Sat May 7 14:32:02 2011 UTC ()
add patch from upstream to fix format string vulnerability (CVE-2011-1764)
bump PKGREV
(drochner)
diff -r1.106 -r1.107 pkgsrc/mail/exim/Makefile
diff -r1.49 -r1.50 pkgsrc/mail/exim/distinfo
diff -r0 -r1.1 pkgsrc/mail/exim/patches/patch-ah
--- pkgsrc/mail/exim/Makefile 2011/03/22 13:52:19 1.106
+++ pkgsrc/mail/exim/Makefile 2011/05/07 14:32:02 1.107
| @@ -1,16 +1,17 @@ | | | @@ -1,16 +1,17 @@ |
| 1 | # $NetBSD: Makefile,v 1.106 2011/03/22 13:52:19 adam Exp $ | | 1 | # $NetBSD: Makefile,v 1.107 2011/05/07 14:32:02 drochner Exp $ |
| 2 | | | 2 | |
| 3 | DISTNAME= exim-4.75 | | 3 | DISTNAME= exim-4.75 |
| | | 4 | PKGREVISION= 1 |
| 4 | CATEGORIES= mail net | | 5 | CATEGORIES= mail net |
| 5 | MASTER_SITES= ftp://ftp.exim.org/pub/exim/exim4/ \ | | 6 | MASTER_SITES= ftp://ftp.exim.org/pub/exim/exim4/ \ |
| 6 | http://dl.ambiweb.de/mirrors/ftp.exim.org/exim/exim4/ | | 7 | http://dl.ambiweb.de/mirrors/ftp.exim.org/exim/exim4/ |
| 7 | EXTRACT_SUFX= .tar.bz2 | | 8 | EXTRACT_SUFX= .tar.bz2 |
| 8 | | | 9 | |
| 9 | MAINTAINER= abs@NetBSD.org | | 10 | MAINTAINER= abs@NetBSD.org |
| 10 | HOMEPAGE= http://www.exim.org/ | | 11 | HOMEPAGE= http://www.exim.org/ |
| 11 | COMMENT= The Exim mail transfer agent, a replacement for sendmail | | 12 | COMMENT= The Exim mail transfer agent, a replacement for sendmail |
| 12 | LICENSE= gnu-gpl-v2 | | 13 | LICENSE= gnu-gpl-v2 |
| 13 | | | 14 | |
| 14 | CONFLICTS+= exim-exiscan-[0-9]* | | 15 | CONFLICTS+= exim-exiscan-[0-9]* |
| 15 | | | 16 | |
| 16 | USE_TOOLS+= perl:run | | 17 | USE_TOOLS+= perl:run |
--- pkgsrc/mail/exim/distinfo 2011/03/22 13:52:19 1.49
+++ pkgsrc/mail/exim/distinfo 2011/05/07 14:32:02 1.50
| @@ -1,11 +1,12 @@ | | | @@ -1,11 +1,12 @@ |
| 1 | $NetBSD: distinfo,v 1.49 2011/03/22 13:52:19 adam Exp $ | | 1 | $NetBSD: distinfo,v 1.50 2011/05/07 14:32:02 drochner Exp $ |
| 2 | | | 2 | |
| 3 | SHA1 (exim-4.75.tar.bz2) = e3196a9035f433c380bb2cec4cbbcfd7ad6c00b3 | | 3 | SHA1 (exim-4.75.tar.bz2) = e3196a9035f433c380bb2cec4cbbcfd7ad6c00b3 |
| 4 | RMD160 (exim-4.75.tar.bz2) = 2dfea8750cc95d057c0b804c0379f69fbed927a9 | | 4 | RMD160 (exim-4.75.tar.bz2) = 2dfea8750cc95d057c0b804c0379f69fbed927a9 |
| 5 | Size (exim-4.75.tar.bz2) = 1600867 bytes | | 5 | Size (exim-4.75.tar.bz2) = 1600867 bytes |
| 6 | SHA1 (patch-aa) = 2ec7f3c7c6e18c7cc2388de00c1108b56c239ab8 | | 6 | SHA1 (patch-aa) = 2ec7f3c7c6e18c7cc2388de00c1108b56c239ab8 |
| 7 | SHA1 (patch-ab) = ffb9fb28e4e5548777db31b3de34673a08a1c0fa | | 7 | SHA1 (patch-ab) = ffb9fb28e4e5548777db31b3de34673a08a1c0fa |
| 8 | SHA1 (patch-ac) = 9a260a07f5e8cc89c60188925f01fc5b46164a37 | | 8 | SHA1 (patch-ac) = 9a260a07f5e8cc89c60188925f01fc5b46164a37 |
| 9 | SHA1 (patch-ae) = 4a9d2fde403cfd6386742b31f062e7801ef081b9 | | 9 | SHA1 (patch-ae) = 4a9d2fde403cfd6386742b31f062e7801ef081b9 |
| 10 | SHA1 (patch-ag) = 8512795060ad913f4699c277867fd24e7a785519 | | 10 | SHA1 (patch-ag) = 8512795060ad913f4699c277867fd24e7a785519 |
| | | 11 | SHA1 (patch-ah) = 99eae6cf5a3d4b771db39934c3e468706f7497b9 |
| 11 | SHA1 (patch-ba) = 6647a95bb8e3bce2bc7f075e4be2217b3a97ce8b | | 12 | SHA1 (patch-ba) = 6647a95bb8e3bce2bc7f075e4be2217b3a97ce8b |
$NetBSD: patch-ah,v 1.1 2011/05/07 14:32:02 drochner Exp $
CVE-2011-1764
--- src/dkim.c.orig 2011-03-22 08:00:51.000000000 +0000
+++ src/dkim.c
@@ -108,7 +108,7 @@ void dkim_exim_verify_finish(void) {
/* Log a line for each signature */
uschar *logmsg = string_append(NULL, &size, &ptr, 5,
- string_sprintf( "DKIM: d=%s s=%s c=%s/%s a=%s ",
+ string_sprintf( "d=%s s=%s c=%s/%s a=%s ",
sig->domain,
sig->selector,
(sig->canon_headers == PDKIM_CANON_SIMPLE)?"simple":"relaxed",
@@ -176,7 +176,7 @@ void dkim_exim_verify_finish(void) {
}
logmsg[ptr] = '\0';
- log_write(0, LOG_MAIN, (char *)logmsg);
+ log_write(0, LOG_MAIN, "DKIM: %s", logmsg);
/* Build a colon-separated list of signing domains (and identities, if present) in dkim_signers */
dkim_signers = string_append(dkim_signers,