Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/mail-filter
diff options
context:
space:
mode:
authorAndrej Kacian <ticho@gentoo.org>2005-10-24 09:22:02 +0000
committerAndrej Kacian <ticho@gentoo.org>2005-10-24 09:22:02 +0000
commit5ef68a4789158cd1215438cee74f1f90b8f56583 (patch)
tree2bd18b77976e63d836455f1400f8a96d9dc9eac8 /mail-filter
parentStable on alpha wrt security bug #110146 (diff)
downloadgentoo-2-5ef68a4789158cd1215438cee74f1f90b8f56583.tar.gz
gentoo-2-5ef68a4789158cd1215438cee74f1f90b8f56583.tar.bz2
gentoo-2-5ef68a4789158cd1215438cee74f1f90b8f56583.zip
Applied patch from Thomas Jarosch to prevent quarantine misbehavior if stored as BSMTP files. Security bug #110289.
(Portage version: 2.0.53_rc5)
Diffstat (limited to 'mail-filter')
-rw-r--r--mail-filter/amavisd-new/ChangeLog10
-rw-r--r--mail-filter/amavisd-new/Manifest33
-rw-r--r--mail-filter/amavisd-new/amavisd-new-2.3.3-r2.ebuild187
-rw-r--r--mail-filter/amavisd-new/files/amavisd-new-2.3.3-bsmtp-quarantine.patch20
-rw-r--r--mail-filter/amavisd-new/files/digest-amavisd-new-2.3.3-r21
5 files changed, 230 insertions, 21 deletions
diff --git a/mail-filter/amavisd-new/ChangeLog b/mail-filter/amavisd-new/ChangeLog
index cd5f02cc04e7..6b723e0817a2 100644
--- a/mail-filter/amavisd-new/ChangeLog
+++ b/mail-filter/amavisd-new/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for mail-filter/amavisd-new
# Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/mail-filter/amavisd-new/ChangeLog,v 1.67 2005/10/18 00:57:09 agriffis Exp $
+# $Header: /var/cvsroot/gentoo-x86/mail-filter/amavisd-new/ChangeLog,v 1.68 2005/10/24 09:22:02 ticho Exp $
+
+*amavisd-new-2.3.3-r2 (24 Oct 2005)
+
+ 24 Oct 2005; Andrej Kacian <ticho@gentoo.org>
+ +files/amavisd-new-2.3.3-bsmtp-quarantine.patch,
+ +amavisd-new-2.3.3-r2.ebuild:
+ Applied patch from Thomas Jarosch to prevent quarantine misbehavior if
+ stored as BSMTP files. Security bug #110289.
18 Oct 2005; Aron Griffis <agriffis@gentoo.org>
amavisd-new-2.3.3-r1.ebuild:
diff --git a/mail-filter/amavisd-new/Manifest b/mail-filter/amavisd-new/Manifest
index c12d1d012bda..e91a988d84d7 100644
--- a/mail-filter/amavisd-new/Manifest
+++ b/mail-filter/amavisd-new/Manifest
@@ -1,28 +1,21 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
+MD5 ca8be41fc83a47043846f3ae599c6ef1 ChangeLog 14708
MD5 37f2d574a0d3587ed447df3872b842b4 amavisd-new-2.2.1-r2.ebuild 5075
MD5 59cb95aa4e4ba0f79bffff4edf70e083 amavisd-new-2.3.0.ebuild 5172
-MD5 7e32edfd72887a57b16ecd73f0f7a1a0 metadata.xml 184
-MD5 ca8be41fc83a47043846f3ae599c6ef1 ChangeLog 14708
-MD5 5c931181fd3738ed4ec09bdbe5c731bd amavisd-new-2.3.3.ebuild 5413
+MD5 2ff214f0341b527c1869559c83fb3b4d amavisd-new-2.3.1.ebuild 5156
MD5 6456afc858f873606f288f47712ad0b9 amavisd-new-2.3.2.ebuild 5386
MD5 dc66dd3f296dca8c388a6c894529f326 amavisd-new-2.3.3-r1.ebuild 5434
-MD5 2ff214f0341b527c1869559c83fb3b4d amavisd-new-2.3.1.ebuild 5156
-MD5 a9c49eb16b5fa7dfecd54a436bc07200 files/amavisd-new-2.3.0-amavisd.conf-gentoo.patch 6687
-MD5 20d1361125dc21db61b44dec3a13dea2 files/digest-amavisd-new-2.3.0 69
+MD5 6581b3cc8a1699c0084f8f692a888ee5 amavisd-new-2.3.3-r2.ebuild 5392
+MD5 5c931181fd3738ed4ec09bdbe5c731bd amavisd-new-2.3.3.ebuild 5413
