aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbarner <barner@FreeBSD.org>2008-07-02 00:35:50 +0800
committerbarner <barner@FreeBSD.org>2008-07-02 00:35:50 +0800
commit83f4b8b71efa5d5fd4d3871a3ba89646e585c434 (patch)
tree06e4082840ddeebc80603975efd2dcb4a14c7b47
parent76837d76f0a9fe103c0b43953c085cea59e32b93 (diff)
downloadfreebsd-ports-gnome-83f4b8b71efa5d5fd4d3871a3ba89646e585c434.tar.gz
freebsd-ports-gnome-83f4b8b71efa5d5fd4d3871a3ba89646e585c434.tar.zst
freebsd-ports-gnome-83f4b8b71efa5d5fd4d3871a3ba89646e585c434.zip
- Use revised patch for CVE-2008-2711
- Bump port revision Security: http://fetchmail.berlios.de/fetchmail-SA-2008-01.txt Security: http://www.vuxml.org/freebsd/1e8e63c0-478a-11dd-a88d-000ea69a5213.html
-rw-r--r--mail/fetchmail/Makefile2
-rw-r--r--mail/fetchmail/files/patch-CVE-2008-271141
2 files changed, 32 insertions, 11 deletions
diff --git a/mail/fetchmail/Makefile b/mail/fetchmail/Makefile
index 5c5bf8667d46..fd920ae61ba3 100644
--- a/mail/fetchmail/Makefile
+++ b/mail/fetchmail/Makefile
@@ -11,7 +11,7 @@
PORTNAME= fetchmail
PORTVERSION= 6.3.8
-PORTREVISION= 6
+PORTREVISION= 7
CATEGORIES= mail ipv6
MASTER_SITES= ${MASTER_SITE_BERLIOS} \
${MASTER_SITE_SUNSITE:S/$/:sunsite/}\
diff --git a/mail/fetchmail/files/patch-CVE-2008-2711 b/mail/fetchmail/files/patch-CVE-2008-2711
index a8514ac2ff47..adac89b03670 100644
--- a/mail/fetchmail/files/patch-CVE-2008-2711
+++ b/mail/fetchmail/files/patch-CVE-2008-2711
@@ -1,27 +1,48 @@
-diff --git a/report.c b/report.c
-index 31d4e48..2a731ac 100644
---- ./report.c~
-+++ ./report.c
-@@ -238,11 +238,17 @@ report_build (FILE *errfp, message, va_alist)
+--- report.c.orig 2008-07-01 18:15:58.000000000 +0200
++++ report.c 2008-07-01 18:18:53.000000000 +0200
+@@ -238,11 +238,17 @@
rep_ensuresize();
-
+
#if defined(VA_START)
- VA_START (args, message);
for ( ; ; )
{
+ /*
-+ * args has to be initialized before every call of vsnprintf(),
-+ * because vsnprintf() invokes va_arg macro and thus args is
++ * args has to be initialized before every call of vsnprintf(),
++ * because vsnprintf() invokes va_arg macro and thus args is
+ * undefined after the call.
+ */
+ VA_START(args, message);
n = vsnprintf (partial_message + partial_message_size_used, partial_message_size - partial_message_size_used,
message, args);
+ va_end (args);
-
+
if (n >= 0
&& (unsigned)n < partial_message_size - partial_message_size_used)
-@@ -254,7 +260,6 @@ report_build (FILE *errfp, message, va_alist)
+@@ -254,7 +260,6 @@
+ partial_message_size += 2048;
+ partial_message = REALLOC (partial_message, partial_message_size);
+ }
+- va_end (args);
+ #else
+ for ( ; ; )
+ {
+@@ -304,12 +309,13 @@
+ rep_ensuresize();
+
+ #if defined(VA_START)
+- VA_START (args, message);
+ for ( ; ; )
+ {
++ VA_START(args, message);
+ n = vsnprintf (partial_message + partial_message_size_used,
+ partial_message_size - partial_message_size_used,
+ message, args);
++ va_end(args);
+
+ /* old glibc versions return -1 for truncation */
+ if (n >= 0
+@@ -322,7 +328,6 @@
partial_message_size += 2048;
partial_message = REALLOC (partial_message, partial_message_size);
}