[arch-commits] CVS update of arch/build/network/fetchmail (2 files)

Kevin Piche kevin at archlinux.org
Mon Oct 22 02:51:15 UTC 2007 

    Date: Sunday, October 21, 2007 @ 22:51:15
  Author: kevin
    Path: /home/cvs-arch/arch/build/network/fetchmail

   Added: fetchmail-6.8.3-secfix.patch (1.1)
Modified: PKGBUILD (1.37 -> 1.38)

upgpkg: fetchmail 6.3.8-4
FS#8126: vulnerability CVE-2007-4565


------------------------------+
 PKGBUILD                     |   10 +++++++---
 fetchmail-6.8.3-secfix.patch |   14 ++++++++++++++
 2 files changed, 21 insertions(+), 3 deletions(-)


Index: arch/build/network/fetchmail/PKGBUILD
diff -u arch/build/network/fetchmail/PKGBUILD:1.37 arch/build/network/fetchmail/PKGBUILD:1.38
--- arch/build/network/fetchmail/PKGBUILD:1.37	Mon Jun  4 19:01:36 2007
+++ arch/build/network/fetchmail/PKGBUILD	Sun Oct 21 22:51:15 2007
@@ -1,14 +1,14 @@
-# $Id: PKGBUILD,v 1.37 2007/06/04 23:01:36 kevin Exp $
+# $Id: PKGBUILD,v 1.38 2007/10/22 02:51:15 kevin Exp $
 # Maintainer: dorphell <dorphell at archlinux.org>
 pkgname=fetchmail
 pkgver=6.3.8
-pkgrel=3
+pkgrel=4
 pkgdesc="A remote-mail retrieval utility"
 arch=('i686' 'x86_64')
 depends=('glibc' 'openssl' 'python')
 install=fetchmail.install
 source=(http://download2.berlios.de/fetchmail/$pkgname-$pkgver.tar.bz2
-fetchmail.rc fetchmail.conf)
+fetchmail.rc fetchmail.conf fetchmail-6.8.3-secfix.patch)
 license=('GPL')
 url="http://fetchmail.berlios.de/"
 md5sums=('66b97500b0a1e3c0916b3b5314f597f5' 'b5f4d1da0c61d3d8a93fdf4e238f4949'\
@@ -17,6 +17,10 @@
 build() {
   export MAKEFLAGS="-j1"
   cd $startdir/src/$pkgname-$pkgver
+
+  # version 6.8.3 vulnerability: CVE-2007-4565
+  patch -Np0 -i $startdir/src/fetchmail-6.8.3-secfix.patch || return 1
+
   ./configure --prefix=/usr --with-ssl=/usr
   make || return 1
   make DESTDIR=$startdir/pkg install
Index: arch/build/network/fetchmail/fetchmail-6.8.3-secfix.patch
diff -u /dev/null arch/build/network/fetchmail/fetchmail-6.8.3-secfix.patch:1.1
--- /dev/null	Sun Oct 21 22:51:15 2007
+++ arch/build/network/fetchmail/fetchmail-6.8.3-secfix.patch	Sun Oct 21 22:51:15 2007
@@ -0,0 +1,14 @@
+Security fix for fetchmail 6.8.3, CVE-2007-4565
+
+--- sink.c	(revision 5118)
++++ sink.c	(revision 5119)
+@@ -262,7 +262,7 @@
+     const char *md1 = "MAILER-DAEMON", *md2 = "MAILER-DAEMON@";
+ 
+     /* don't bounce in reply to undeliverable bounces */
+-    if (!msg->return_path[0] ||
++    if (!msg || !msg->return_path[0] ||
+ 	strcmp(msg->return_path, "<>") == 0 ||
+ 	strcasecmp(msg->return_path, md1) == 0 ||
+ 	strncasecmp(msg->return_path, md2, strlen(md2)) == 0)
+

More information about the arch-commits mailing list