MD5 ccd66b725ef1b2e2ed20d4a1057b03b8 files/amavisd-new-2.2.1-amavisd.conf-gentoo.patch 6849
-MD5 d252feb4cca639dcab4ebd07f2b20a90 files/digest-amavisd-new-2.3.3 69
-MD5 d252feb4cca639dcab4ebd07f2b20a90 files/digest-amavisd-new-2.3.3-r1 69
MD5 ee33de51df853bd8426a4304f264245f files/amavisd-new-2.2.1-qmail-lf-workaround.patch 688
-MD5 d7ee87336e865f363c430fc60f105d44 files/digest-amavisd-new-2.3.1 69
+MD5 a9c49eb16b5fa7dfecd54a436bc07200 files/amavisd-new-2.3.0-amavisd.conf-gentoo.patch 6687
+MD5 bfca14b90ddc76f513a6f96752003da5 files/amavisd-new-2.3.3-bsmtp-quarantine.patch 949
MD5 1da4ebb5c79b4892074a61f52aff3eff files/amavisd.rc6 310
-MD5 64e273484857758e614f8afa7aa14e09 files/digest-amavisd-new-2.3.2 69
MD5 1ec247b48d1de4fdbc2a57fc9b338681 files/digest-amavisd-new-2.2.1-r2 69
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.1 (GNU/Linux)
-
-iD8DBQFDVEhxJrHF4yAQTrARAiy/AKDIMNfHg2aJ4pRozoPwA+1AMxPIOwCeLVuD
-EiOSAudtZsHrJuz99SB+fR4=
-=0b26
------END PGP SIGNATURE-----
+MD5 20d1361125dc21db61b44dec3a13dea2 files/digest-amavisd-new-2.3.0 69
+MD5 d7ee87336e865f363c430fc60f105d44 files/digest-amavisd-new-2.3.1 69
+MD5 64e273484857758e614f8afa7aa14e09 files/digest-amavisd-new-2.3.2 69
+MD5 d252feb4cca639dcab4ebd07f2b20a90 files/digest-amavisd-new-2.3.3 69
+MD5 d252feb4cca639dcab4ebd07f2b20a90 files/digest-amavisd-new-2.3.3-r1 69
+MD5 d252feb4cca639dcab4ebd07f2b20a90 files/digest-amavisd-new-2.3.3-r2 69
+MD5 7e32edfd72887a57b16ecd73f0f7a1a0 metadata.xml 184
diff --git a/mail-filter/amavisd-new/amavisd-new-2.3.3-r2.ebuild b/mail-filter/amavisd-new/amavisd-new-2.3.3-r2.ebuild
new file mode 100644
index 000000000000..6a06d0ce80f0
--- /dev/null
+++ b/mail-filter/amavisd-new/amavisd-new-2.3.3-r2.ebuild
@@ -0,0 +1,187 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/mail-filter/amavisd-new/amavisd-new-2.3.3-r2.ebuild,v 1.1 2005/10/24 09:22:02 ticho Exp $
+
+inherit eutils
+
+DESCRIPTION="High-performance interface between the MTA and content checkers."
+HOMEPAGE="http://www.ijs.si/software/amavisd/"
+SRC_URI="http://www.ijs.si/software/amavisd/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 ~sparc x86"
+IUSE="ldap mysql postgres milter"
+
+DEPEND=">=sys-apps/sed-4
+ >=dev-lang/perl-5.8.2"
+
+RDEPEND="${DEPEND}
+ >=sys-apps/coreutils-5.0-r3
+ app-arch/gzip
+ app-arch/bzip2
+ app-arch/arc
+ app-arch/cabextract
+ app-arch/freeze
+ app-arch/lha
+ app-arch/unarj
+ app-arch/unrar
+ app-arch/zoo
+ dev-perl/Archive-Tar
+ >=dev-perl/Archive-Zip-1.14
+ >=dev-perl/Compress-Zlib-1.35
+ dev-perl/Convert-TNEF
+ >=dev-perl/Convert-UUlib-1.051
+ perl-core/MIME-Base64
+ >=dev-perl/MIME-tools-5.415
+ >=dev-perl/MailTools-1.58
+ dev-perl/net-server
+ >=dev-perl/libnet-1.16
+ dev-perl/IO-stringy
+ >=perl-core/Time-HiRes-1.49
+ dev-perl/Unix-Syslog
+ >=sys-libs/db-3.1
+ dev-perl/BerkeleyDB
+ virtual/mta
+ virtual/antivirus
+ ldap? ( >=dev-perl/perl-ldap-0.33 )
+ mysql? ( dev-perl/DBD-mysql )
+ postgres? ( dev-perl/DBD-Pg )
+ milter? ( >=mail-mta/sendmail-8.12 )"
+
+AMAVIS_ROOT=/var/amavis
+
+pkg_preinst() {
+ enewgroup amavis
+ enewuser amavis -1 -1 ${AMAVIS_ROOT} amavis
+}
+
+src_unpack() {
+ if ! $(has_version ">=mail-filter/spamassassin-3.0.0") ; then
+ echo
+ ewarn "WARNING: Amavisd-new will not work with SpamAssassin older than 3.0.0."
