diff options
| author |   Tobias Scherbaum <dertobi123@gentoo.org> | 2008-09-09 19:30:26 +0000 |
|---|---|---|
| committer | Tobias Scherbaum <dertobi123@gentoo.org> | 2008-09-09 19:30:26 +0000 |
| commit | 00d06e212a2ad62d03e66fe7b9b16e6aa67a81c6 (patch) | |
| tree | 528885eed15aad7834575c031892438c18504817 /mail-mta | |
| parent | Stable on sparc, bug #237157 (diff) | |
| download | gentoo-2-00d06e212a2ad62d03e66fe7b9b16e6aa67a81c6.tar.gz gentoo-2-00d06e212a2ad62d03e66fe7b9b16e6aa67a81c6.tar.bz2 gentoo-2-00d06e212a2ad62d03e66fe7b9b16e6aa67a81c6.zip | |
Version bump, security bug #234391
(Portage version: 2.2_rc8/cvs/Linux 2.6.25-gentoo-r7 x86_64)
Diffstat (limited to 'mail-mta')
| -rw-r--r-- | mail-mta/ssmtp/ChangeLog | 9 | ||||
| -rw-r--r-- | mail-mta/ssmtp/files/CVE-2008-3962.patch | 14 | ||||
| -rw-r--r-- | mail-mta/ssmtp/ssmtp-2.62-r1.ebuild | 94 | ||||
| -rw-r--r-- | mail-mta/ssmtp/ssmtp-2.62-r3.ebuild (renamed from mail-mta/ssmtp/ssmtp-2.62-r2.ebuild) | 5 |
4 files changed, 26 insertions, 96 deletions
diff --git a/mail-mta/ssmtp/ChangeLog b/mail-mta/ssmtp/ChangeLog index cf3f226f4322..89aec3ec7f40 100644 --- a/mail-mta/ssmtp/ChangeLog +++ b/mail-mta/ssmtp/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for mail-mta/ssmtp # Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/mail-mta/ssmtp/ChangeLog,v 1.59 2008/09/09 12:22:55 rbu Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-mta/ssmtp/ChangeLog,v 1.60 2008/09/09 19:30:25 dertobi123 Exp $ + +*ssmtp-2.62-r3 (09 Sep 2008) + + 09 Sep 2008; Tobias Scherbaum <dertobi123@gentoo.org> + +files/CVE-2008-3962.patch, -ssmtp-2.62-r1.ebuild, -ssmtp-2.62-r2.ebuild, + +ssmtp-2.62-r3.ebuild: + Version bump, security bug #234391 09 Sep 2008; Robert Buchholz <rbu@gentoo.org> ssmtp-2.62-r1.ebuild: reverting stables diff --git a/mail-mta/ssmtp/files/CVE-2008-3962.patch b/mail-mta/ssmtp/files/CVE-2008-3962.patch new file mode 100644 index 000000000000..fca144fa6807 --- /dev/null +++ b/mail-mta/ssmtp/files/CVE-2008-3962.patch @@ -0,0 +1,14 @@ +--- ssmtp.orig/ssmtp.c ++++ ssmtp/ssmtp.c +@@ -485,6 +485,11 @@ char *from_format(char *str, bool_t over + die("from_format() -- snprintf() failed"); + } + } ++ else { ++ if(snprintf(buf, BUF_SZ, "%s", str) == -1) { ++ die("from_format() -- snprintf() failed"); ++ } ++ } + } + + #if 0 diff --git a/mail-mta/ssmtp/ssmtp-2.62-r1.ebuild b/mail-mta/ssmtp/ssmtp-2.62-r1.ebuild deleted file mode 100644 index 4aa0a89508e6..000000000000 --- a/mail-mta/ssmtp/ssmtp-2.62-r1.ebuild +++ /dev/null @@ -1,94 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/mail-mta/ssmtp/ssmtp-2.62-r1.ebuild,v 1.4 2008/09/09 12:22:55 rbu Exp $ - -inherit eutils toolchain-funcs autotools - -DESCRIPTION="Extremely simple MTA to get mail off the system to a Mailhub" -HOMEPAGE="ftp://ftp.debian.org/debian/pool/main/s/ssmtp/" -SRC_URI="mirror://debian/pool/main/s/ssmtp/${P/-/_}.orig.