Wed Mar 5 19:08:05 2008 UTC ()
fix some format string problems, should fix CVE-2008-0072
(There is no exact information available, so I've patched all uses
of non-constant strings as format specifiers.)
bump PKGREVISION


(drochner)
diff -r1.127 -r1.128 pkgsrc/mail/evolution/Makefile
diff -r1.52 -r1.53 pkgsrc/mail/evolution/distinfo
diff -r0 -r1.15 pkgsrc/mail/evolution/patches/patch-ac
cvs diff -r1.127 -r1.128 pkgsrc/mail/evolution/Makefile (switch to unified diff)

--- pkgsrc/mail/evolution/Makefile 2008/01/18 05:08:23 1.127
+++ pkgsrc/mail/evolution/Makefile 2008/03/05 19:08:05 1.128
@@ -1,147 +1,147 @@ @@ -1,147 +1,147 @@
1# $NetBSD: Makefile,v 1.127 2008/01/18 05:08:23 tnn Exp $ 1# $NetBSD: Makefile,v 1.128 2008/03/05 19:08:05 drochner Exp $
2 2
3DISTNAME= evolution-2.12.3 3DISTNAME= evolution-2.12.3
4PKGREVISION= 1 4PKGREVISION= 2
5CATEGORIES= mail time gnome 5CATEGORIES= mail time gnome
6MASTER_SITES= ${MASTER_SITE_GNOME:=sources/evolution/2.12/} 6MASTER_SITES= ${MASTER_SITE_GNOME:=sources/evolution/2.12/}
7EXTRACT_SUFX= .tar.bz2 7EXTRACT_SUFX= .tar.bz2
8 8
9MAINTAINER= rh@NetBSD.org 9MAINTAINER= rh@NetBSD.org
10HOMEPAGE= http://www.gnome.org/projects/evolution/ 10HOMEPAGE= http://www.gnome.org/projects/evolution/
11COMMENT= GNOME mailer, calendar, contact manager, and communications tool 11COMMENT= GNOME mailer, calendar, contact manager, and communications tool
12 12
13PKG_OPTIONS_VAR= PKG_OPTIONS.evolution 13PKG_OPTIONS_VAR= PKG_OPTIONS.evolution
14PKG_SUGGESTED_OPTIONS= inet6 ssl 14PKG_SUGGESTED_OPTIONS= inet6 ssl
15PKG_SUPPORTED_OPTIONS= inet6 krb4 krb5 ssl 15PKG_SUPPORTED_OPTIONS= inet6 krb4 krb5 ssl
16 16
17.include "../../mk/bsd.options.mk" 17.include "../../mk/bsd.options.mk"
18 18
19.if !empty(PKG_OPTIONS:Mssl) && !empty(PKG_OPTIONS:Mkrb[45]) 19.if !empty(PKG_OPTIONS:Mssl) && !empty(PKG_OPTIONS:Mkrb[45])
20# If Kerberos is enabled, the libcrypto library is linked in, which causes 20# If Kerberos is enabled, the libcrypto library is linked in, which causes
21# function name conflicts with libsoftokn3 provided by Mozilla NSS. These 21# function name conflicts with libsoftokn3 provided by Mozilla NSS. These
22# cause runtime crashes, so don't allow these options to be specified 22# cause runtime crashes, so don't allow these options to be specified
23# together. 23# together.