+ ewarn " Consider upgrading your SpamAssassin installation."
+ ebeep 3
+ sleep 5
+ fi
+ unpack ${A}
+ cd ${S}
+ if $(has_version mail-mta/courier) ; then
+ einfo "Patching with courier support."
+ epatch "amavisd-new-courier.patch" || die "patch failed"
+ fi
+
+ if $(has_version mail-mta/qmail) || $(has_version mail-mta/qmail-ldap) ; then
+ einfo "Patching with qmail qmqp support."
+ epatch "amavisd-new-qmqpqq.patch" || die "patch failed"
+
+ einfo "Patching with qmail lf bug workaround."
+ epatch "${FILESDIR}/${PN}-2.2.1-qmail-lf-workaround.patch" || die "patch failed"
+ fi
+
+ epatch "${FILESDIR}/${PN}-2.3.0-amavisd.conf-gentoo.patch" || die "patch failed"
+ epatch "${FILESDIR}/${P}-bsmtp-quarantine.patch" || die "patch failed"
+}
+
+src_compile() {
+ if use milter ; then
+ cd "${S}/helper-progs"
+
+ econf --with-runtime-dir=${AMAVIS_ROOT} \
+ --with-sockname=${AMAVIS_ROOT}/amavisd.sock \
+ --with-user=amavis || die "helper-progs econf failed"
+ emake || die "helper-progs compile problem"
+
+ cd "${S}"
+ fi
+}
+
+src_install() {
+ dosbin amavisd amavisd-agent amavisd-nanny amavisd-release
+
+ insinto /etc
+ insopts -m0640
+ newins amavisd.conf-sample amavisd.conf
+ fowners root:amavis /etc/amavisd.conf
+ dosed "s:^#\\?\\\$MYHOME[^;]*;:\$MYHOME = '$AMAVIS_ROOT';:" \
+ /etc/amavisd.conf
+ if [ "$(domainname)" = "(none)" ] ; then
+ dosed "s:^#\\?\\\$mydomain[^;]*;:\$mydomain = '$(hostname)';:" \
+ /etc/amavisd.conf
+ else
+ dosed "s:^#\\?\\\$mydomain[^;]*;:\$mydomain = '$(domainname)';:" \
+ /etc/amavisd.conf
+ fi
+ if ! $(has_version mail-filter/spamassassin) ; then
+ einfo "Disabling anti-spam code in amavisd.conf..."
+
+ dosed "s:^#[\t ]*@bypass_spam_checks_maps[\t ]*=[\t ]*(1);:\@bypass_spam_checks_maps = (1);:" \
+ /etc/amavisd.conf
+ fi
+
+ newinitd "${FILESDIR}/amavisd.rc6" amavisd
+ dosed "s:/var/run/amavis/:$AMAVIS_ROOT/:g" /etc/init.d/amavisd
+
+ keepdir ${AMAVIS_ROOT}
+ keepdir ${AMAVIS_ROOT}/db
+ keepdir ${AMAVIS_ROOT}/quarantine
+ keepdir ${AMAVIS_ROOT}/tmp
+
+ if $(has_version net-nds/openldap ) ; then
+ einfo "Adding ${P} schema to openldap schema dir."
+ dodir /etc/openldap/schema
+ insinto /etc/openldap/schema
+ insopts -o root -g root -m 644
+ newins LDAP.schema ${PN}.schema || die
+ newins LDAP.schema ${PN}.schema.default || die
+ fi
+
+ newdoc test-messages/README README.samples
+ dodoc AAAREADME.first INSTALL LICENSE MANIFEST RELEASE_NOTES \
+ README_FILES/* test-messages/sample-* amavisd.conf-default amavisd-agent
+
+ if use milter ; then
+ cd "${S}/helper-progs"
+ einstall
+ fi
+
+ for i in whitelist blacklist spam_lovers; do
+ if [ ! -f ${D}/${AMAVIS_ROOT}/${i} ]; then
+ touch ${D}/${AMAVIS_ROOT}/${i}
+ fi
+ done
+
+ if $(has_version mail-filter/razor) ; then
+ if [ ! -f ${AMAVIS_ROOT}/.razor/razor-agent.conf ] ; then
+ einfo "Setting up initial razor config files..."
