From 24765b43d28e9907ac459292027091d83b623fb8 Mon Sep 17 00:00:00 2001 From: sheldonh Date: Mon, 11 Jun 2001 15:07:51 +0000 Subject: Apply officially sanctioned patch to close a format string vulnerability in exim batch SMTP mode. The vulnerability is _not_ exploitable by external SMTP callers. --- mail/exim-old/Makefile | 2 +- mail/exim-old/files/patch-src::accept.c | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 mail/exim-old/files/patch-src::accept.c (limited to 'mail/exim-old') diff --git a/mail/exim-old/Makefile b/mail/exim-old/Makefile index 935b05fe09c..6b9b62e0687 100644 --- a/mail/exim-old/Makefile +++ b/mail/exim-old/Makefile @@ -7,7 +7,7 @@ PORTNAME= exim PORTVERSION= 3.22 -PORTREVISION= 5 +PORTREVISION= 6 CATEGORIES= mail MASTER_SITES= ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/ \ http://www.exim.org/ftp/ \ diff --git a/mail/exim-old/files/patch-src::accept.c b/mail/exim-old/files/patch-src::accept.c new file mode 100644 index 00000000000..c74c9178b5b --- /dev/null +++ b/mail/exim-old/files/patch-src::accept.c @@ -0,0 +1,11 @@ +--- src/accept.c.orig Mon Jun 11 17:00:24 2001 ++++ src/accept.c Mon Jun 11 17:01:30 2001 +@@ -2503,7 +2503,7 @@ + nothing on success. The function moan_smtp_batch() does not return - + it exits from the program with a non-zero return code. */ + +- else if (smtp_reply != NULL) moan_smtp_batch(NULL, smtp_reply); ++ else if (smtp_reply != NULL) moan_smtp_batch(NULL, "%s", smtp_reply); + } + + /* Reset headers so that logging of rejects for a subsequent message doesn't -- cgit