24PKG_FAIL_REASON+= "Kerberos support conflicts with SSL" 24PKG_FAIL_REASON+= "Kerberos support conflicts with SSL"
25.endif 25.endif
26 26
27GNU_CONFIGURE= YES 27GNU_CONFIGURE= YES
28USE_DIRS+= gnome2-1.5 28USE_DIRS+= gnome2-1.5
29USE_TOOLS+= bison gmake intltool msgfmt pkg-config 29USE_TOOLS+= bison gmake intltool msgfmt pkg-config
30USE_LIBTOOL= YES 30USE_LIBTOOL= YES
31USE_PKGLOCALEDIR= YES 31USE_PKGLOCALEDIR= YES
32 32
33REPLACE_PERL+= addressbook/tools/csv2vcard 33REPLACE_PERL+= addressbook/tools/csv2vcard
34REPLACE_PERL+= addressbook/tools/evolution-addressbook-clean 34REPLACE_PERL+= addressbook/tools/evolution-addressbook-clean
35REPLACE_PERL+= addressbook/tools/evolution-addressbook-clean.in 35REPLACE_PERL+= addressbook/tools/evolution-addressbook-clean.in
36 36
37CPPFLAGS+= -I/usr/include/gssapi 37CPPFLAGS+= -I/usr/include/gssapi
38CPPFLAGS+= -I/usr/include/krb5 38CPPFLAGS+= -I/usr/include/krb5
39 39
40CONFIGURE_ARGS+= --disable-gtk-doc 40CONFIGURE_ARGS+= --disable-gtk-doc
41CONFIGURE_ARGS+= --with-openldap 41CONFIGURE_ARGS+= --with-openldap
42CONFIGURE_ARGS+= --without-static-ldap 42CONFIGURE_ARGS+= --without-static-ldap
43CONFIGURE_ARGS+= --enable-openssl=no 43CONFIGURE_ARGS+= --enable-openssl=no
44CONFIGURE_ARGS+= --enable-pilot-conduits=no 44CONFIGURE_ARGS+= --enable-pilot-conduits=no
45CONFIGURE_ARGS+= --with-krb4=/usr 45CONFIGURE_ARGS+= --with-krb4=/usr
46CONFIGURE_ARGS+= --with-krb5=/usr 46CONFIGURE_ARGS+= --with-krb5=/usr
47.if defined(PKGREVISION) 47.if defined(PKGREVISION)
48CONFIGURE_ARGS+= --with-sub-version=nb${PKGREVISION} 48CONFIGURE_ARGS+= --with-sub-version=nb${PKGREVISION}
49.endif 49.endif
50 50
51.if !empty(PKG_OPTIONS:Minet6) 51.if !empty(PKG_OPTIONS:Minet6)
52CONFIGURE_ARGS+= --enable-ipv6=yes 52CONFIGURE_ARGS+= --enable-ipv6=yes
53.else 53.else
54CONFIGURE_ARGS+= --disable-ipv6 54CONFIGURE_ARGS+= --disable-ipv6
55.endif 55.endif
56 56
57.if !empty(PKG_OPTIONS:Mkrb4) 57.if !empty(PKG_OPTIONS:Mkrb4)
58CONFIGURE_ARGS+= --with-krb4 58CONFIGURE_ARGS+= --with-krb4
59.else 59.else
60CONFIGURE_ARGS+= --without-krb4 60CONFIGURE_ARGS+= --without-krb4
61.endif 61.endif
62 62
63.if !empty(PKG_OPTIONS:Mkrb5) 63.if !empty(PKG_OPTIONS:Mkrb5)
64CONFIGURE_ARGS+= --with-krb5 64CONFIGURE_ARGS+= --with-krb5
65. include "../../mk/krb5.buildlink3.mk" 65. include "../../mk/krb5.buildlink3.mk"
66.else 66.else
67CONFIGURE_ARGS+= --without-krb5 67CONFIGURE_ARGS+= --without-krb5
68.endif 68.endif
69 69
70.if !empty(PKG_OPTIONS:Mssl) 70.if !empty(PKG_OPTIONS:Mssl)
71CONFIGURE_ARGS+= --enable-nss=yes 71CONFIGURE_ARGS+= --enable-nss=yes
72PLIST_SUBST+= HAVE_SMIME= 72PLIST_SUBST+= HAVE_SMIME=
73PRINT_PLIST_AWK+= /smime/ { print "$${HAVE_SMIME}" $$0; next; } 73PRINT_PLIST_AWK+= /smime/ { print "$${HAVE_SMIME}" $$0; next; }
74# XXX Workaround for the following problem: addressbook/util/libeabutil.la 74# XXX Workaround for the following problem: addressbook/util/libeabutil.la
75# is compiled as a static library only which uses the NSS stuff. When other 75# is compiled as a static library only which uses the NSS stuff. When other
76# parts of the program use this .la archive, they get the right -L flags 76# parts of the program use this .la archive, they get the right -L flags
77# (from the dependency_libs variable) but not the rpaths. buildlink3 should 77# (from the dependency_libs variable) but not the rpaths. buildlink3 should
78# add rpath flags to the dependency_libs, but there is an strange comment 78# add rpath flags to the dependency_libs, but there is an strange comment
79# in the wrapper saying that it shouldn't. 79# in the wrapper saying that it shouldn't.
