commit: cbf4ae0b94c68b61515b0db19ac301ca8743deb8 Author: Christopher Fore <csfore <AT> posteo <DOT> net> AuthorDate: Mon Apr 22 04:05:04 2024 +0000 Commit: Bernard Cafarelli <voyageur <AT> gentoo <DOT> org> CommitDate: Mon Apr 22 15:51:30 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cbf4ae0b
net-libs/libetpan: Add patch for CVE-2022-4121 - Also bump EAPI to version 8 - Build succeeds on amd64 - Tests don't seem to run Bug: https://bugs.gentoo.org/891263 Signed-off-by: Christopher Fore <csfore <AT> posteo.net> Closes: https://github.com/gentoo/gentoo/pull/36351 Signed-off-by: Bernard Cafarelli <voyageur <AT> gentoo.org> .../files/libetpan-1.9.4-CVE-2022-4121.patch | 29 ++++++++ net-libs/libetpan/libetpan-1.9.4-r2.ebuild | 78 ++++++++++++++++++++++ 2 files changed, 107 insertions(+) diff --git a/net-libs/libetpan/files/libetpan-1.9.4-CVE-2022-4121.patch b/net-libs/libetpan/files/libetpan-1.9.4-CVE-2022-4121.patch new file mode 100644 index 000000000000..2d97ac8e972e --- /dev/null +++ b/net-libs/libetpan/files/libetpan-1.9.4-CVE-2022-4121.patch @@ -0,0 +1,29 @@ +From 5c9eb6b6ba64c4eb927d7a902317410181aacbba Mon Sep 17 00:00:00 2001 +From: Hoa Dinh <[email protected]> +Date: Mon, 19 Dec 2022 08:16:32 -0800 +Subject: [PATCH] Fixed crash when st_info_list is NULL. Fixes #420. Fixes + CVE-2022-4121. + +--- + src/low-level/imap/mailimap_types.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/src/low-level/imap/mailimap_types.c b/src/low-level/imap/mailimap_types.c +index 9923125c..79a0cc23 100644 +--- a/src/low-level/imap/mailimap_types.c ++++ b/src/low-level/imap/mailimap_types.c +@@ -1389,9 +1389,11 @@ void + mailimap_mailbox_data_status_free(struct mailimap_mailbox_data_status * info) + { + mailimap_mailbox_free(info->st_mailbox); +- clist_foreach(info->st_info_list, (clist_func) mailimap_status_info_free, +- NULL); +- clist_free(info->st_info_list); ++ if (info->st_info_list != NULL) { ++ clist_foreach(info->st_info_list, (clist_func) mailimap_status_info_free, ++ NULL); ++ clist_free(info->st_info_list); ++ } + free(info); + } + diff --git a/net-libs/libetpan/libetpan-1.9.4-r2.ebuild b/net-libs/libetpan/libetpan-1.9.4-r2.ebuild new file mode 100644 index 000000000000..149c51e7ac5f --- /dev/null +++ b/net-libs/libetpan/libetpan-1.9.4-r2.ebuild @@ -0,0 +1,78 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit autotools + +DESCRIPTION="A portable, efficient middleware for different kinds of mail access" +HOMEPAGE="https://libetpan.sourceforge.net/"; +SRC_URI="https://github.com/dinhviethoa/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos" +IUSE="berkdb gnutls ipv6 liblockfile lmdb sasl ssl static-libs" + +# BerkDB is only supported up to version 6.0 +DEPEND="sys-libs/zlib + !lmdb? ( berkdb? ( sys-libs/db:= ) ) + lmdb? ( dev-db/lmdb ) + ssl? ( + gnutls? ( net-libs/gnutls:= ) + !gnutls? ( + dev-libs/openssl:0= + ) + ) + sasl? ( dev-libs/cyrus-sasl:2 ) + liblockfile? ( net-libs/liblockfile )" +RDEPEND="${DEPEND}" + +PATCHES=( + "${FILESDIR}"/${PN}-1.0-nonnull.patch + "${FILESDIR}"/${PN}-1.9.4-berkdb_lookup.patch #519846 + "${FILESDIR}"/${PN}-1.9.4-pkgconfig_file_no_ldflags.patch + "${FILESDIR}"/${P}-CVE-2020-15953.patch #734130 + "${FILESDIR}"/${P}-CVE-2022-4121.patch #891263 +) + +pkg_pretend() { + if use gnutls && ! use ssl ; then + ewarn "You have \"gnutls\" USE flag enabled but \"ssl\" USE flag disabled!" + ewarn "No ssl support will be available in ${PN}." + fi + + if use berkdb && use lmdb ; then + ewarn "You have \"berkdb\" _and_ \"lmdb\" USE flags enabled." + ewarn "Using lmdb as cache DB!" + fi +} + +src_prepare() { + default + eautoreconf +} + +src_configure() { + # in Prefix emake uses SHELL=${BASH}, export CONFIG_SHELL to the same so + # libtool recognises it as valid shell (bug #300211) + use prefix && export CONFIG_SHELL=${BASH} + local myeconfargs=( + # --enable-debug simply injects "-O2 -g" into CFLAGS + --disable-debug + $(use_enable ipv6) + $(use_enable liblockfile lockfile) + $(use_enable static-libs static) + $(use_with sasl) + $(usex lmdb '--enable-lmdb --disable-db' "$(use_enable berkdb db) --disable-lmdb") + $(usex ssl "$(use_with gnutls) $(use_with !gnutls openssl)" '--without-gnutls --without-openssl') + ) + econf "${myeconfargs[@]}" +} + +src_install() { + default + find "${ED}" -name "*.la" -delete || die + if ! use static-libs ; then + find "${ED}" -name "*.a" -delete || die + fi +}
