OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Michael Schloh
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 08-Apr-2004 13:41:15
Branch: OPENPKG_1_3_SOLID Handle: 2004040812411400
Added files: (Branch: OPENPKG_1_3_SOLID)
openpkg-src/fetchmail fetchmail.patch
Modified files: (Branch: OPENPKG_1_3_SOLID)
openpkg-src/fetchmail fetchmail.spec
Log:
OpenPKG-SA-2004.012-fetchmail (CAN-2003-0792): Using patch code from
Mandrake's fetchmail-6.2.4-reply_hack.patch and Immunix's
fetchmail-5.9.0-reply_hack.patch, modify it to conform to fetchmail
6.2.3 for use in OpenPKG UPD package fetchmail-6.2.3-1.3.1.src.rpm
Summary:
Revision Changes Path
1.1.10.1 +67 -0 openpkg-src/fetchmail/fetchmail.patch
1.43.2.2.2.2+3 -1 openpkg-src/fetchmail/fetchmail.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/fetchmail/fetchmail.patch
============================================================================
$ cvs diff -u -r0 -r1.1.10.1 fetchmail.patch
--- /dev/null 2004-04-08 13:41:15.000000000 +0200
+++ fetchmail.patch 2004-04-08 13:41:15.000000000 +0200
@@ -0,0 +1,67 @@
+Lines 9-73 of this patch resolve CAN-2003-0792:
+
+* When allocating storage for an overlong line, allocate space for the
+ string's NUL terminator.
+* When rewriting a header to qualify email addresses, update the length
+ (the header must not contain NUL bytes) to account for newly-added text so
+ that we avoid chopping off data when the line is stored in the headers list.
+
+diff -Nau fetchmail.h.orig fetchmail.h
+--- fetchmail.h.orig 2003-08-05 23:30:16.000000000 -0400
++++ fetchmail.h 2003-10-09 15:36:07.000000000 -0400
+@@ -506,7 +506,7 @@
+ void close_warning_by_mail(struct query *, struct msgblk *);
+
+ /* rfc822.c: RFC822 header parsing */
+-unsigned char *reply_hack(unsigned char *, const unsigned char *);
++unsigned char *reply_hack(unsigned char *, const unsigned char *, int *);
+ unsigned char *nxtaddr(const unsigned char *);
+
+ /* uid.c: UID support */
+diff -Nau rfc822.c.orig rfc822.c
+--- rfc822.c.orig 2003-10-09 15:38:42.000000000 -0400
++++ rfc822.c 2003-10-09 15:36:33.000000000 -0400
+@@ -39,10 +39,11 @@
+
+ #define HEADER_END(p) ((p)[0] == '\n' && ((p)[1] != ' ' && (p)[1] != '\t'))
+
+-unsigned char *reply_hack(buf, host)
++unsigned char *reply_hack(buf, host, length)
+ /* hack message headers so replies will work properly */
+ unsigned char *buf; /* header to be hacked */
+ const unsigned char *host; /* server hostname */
++int *length;
+ {
+ unsigned char *from, *cp, last_nws = '\0', *parens_from = NULL;
+ int parendepth, state, has_bare_name_part, has_host_part;
+@@ -208,6 +209,7 @@
+ if (outlevel >= O_DEBUG)
+ report_complete(stdout, GT_("Rewritten version is %s\n"), buf);
+ #endif /* MAIN */
++ *length = strlen(buf);
+ return(buf);
+ }
+
+diff -Nau transact.c.orig transact.c
+--- transact.c.orig 2003-08-05 23:30:19.000000000 -0400
++++ transact.c 2003-10-09 15:28:40.000000000 -0400
+@@ -446,8 +446,9 @@
+ */
+ if ( n && buf[n-1] != '\n' ) {
+ overlong = TRUE;
+- line = realloc(line, linelen);
++ line = realloc(line, linelen + 1);
+ memcpy(line + linelen - n, buf, n);
++ line[linelen] = '\0';
+ ch = ' '; /* So the next iteration starts */
+ continue;
+ }
+@@ -659,7 +659,7 @@
+ }
+
+ if (ctl->rewrite)
+- line = reply_hack(line, ctl->server.truename);
++ line = reply_hack(line, ctl->server.truename, &linelen);
+
+ /*
+ * OK, this is messy. If we're forwarding by SMTP, it's the
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/fetchmail/fetchmail.spec
============================================================================
$ cvs diff -u -r1.43.2.2.2.1 -r1.43.2.2.2.2 fetchmail.spec
--- openpkg-src/fetchmail/fetchmail.spec 29 Jul 2003 14:58:50 -0000
1.43.2.2.2.1
+++ openpkg-src/fetchmail/fetchmail.spec 8 Apr 2004 11:41:14 -0000
1.43.2.2.2.2
@@ -33,10 +33,11 @@
Group: Mail
License: GPL
Version: 6.2.3
-Release: 1.3.0
+Release: 1.3.1
# list of sources
Source0: http://www.catb.org/~esr/fetchmail/fetchmail-%{version}.tar.gz
+Patch0: fetchmail.patch
# build information
Prefix: %{l_prefix}
@@ -58,6 +59,7 @@
%prep
%setup -q
+ %patch -p0
# don't outguess configure parameters
%{l_shtool} subst \
-e 's;test -r $with_ssl/include/openssl/ssl.h;false;' \
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