80LDFLAGS+= ${COMPILER_RPATH_FLAG}${BUILDLINK_PREFIX.nss}/lib/nss 80LDFLAGS+= ${COMPILER_RPATH_FLAG}${BUILDLINK_PREFIX.nss}/lib/nss
81BUILDLINK_API_DEPENDS.nss+= nss>=3.9.2nb3 81BUILDLINK_API_DEPENDS.nss+= nss>=3.9.2nb3
82. include "../../devel/nspr/buildlink3.mk" 82. include "../../devel/nspr/buildlink3.mk"
83. include "../../devel/nss/buildlink3.mk" 83. include "../../devel/nss/buildlink3.mk"
84 84
85CPPFLAGS+= -I${BUILDLINK_PREFIX.nss}/include/nss/nss 85CPPFLAGS+= -I${BUILDLINK_PREFIX.nss}/include/nss/nss
86 86
87post-wrapper: 87post-wrapper:
88 cd ${BUILDLINK_DIR}/lib/pkgconfig && ${LN} -s nspr.pc mozilla-nspr.pc 88 cd ${BUILDLINK_DIR}/lib/pkgconfig && ${LN} -s nspr.pc mozilla-nspr.pc
89 cd ${BUILDLINK_DIR}/lib/pkgconfig && ${LN} -s nss.pc mozilla-nss.pc 89 cd ${BUILDLINK_DIR}/lib/pkgconfig && ${LN} -s nss.pc mozilla-nss.pc
90.else 90.else
91CONFIGURE_ARGS+= --disable-nss 91CONFIGURE_ARGS+= --disable-nss
92PLIST_SUBST+= HAVE_SMIME="@comment " 92PLIST_SUBST+= HAVE_SMIME="@comment "
93.endif 93.endif
94 94
95PKGCONFIG_OVERRIDE= evolution-plugin.pc.in 95PKGCONFIG_OVERRIDE= evolution-plugin.pc.in
96PKGCONFIG_OVERRIDE+= evolution-shell.pc.in 96PKGCONFIG_OVERRIDE+= evolution-shell.pc.in
97 97
98GCONF_SCHEMAS+= apps-evolution-attachment-reminder.schemas 98GCONF_SCHEMAS+= apps-evolution-attachment-reminder.schemas
99GCONF_SCHEMAS+= apps-evolution-mail-notification.schemas 99GCONF_SCHEMAS+= apps-evolution-mail-notification.schemas
100GCONF_SCHEMAS+= apps-evolution-mail-prompts-checkdefault.schemas 100GCONF_SCHEMAS+= apps-evolution-mail-prompts-checkdefault.schemas
101GCONF_SCHEMAS+= apps_evolution_addressbook.schemas 101GCONF_SCHEMAS+= apps_evolution_addressbook.schemas
102GCONF_SCHEMAS+= apps_evolution_calendar.schemas 102GCONF_SCHEMAS+= apps_evolution_calendar.schemas
103GCONF_SCHEMAS+= apps_evolution_shell.schemas 103GCONF_SCHEMAS+= apps_evolution_shell.schemas
104GCONF_SCHEMAS+= bogo-junk-plugin.schemas 104GCONF_SCHEMAS+= bogo-junk-plugin.schemas
105GCONF_SCHEMAS+= evolution-mail.schemas 105GCONF_SCHEMAS+= evolution-mail.schemas
106 106
107BUILDLINK_TRANSFORM+= rm:-DG_DISABLE_DEPRECATED 107BUILDLINK_TRANSFORM+= rm:-DG_DISABLE_DEPRECATED
108BUILDLINK_TRANSFORM+= rm:-DGTK_DISABLE_DEPRECATED 108BUILDLINK_TRANSFORM+= rm:-DGTK_DISABLE_DEPRECATED
109 109
110BUILDLINK_API_DEPENDS.evolution-data-server+= evolution-data-server>=1.4.1 110BUILDLINK_API_DEPENDS.evolution-data-server+= evolution-data-server>=1.4.1
111BUILDLINK_API_DEPENDS.glib2+= glib2>=2.4.0nb2 111BUILDLINK_API_DEPENDS.glib2+= glib2>=2.4.0nb2
112BUILDLINK_API_DEPENDS.libsoup-devel+= libsoup-devel>=2.2.3 112BUILDLINK_API_DEPENDS.libsoup-devel+= libsoup-devel>=2.2.3
113 113
114.if !exists(/usr/include/semaphore.h) 114.if !exists(/usr/include/semaphore.h)
115LDFLAGS+= -lsemaphore 115LDFLAGS+= -lsemaphore
116.include "../../devel/pthread-sem/buildlink3.mk" 116.include "../../devel/pthread-sem/buildlink3.mk"
117.endif 117.endif
118.include "../../databases/openldap-client/buildlink3.mk" 118.include "../../databases/openldap-client/buildlink3.mk"