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd" -IUSE="ssl ipv6 md5sum" - -DEPEND="ssl? ( dev-libs/openssl )" -RDEPEND="${DEPEND} - !net-mail/mailwrapper - !virtual/mta" -PROVIDE="virtual/mta" - -S="${WORKDIR}/${PN}" - -pkg_setup() { - enewgroup ssmtp -} - -src_unpack() { - unpack ${A} - cd "${S}" - - epatch "${FILESDIR}/${P}-strndup.patch" - eautoreconf - - # Respect LDFLAGS (bug #152197) - sed -i -e 's:$(CC) -o:$(CC) @LDFLAGS@ -o:' Makefile.in -} - -src_compile() { - tc-export CC LD - - econf \ - --sysconfdir=/etc/ssmtp \ - $(use_enable ssl) \ - $(use_enable ipv6 inet6) \ - $(use_enable md5sum md5auth) \ - || die - make clean || die - make etcdir=/etc || die -} - -src_install() { - dodir /usr/bin /usr/sbin /usr/lib - dosbin ssmtp || die - fperms 755 /usr/sbin/ssmtp - - doman ssmtp.8 - dodoc INSTALL README TLS CHANGELOG_OLD - newdoc ssmtp.lsm DESC - - insinto /etc/ssmtp - doins ssmtp.conf revaliases - - local conffile="${D}etc/ssmtp/ssmtp.conf" - - mv "${conffile}" "${conffile}.orig" - - # Sorry about the weird indentation, I couldn't figure out a cleverer way - # to do this without having horribly >80 char lines. - sed -e "s:^hostname=:\n# Gentoo bug #47562\\ -# Commenting the following line will force ssmtp to figure\\ -# out the hostname itself.\n\\ -# hostname=:" \ - "${conffile}.orig" > "${conffile}" \ - || die "sed failed" - - rm "${conffile}.orig" || die "Failed to remove temporary created copy of ssmtp.conf" - - # Set restrictive perms on ssmtp.conf as per #187841 - # Protect the ssmtp configfile from being readable by regular users as it - # may contain login/password data to auth against a the mailhub used, add - # users to the ssmtp group to enable them to use ssmtp. - fowners root:ssmtp /etc/ssmtp/ssmtp.conf - fperms 640 /etc/ssmtp/ssmtp.conf - - fowners root:ssmtp /usr/sbin/ssmtp - fperms 750 /usr/sbin/ssmtp - - dosym /usr/sbin/ssmtp /usr/lib/sendmail - dosym /usr/sbin/ssmtp /usr/bin/sendmail - dosym /usr/sbin/ssmtp /usr/sbin/sendmail - dosym /usr/sbin/ssmtp /usr/bin/mailq - dosym /usr/sbin/ssmtp /usr/bin/newaliases -} diff --git a/mail-mta/ssmtp/ssmtp-2.62-r2.ebuild b/mail-mta/ssmtp/ssmtp-2.62-r3.ebuild index ffbfe8082641..7413f6fa7b01 100644 --- a/mail-mta/ssmtp/ssmtp-2.62-r2.ebuild +++ b/mail-mta/ssmtp/ssmtp-2.62-r3.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2008 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/mail-mta/ssmtp/ssmtp-2.62-r2.ebuild,v 1.2 2008/09/06 16:52:57 mr_bones_ Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-mta/ssmtp/ssmtp-2.62-r3.ebuild,v 1.1 2008/09/09 19:30:25 dertobi123 Exp $ inherit eutils toolchain-funcs autotools @@ -35,6 +35,9 @@ src_unpack() { epatch "${FILESDIR}"/${P}-maxsysuid-conf.patch fi + # CVE-2008-3962 + epatch "${FILESDIR}/CVE-2008-3962.patch" + epatch "${FILESDIR}/${P}-strndup.patch" eautoreconf |