aboutsummaryrefslogtreecommitdiffstats
path: root/community/heirloom-mailx/0001-outof-Introduce-expandaddr-flag.patch
diff options
context:
space:
mode:
Diffstat (limited to 'community/heirloom-mailx/0001-outof-Introduce-expandaddr-flag.patch')
-rw-r--r--community/heirloom-mailx/0001-outof-Introduce-expandaddr-flag.patch65
1 files changed, 65 insertions, 0 deletions
diff --git a/community/heirloom-mailx/0001-outof-Introduce-expandaddr-flag.patch b/community/heirloom-mailx/0001-outof-Introduce-expandaddr-flag.patch
new file mode 100644
index 0000000000..c56e8a79a7
--- /dev/null
+++ b/community/heirloom-mailx/0001-outof-Introduce-expandaddr-flag.patch
@@ -0,0 +1,65 @@
+>From 9984ae5cb0ea0d61df1612b06952a61323c083d9 Mon Sep 17 00:00:00 2001
+From: Florian Weimer <fweimer () redhat com>
+Date: Mon, 17 Nov 2014 11:13:38 +0100
+Subject: [PATCH 1/4] outof: Introduce expandaddr flag
+
+Document that address expansion is disabled unless the expandaddr
+binary option is set.
+
+This has been assigned CVE-2014-7844 for BSD mailx, but it is not
+a vulnerability in Heirloom mailx because this feature was documented.
+---
+ mailx.1 | 14 ++++++++++++++
+ names.c | 3 +++
+ 2 files changed, 17 insertions(+)
+
+diff --git a/mailx.1 b/mailx.1
+index 70a7859..22a171b 100644
+--- a/mailx.1
++++ b/mailx.1
+@@ -656,6 +656,14 @@ but any reply returned to the machine
+ will have the system wide alias expanded
+ as all mail goes through sendmail.
+ .SS "Recipient address specifications"
++If the
++.I expandaddr
++option is not set (the default), recipient addresses must be names of
++local mailboxes or Internet mail addresses.
++.PP
++If the
++.I expandaddr
++option is set, the following rules apply:
+ When an address is used to name a recipient
+ (in any of To, Cc, or Bcc),
+ names of local mail folders
+@@ -2391,6 +2399,12 @@ and exits immediately.
+ If this option is set,
+ \fImailx\fR starts even with an empty mailbox.
+ .TP
++.B expandaddr
++Causes
++.I mailx
++to expand message recipient addresses, as explained in the section,
++Recipient address specifications.
++.TP
+ .B flipr
+ Exchanges the
+ .I Respond
+diff --git a/names.c b/names.c
+index 66e976b..c69560f 100644
+--- a/names.c
++++ b/names.c
+@@ -268,6 +268,9 @@ outof(struct name *names, FILE *fo, struct header *hp)
+ FILE *fout, *fin;
+ int ispipe;
+
++ if (value("expandaddr") == NULL)
++ return names;
++
+ top = names;
+ np = names;
+ time(&now);
+--
+1.9.3
+
+
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-24 05:09:58 +0000