119.include "../../devel/GConf/schemas.mk" 119.include "../../devel/GConf/schemas.mk"
120.include "../../devel/atk/buildlink3.mk" 120.include "../../devel/atk/buildlink3.mk"
121.include "../../devel/gettext-lib/buildlink3.mk" 121.include "../../devel/gettext-lib/buildlink3.mk"
122.include "../../devel/glib2/buildlink3.mk" 122.include "../../devel/glib2/buildlink3.mk"
123.include "../../devel/libbonobo/buildlink3.mk" 123.include "../../devel/libbonobo/buildlink3.mk"
124.include "../../devel/libbonoboui/buildlink3.mk" 124.include "../../devel/libbonoboui/buildlink3.mk"
125.include "../../devel/libglade/buildlink3.mk" 125.include "../../devel/libglade/buildlink3.mk"
126.include "../../devel/libgnome/buildlink3.mk" 126.include "../../devel/libgnome/buildlink3.mk"
127.include "../../devel/libgnomeui/buildlink3.mk" 127.include "../../devel/libgnomeui/buildlink3.mk"
128.include "../../graphics/gnome-icon-theme/buildlink3.mk" 128.include "../../graphics/gnome-icon-theme/buildlink3.mk"
129.include "../../graphics/hicolor-icon-theme/buildlink3.mk" 129.include "../../graphics/hicolor-icon-theme/buildlink3.mk"
130.include "../../graphics/libgnomecanvas/buildlink3.mk" 130.include "../../graphics/libgnomecanvas/buildlink3.mk"
131.include "../../mail/evolution-data-server/buildlink3.mk" 131.include "../../mail/evolution-data-server/buildlink3.mk"
132.include "../../net/ORBit2/buildlink3.mk" 132.include "../../net/ORBit2/buildlink3.mk"
133.include "../../net/libsoup-devel/buildlink3.mk" 133.include "../../net/libsoup-devel/buildlink3.mk"
134.include "../../print/libgnomeprint/buildlink3.mk" 134.include "../../print/libgnomeprint/buildlink3.mk"
135.include "../../print/libgnomeprintui/buildlink3.mk" 135.include "../../print/libgnomeprintui/buildlink3.mk"
136.include "../../sysutils/dbus/buildlink3.mk" 136.include "../../sysutils/dbus/buildlink3.mk"
137.include "../../sysutils/dbus-glib/buildlink3.mk" 137.include "../../sysutils/dbus-glib/buildlink3.mk"
138.include "../../sysutils/gnome-vfs/buildlink3.mk" 138.include "../../sysutils/gnome-vfs/buildlink3.mk"
139.include "../../sysutils/libnotify/buildlink3.mk" 139.include "../../sysutils/libnotify/buildlink3.mk"
140.include "../../sysutils/desktop-file-utils/desktopdb.mk" 140.include "../../sysutils/desktop-file-utils/desktopdb.mk"
141.include "../../textproc/libxml2/buildlink3.mk" 141.include "../../textproc/libxml2/buildlink3.mk"
142.include "../../textproc/gnome-doc-utils/buildlink3.mk" 142.include "../../textproc/gnome-doc-utils/buildlink3.mk"
143.include "../../mk/omf-scrollkeeper.mk" 143.include "../../mk/omf-scrollkeeper.mk"
144.include "../../www/gtkhtml314/buildlink3.mk" 144.include "../../www/gtkhtml314/buildlink3.mk"
145.include "../../x11/gtk2/buildlink3.mk" 145.include "../../x11/gtk2/buildlink3.mk"
146.include "../../mk/pthread.buildlink3.mk" 146.include "../../mk/pthread.buildlink3.mk"
147.include "../../mk/bsd.pkg.mk" 147.include "../../mk/bsd.pkg.mk"
cvs diff -r1.52 -r1.53 pkgsrc/mail/evolution/distinfo (switch to unified diff)

