From: "Jason A. Donenfeld" <zx2c4@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/, mail-mta/opensmtpd/files/
Date: Tue, 25 Feb 2020 02:02:53 +0000 (UTC) [thread overview]
Message-ID: <1582596171.bdcfa74624ec6f20fb94661457a3ba5fe70e56c3.zx2c4@gentoo> (raw)
commit: bdcfa74624ec6f20fb94661457a3ba5fe70e56c3
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Tue Feb 25 02:01:47 2020 +0000
Commit: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Tue Feb 25 02:02:51 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bdcfa746
mail-mta/opensmtpd: apply security fixes
Package-Manager: Portage-2.3.88, Repoman-2.3.20
Signed-off-by: Jason A. Donenfeld <zx2c4 <AT> gentoo.org>
mail-mta/opensmtpd/Manifest | 2 +-
.../files/opensmtpd-6.0.3_p1-security-fixes.patch | 32 ++++++++++++++++++++++
...3_p1-r2.ebuild => opensmtpd-6.0.3_p1-r3.ebuild} | 0
...d-6.6.2_p1.ebuild => opensmtpd-6.6.4_p1.ebuild} | 0
4 files changed, 33 insertions(+), 1 deletion(-)
diff --git a/mail-mta/opensmtpd/Manifest b/mail-mta/opensmtpd/Manifest
index 725fb596054..0c001fb94e6 100644
--- a/mail-mta/opensmtpd/Manifest
+++ b/mail-mta/opensmtpd/Manifest
@@ -1,2 +1,2 @@
DIST opensmtpd-6.0.3p1.tar.gz 699702 BLAKE2B 49f08e8329adc049a562b6ef7efa4c0a39cbcfe8a158cb905cfc726a7302ffe9833ccfb52041340767d55d0f2ae2087e8eac92b7359016c6c76b4d963a334558 SHA512 e579818a0ddbe637deb5a4e40f43eaf797783903ceac18fd89a57581b135b9e407d424e1a70ff7b4b06a0ee50bafb6e8ab2451371917887904b06ff1b55d320f
-DIST opensmtpd-6.6.2p1.tar.gz 777422 BLAKE2B e372a10f618e83ccb6c782d056750f89a5224898a28957509ab306fbe8bb4ea94462c1bbccbbe9c0dea64623c250d9fe9f3b74f2e26eda5d6c232bec50bff1d0 SHA512 b0f7ea94514a4a1880a22996064caa7da0a15e6453236ca2f004402125affa80e9d8c25d3e63826b45045305851959bc58c2c855829e46d6967bf6cd13bd1e91
+DIST opensmtpd-6.6.4p1.tar.gz 790754 BLAKE2B 18cc19569ae764eff3d672cbfb87df7bd00afcce93705ad128e935c0a47a246c3a6166fca7b6f844c0dd5e728492d8aeb7e0f8a8c1f5a756bf356ae9afb80852 SHA512 267307c91f4fcf21624b0897dfb1f5638b77da7b8d9a02211d734ed2cc5bd39ea7542ae7f200255e2945518fbe7609a0e5aa4e5c6dcb8146014f08b3845c108b
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch b/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch
index 58f3ed8c38b..b22f3af1fbe 100644
--- a/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch
+++ b/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch
@@ -89,3 +89,35 @@ diff -ru OpenSMTPD-opensmtpd-6.0.3/smtpd/smtp_session.c OpenSMTPD-opensmtpd-6.0.
return (1);
}
+diff -ru opensmtpd-6.0.3p1/smtpd/mta_session.c opensmtpd-6.0.3p1-modified/smtpd/mta_session.c
+--- opensmtpd-6.0.3p1/smtpd/mta_session.c 2018-01-10 21:06:40.000000000 +0800
++++ opensmtpd-6.0.3p1-modified/smtpd/mta_session.c 2020-02-25 09:57:04.624147227 +0800
+@@ -1214,7 +1214,7 @@
+ if (cont) {
+ if (s->replybuf[0] == '\0')
+ (void)strlcat(s->replybuf, line, sizeof s->replybuf);
+- else {
++ else if (len > 4) {
+ line = line + 4;
+ if (isdigit((int)*line) && *(line + 1) == '.' &&
+ isdigit((int)*line+2) && *(line + 3) == '.' &&
+@@ -1229,7 +1229,9 @@
+ /* last line of a reply, check if we're on a continuation to parse out status and ESC.
+ * if we overflow reply buffer or are not on continuation, log entire last line.
+ */
+- if (s->replybuf[0] != '\0') {
++ if (s->replybuf[0] == '\0')
++ (void)strlcat(s->replybuf, line, sizeof s->replybuf);
++ else if (len > 4) {
+ p = line + 4;
+ if (isdigit((int)*p) && *(p + 1) == '.' &&
+ isdigit((int)*p+2) && *(p + 3) == '.' &&
+@@ -1238,8 +1240,6 @@
+ if (strlcat(s->replybuf, p, sizeof s->replybuf) >= sizeof s->replybuf)
+ (void)strlcpy(s->replybuf, line, sizeof s->replybuf);
+ }
+- else
+- (void)strlcpy(s->replybuf, line, sizeof s->replybuf);
+
+ if (s->state == MTA_QUIT) {
+ log_info("%016"PRIx64" mta event=closed reason=quit messages=%zu",
diff --git a/mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r2.ebuild b/mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r3.ebuild
similarity index 100%
rename from mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r2.ebuild
rename to mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r3.ebuild
diff --git a/mail-mta/opensmtpd/opensmtpd-6.6.2_p1.ebuild b/mail-mta/opensmtpd/opensmtpd-6.6.4_p1.ebuild
similarity index 100%
rename from mail-mta/opensmtpd/opensmtpd-6.6.2_p1.ebuild
rename to mail-mta/opensmtpd/opensmtpd-6.6.4_p1.ebuild
next reply other threads:[~2020-02-25 2:02 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-25 2:02 Jason A. Donenfeld [this message]
-- strict thread matches above, loose matches on Subject: below --
2016-06-08 8:02 [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/, mail-mta/opensmtpd/files/ Jason Donenfeld
2016-03-02 16:38 Jason Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1582596171.bdcfa74624ec6f20fb94661457a3ba5fe70e56c3.zx2c4@gentoo \
--to=zx2c4@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox