diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2014-09-10 06:48:58 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-09-10 06:49:39 +0000 |
| commit | 727f38810c48dea818e1ceb081ae2b2b8ca122f5 (patch) | |
| tree | 095cc5ebd89a013c7e7c43a69f1df33b127bcfc6 /main/procmail | |
| parent | a5b8e233b6a0c7de7ab544e741192422b46816bb (diff) | |
| download | aports-727f38810c48dea818e1ceb081ae2b2b8ca122f5.tar.bz2 aports-727f38810c48dea818e1ceb081ae2b2b8ca122f5.tar.xz | |
main/procmail: security fix (CVE-2014-3618)
ref #3361
Diffstat (limited to 'main/procmail')
| -rw-r--r-- | main/procmail/APKBUILD | 15 | ||||
| -rw-r--r-- | main/procmail/CVE-2014-3618.patch | 16 |
2 files changed, 28 insertions, 3 deletions
diff --git a/main/procmail/APKBUILD b/main/procmail/APKBUILD index ddf980fa3d..618d927049 100644 --- a/main/procmail/APKBUILD +++ b/main/procmail/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Carlo Landmeter <clandmeter@gmail.com> pkgname=procmail pkgver=3.22 -pkgrel=0 +pkgrel=1 pkgdesc="Highly configurable auto mail processing" url="http://www.procmail.org" arch="all" @@ -13,7 +13,9 @@ makedepends="$depends_dev" install="" subpackages="$pkgname-doc" source="ftp://ftp.informatik.rwth-aachen.de/pub/packages/procmail/procmail-$pkgver.tar.gz -procmail-3.22-getline.patch" + procmail-3.22-getline.patch + CVE-2014-3618.patch + " _builddir="$srcdir"/procmail-$pkgver prepare() { @@ -43,4 +45,11 @@ package() { } md5sums="1678ea99b973eb77eda4ecf6acae53f1 procmail-3.22.tar.gz -cf8e5d4854050ab0c836e07406a3dfa9 procmail-3.22-getline.patch" +cf8e5d4854050ab0c836e07406a3dfa9 procmail-3.22-getline.patch +a24e86941e3357ef4fe51e2ec02b32b1 CVE-2014-3618.patch" +sha256sums="087c75b34dd33d8b9df5afe9e42801c9395f4bf373a784d9bc97153b0062e117 procmail-3.22.tar.gz +aaa5ce562e5ef65f56a0225eedda3fcc7ab2938da6097ed4d9b11abf861929de procmail-3.22-getline.patch +024e6d599abf585d181d8871c5dd69bf9480fee177832a72e7240d351b7954df CVE-2014-3618.patch" +sha512sums="3d0658329a55957a8d5741e03b0853b030c4524acef30641663213aa9eefc8264f8cc2b68a00a89e5f9f0f7c916c41a42e1b6c8df562c545ba97d8ab9049a936 procmail-3.22.tar.gz +b0a908a04d1af27b3ff98326d00d2dde3e6c0ed0d63eec1884bec6a5e9e8d8846140993322ef609b4a7eb882f077581b5a9d56d81c8160b7c29ca95a3aaca868 procmail-3.22-getline.patch +2d7f9983dd49afcb33de5a856bdc21cfd972b50e8df5ba46b2f61a521f32d842e50f73b34e32f8adbab2acb572d8da4f512bc9f7a2a909584a7b15be9ad9cfcd CVE-2014-3618.patch" diff --git a/main/procmail/CVE-2014-3618.patch b/main/procmail/CVE-2014-3618.patch new file mode 100644 index 0000000000..3692acc02d --- /dev/null +++ b/main/procmail/CVE-2014-3618.patch @@ -0,0 +1,16 @@ +--- a/src/formisc.c ++++ b/src/formisc.c +@@ -84,12 +84,11 @@ + case '"':*target++=delim='"';start++; + } + ;{ int i; +- do ++ while(*start) + if((i= *target++= *start++)==delim) /* corresponding delimiter? */ + break; + else if(i=='\\'&&*start) /* skip quoted character */ + *target++= *start++; +- while(*start); /* anything? */ + } + hitspc=2; + } |