--- pkgsrc/mail/evolution/distinfo 2008/01/11 13:46:38 1.52
+++ pkgsrc/mail/evolution/distinfo 2008/03/05 19:08:05 1.53
@@ -1,7 +1,8 @@ @@ -1,7 +1,8 @@
1$NetBSD: distinfo,v 1.52 2008/01/11 13:46:38 drochner Exp $ 1$NetBSD: distinfo,v 1.53 2008/03/05 19:08:05 drochner Exp $
2 2
3SHA1 (evolution-2.12.3.tar.bz2) = 14861dd497e935074424269f2d1e6c11be56abfe 3SHA1 (evolution-2.12.3.tar.bz2) = 14861dd497e935074424269f2d1e6c11be56abfe
4RMD160 (evolution-2.12.3.tar.bz2) = afe803833e213387fde3c180afc91bfc1e792262 4RMD160 (evolution-2.12.3.tar.bz2) = afe803833e213387fde3c180afc91bfc1e792262
5Size (evolution-2.12.3.tar.bz2) = 25938535 bytes 5Size (evolution-2.12.3.tar.bz2) = 25938535 bytes
6SHA1 (patch-aa) = 6b7a9364a71ee8b9c8bd9084ceded06c7e384a7f 6SHA1 (patch-aa) = 6b7a9364a71ee8b9c8bd9084ceded06c7e384a7f
7SHA1 (patch-ab) = 871a322eefd1a42e7197da764d49cd1d24f6535d 7SHA1 (patch-ab) = 871a322eefd1a42e7197da764d49cd1d24f6535d
 8SHA1 (patch-ac) = 6ec88b37a0817fbe409c04e25b9b9cda5872ca9e
File Added: pkgsrc/mail/evolution/patches/Attic/patch-ac
$NetBSD: patch-ac,v 1.15 2008/03/05 19:08:05 drochner Exp $

--- mail/em-format.c.orig	2007-10-12 08:56:01.000000000 +0200
+++ mail/em-format.c
@@ -1350,7 +1350,7 @@ emf_multipart_encrypted(EMFormat *emf, C
 	if (valid == NULL) {
 		em_format_format_error(emf, stream, ex->desc?_("Could not parse PGP/MIME message"):_("Could not parse PGP/MIME message: Unknown error"));
 		if (ex->desc)
-			em_format_format_error(emf, stream, ex->desc);
+			em_format_format_error(emf, stream, "%s", ex->desc);
 		em_format_part_as(emf, stream, part, "multipart/mixed");
 	} else {
 		if (emfc == NULL)
@@ -1515,7 +1515,7 @@ emf_multipart_signed(EMFormat *emf, Came
 		if (valid == NULL) {
 			em_format_format_error(emf, stream, ex->desc?_("Error verifying signature"):_("Unknown error verifying signature"));
 			if (ex->desc)
-				em_format_format_error(emf, stream, ex->desc);
+				em_format_format_error(emf, stream, "%s", ex->desc);
 			em_format_part_as(emf, stream, part, "multipart/mixed");
 		} else {
 			if (emfc == NULL)
@@ -1586,7 +1586,7 @@ emf_inlinepgp_signed(EMFormat *emf, Came
 	if (!valid) {
 		em_format_format_error(emf, stream, ex->desc?_("Error verifying signature"):_("Unknown error verifying signature"));
 		if (ex->desc)
-			em_format_format_error(emf, stream, ex->desc);
+			em_format_format_error(emf, stream, "%s", ex->desc);
 		em_format_format_source(emf, stream, ipart);
 		/* I think this will loop: em_format_part_as(emf, stream, part, "text/plain"); */
 		camel_exception_free(ex);
@@ -1657,7 +1657,7 @@ emf_inlinepgp_encrypted(EMFormat *emf, C
 	if (!valid) {
 		em_format_format_error(emf, stream, ex->desc?_("Could not parse PGP message"):_("Could not parse PGP message: Unknown error"));
 		if (ex->desc)
-			em_format_format_error(emf, stream, ex->desc);
+			em_format_format_error(emf, stream, "%s", ex->desc);
 		em_format_format_source(emf, stream, ipart);
 		/* I think this will loop: em_format_part_as(emf, stream, part, "text/plain"); */
 		camel_exception_free(ex);