[Frugalware-git] gnometesting: libesmtp-1.0.4-2-i686

Fri, 19 Mar 2010 04:45:29 -0700 

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=gnometesting.git;a=commitdiff;h=9e075d3a1e9a37556680fa7bd23b46f043cb552c

commit 9e075d3a1e9a37556680fa7bd23b46f043cb552c
Author: Miklos Vajna <vmik...@frugalware.org>
Date:   Tue Mar 16 20:35:19 2010 +0100

libesmtp-1.0.4-2-i686

- add CVE-2009-2408.patch
- closes #4141

diff --git a/source/network-extra/libesmtp/CVE-2009-2408.patch 
b/source/network-extra/libesmtp/CVE-2009-2408.patch
new file mode 100644
index 0000000..f9c6fcc
--- /dev/null
+++ b/source/network-extra/libesmtp/CVE-2009-2408.patch
@@ -0,0 +1,42 @@
+--- smtp-tls.c-orig    2005-12-15 19:59:49.000000000 +0100
++++ smtp-tls.c 2010-03-09 21:37:16.769301648 +0100
+@@ -439,16 +439,24 @@
+ match_component (const char *dom, const char *edom,
+                  const char *ref, const char *eref)
+ {
++  int wildcard = 0;
++
+   while (dom < edom && ref < eref)
+     {
+       /* Accept a final '*' in the reference as a wildcard */
+       if (*ref == '*' && ref + 1 == eref)
+-        break;
++       {
++         wildcard = 1;
++         break;
++       }
+       /* compare the domain name case insensitive */
+       if (!(*dom == *ref || tolower (*dom) == tolower (*ref)))
+         return 0;
+       ref++, dom++;
+     }
++  if (!wildcard && (dom < edom || ref < eref))
++    return 0;
++
+   return 1;
+ }
+
+@@ -589,9 +597,10 @@
+       if (!ok)
+       {
+         /* Matching by subjectAltName failed, try commonName */
+-        X509_NAME_get_text_by_NID (X509_get_subject_name (cert),
+-                                   NID_commonName, buf, sizeof buf);
+-        if (!match_domain (session->host, buf) != 0)
++        int l = X509_NAME_get_text_by_NID (X509_get_subject_name (cert),
++                                             NID_commonName, buf, sizeof buf);
++        if (l != strlen(buf) ||
++              !match_domain (session->host, buf) != 0)
+           {
+             if (session->event_cb != NULL)
+               (*session->event_cb) (session, SMTP_EV_WRONG_PEER_CERTIFICATE,
diff --git a/source/network-extra/libesmtp/FrugalBuild 
b/source/network-extra/libesmtp/FrugalBuild
index ca56082..3de9b0b 100644
--- a/source/network-extra/libesmtp/FrugalBuild
+++ b/source/network-extra/libesmtp/FrugalBuild
@@ -3,16 +3,18 @@

pkgname=libesmtp
pkgver=1.0.4
-pkgrel=1
+pkgrel=2
pkgdesc="A library that implements the client side of the SMTP protocol"
url="http://www.stafford.uklinux.net/libesmtp/";
depends=('openssl')
groups=('network-extra')
archs=('i686' 'x86_64' 'ppc')
up2date="Flasttar $url/download.html"
-source=(http://www.stafford.uklinux.net/$pkgname/$pkgname-$pkgver.tar.bz2)
+source=(http://www.stafford.uklinux.net/$pkgname/$pkgname-$pkgver.tar.bz2 \
+       CVE-2009-2408.patch)
Fconfopts="$Fconfopts --enable-all"
-sha1sums=('cda45c437164ecfa4fd8cf24d0a056224fc29c6a')
+sha1sums=('cda45c437164ecfa4fd8cf24d0a056224fc29c6a' \
+          '0110b08b787a7023f5002413723a336edc0cc942')

if [ "$CARCH" == "x86_64" ]; then
export CFLAGS="$CFLAGS -fPIC"
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to