57 UTC (History)
4 users (show)

See Also:
delphij: maintainer-feedback-
koobs: merge-quarterly?


Attachments
patch (2.40 KB, patch)
2019-09-11 12:40 UTC, Kurt Jaeger
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Kurt Jaeger freebsd_committer 2019-09-11 15:53:16 UTC
testbuilds are fine
Comment 2 Xin LI freebsd_committer 2019-09-15 05:09:15 UTC
Please go ahead with the change with ports-secteam@ blessing.
Comment 3 commit-hook freebsd_committer 2019-09-15 09:51:35 UTC
A commit references this bug:

Author: pi
Date: Sun Sep 15 09:51:21 UTC 2019
New revision: 512093
URL: https://svnweb.freebsd.org/changeset/ports/512093

Log:
  mail/opendmarc: fix multiple addresses in From vulnerability

  - please note that it might only be a partial fix, see
    https://github.com/trusteddomainproject/OpenDMARC/pull/48#issuecomment-530375590

  PR:		240505
  Reported by:	protonmail
  Approved by:	ports-secteam (delphij)
  Obtained from:	https://github.com/trusteddomainproject/OpenDMARC/pull/48
  MFH:		2019Q3
  Security:	https://protonmail.com/blog/bellingcat-cyberattack-phishing/

Changes:
  head/mail/opendmarc/Makefile
  head/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c
  head/mail/opendmarc/files/patch-opendmarc_opendmarc.c
Comment 4 commit-hook freebsd_committer 2019-09-15 09:57:37 UTC
A commit references this bug:

Author: pi
Date: Sun Sep 15 09:57:34 UTC 2019
New revision: 512094
URL: https://svnweb.freebsd.org/changeset/ports/512094

Log:
  MFH: r512093

  mail/opendmarc: fix multiple addresses in From vulnerability

  - please note that it might only be a partial fix, see
    https://github.com/trusteddomainproject/OpenDMARC/pull/48#issuecomment-530375590

  PR:		240505
  Reported by:	protonmail
  Approved by:	ports-secteam (delphij)
  Obtained from:	https://github.com/trusteddomainproject/OpenDMARC/pull/48
  Security:	https://protonmail.com/blog/bellingcat-cyberattack-phishing/

Changes:
_U  branches/2019Q3/
  branches/2019Q3/mail/opendmarc/Makefile
  branches/2019Q3/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c
  branches/2019Q3/mail/opendmarc/files/patch-opendmarc_opendmarc.c