+
+ razor-admin -create -home=${D}/${AMAVIS_ROOT}/.razor
+ sed -i -e "s:debuglevel\([ ]*\)= .:debuglevel\1= 0:g" \
+ ${D}/${AMAVIS_ROOT}/.razor/razor-agent.conf
+ else
+ einfo "Copying existing razor config files..."
+ insinto ${AMAVIS_ROOT}/.razor
+ doins ${AMAVIS_ROOT}/.razor/*.{conf,lst}
+ fi
+ fi
+
+ chown -R amavis:amavis ${D}/${AMAVIS_ROOT}
+ find ${D}/${AMAVIS_ROOT} -name "*" -type d -exec chmod 0750 \{\} \;
+ find ${D}/${AMAVIS_ROOT} -name "*" -type f -exec chmod 0640 \{\} \;
+}
+
+pkg_postinst() {
+ if ! $(has_version mail-filter/spamassassin) ; then
+ echo
+ einfo "Amavisd-new no longer requires SpamAssassin, but no anti-spam checking"
+ einfo "will be performed without it. Since you do not have SpamAssassin installed,"
+ einfo "all spam checks have been disabled. To enable them, install SpamAssassin"
+ einfo "and comment out the line containing: "
+ einfo "@bypass_spam_checks_maps = (1); in /etc/amavisd.conf."
+ fi
+ echo
+ ewarn "Adjusting permissions for /etc/amavisd.conf (0 for world, owner root:amavis)"
+ echo
+ chmod o-rwx /etc/amavisd.conf
+ chown root:amavis /etc/amavisd.conf
+}
diff --git a/mail-filter/amavisd-new/files/amavisd-new-2.3.3-bsmtp-quarantine.patch b/mail-filter/amavisd-new/files/amavisd-new-2.3.3-bsmtp-quarantine.patch
new file mode 100644
index 000000000000..fb5c4c513d43
--- /dev/null
+++ b/mail-filter/amavisd-new/files/amavisd-new-2.3.3-bsmtp-quarantine.patch
@@ -0,0 +1,20 @@
+--- amavisd 2005-10-24 11:10:20.000000000 +0200
++++ amavisd.new 2005-10-24 11:11:08.000000000 +0200
+@@ -4718,7 +4718,7 @@
+ $via =~ /^bsmtp:(.*)\z/si or die "Bad fwd method: $via";
+ my($bsmtp_file_final) = $1; my($mbxname);
+ my($s) = $msginfo->sender; # defanged sender name for use in filename
+- $s =~ tr/a-zA-Z0-9@._+-]/=/c;
++ $s =~ tr/a-zA-Z0-9@._+-/=/c;
+ $s = substr($s,0,100)."..." if length($s) > 100+3;
+ $s =~ s/\@/_at_/g; $s =~ s/^(\.{0,2})\z/_$1/g;
+ $bsmtp_file_final =~ s{%(.)}
+@@ -6281,7 +6281,7 @@
+ 'sender-quarantine' =>
+ sub { my($s) = $MSGINFO->sender;
+ $s = substr($s,0,100)."..." if length($s) > 100+3;
+- $s =~ tr/a-zA-Z0-9@._+-]/=/c; $s =~ s/\@/_at_/g;
++ $s =~ tr/a-zA-Z0-9@._+-/=/c; $s =~ s/\@/_at_/g;
+ $s = untaint($s) if $s =~ /^(?:[a-zA-Z0-9%=._+-]+)\z/; # untaint
+ ($QUARANTINEDIR, "sender-$s-%m.gz"); # suggested file name
+ },
diff --git a/mail-filter/amavisd-new/files/digest-amavisd-new-2.3.3-r2 b/mail-filter/amavisd-new/files/digest-amavisd-new-2.3.3-r2
new file mode 100644
index 000000000000..648612738a19
--- /dev/null
+++ b/mail-filter/amavisd-new/files/digest-amavisd-new-2.3.3-r2
@@ -0,0 +1 @@
+MD5 0b02df514c1a2bf8af346bc9c7e97111 amavisd-new-2.3.3.tar.gz 772280