Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libesmtp for openSUSE:Factory checked in at 2023-01-03 15:04:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libesmtp (Old) and /work/SRC/openSUSE:Factory/.libesmtp.new.1563 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libesmtp" Tue Jan 3 15:04:31 2023 rev:23 rq:1046053 version:1.1.0 Changes: -------- --- /work/SRC/openSUSE:Factory/libesmtp/libesmtp.changes 2021-08-11 11:47:15.417743628 +0200 +++ /work/SRC/openSUSE:Factory/.libesmtp.new.1563/libesmtp.changes 2023-01-03 15:04:39.698263422 +0100 @@ -1,0 +2,31 @@ +Tue Dec 27 10:32:59 UTC 2022 - Paolo Stivanin <i...@paolostivanin.com> + +- Update to 1.1.0: + * CVE-2019-19977: avoid potential stack overflow in NTLM authenticator. + * Migrate build system to Meson + * Remove GNU libltdl support, assume dlopen() always available. + * Use a linker map to restrict public symbols to API only. + * Add sentinel and âformat printfâ attributes to function declarations. + * Remove getaddrinfo() implementation. + * Use strlcpy() for safer string copies, provide implementation + for systems that need it. + * Update âapplication dataâ APIs + * Add âsmtp_get_server_name()â API. + * Collect replacement functions into missing.c + * Prohibit Resent-Reply-To: header. + * Use canonic domain name of MTA where known + * Implement rfc2822date() with strftime() if available. + * add option for XDG file layout convention instead of ~/.authenticate + * OpenSSL + + Remove support for OpenSSL versions before v1.1.0 + + Update OpenSSL API calls used for modern versions + + Require TLS v1 or higher + * Add add_ntlm.patch + * Drop the following patches: + + libesmtp-removedecls.diff + + libesmtp-1.0.4-bloat.patch + + libesmtp-fix-cve-2019-19977.patch + + libesmtp-openssl11.patch + + libesmtp-tlsv12.patch + +------------------------------------------------------------------- Old: ---- libesmtp-1.0.4-bloat.patch libesmtp-1.0.6.tar.bz2 libesmtp-fix-cve-2019-19977.patch libesmtp-openssl11.patch libesmtp-removedecls.diff libesmtp-tlsv12.patch New: ---- add_ntlm.patch libesmtp-1.1.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libesmtp.spec ++++++ --- /var/tmp/diff_new_pack.b2g0Qw/_old 2023-01-03 15:04:40.386267437 +0100 +++ /var/tmp/diff_new_pack.b2g0Qw/_new 2023-01-03 15:04:40.394267484 +0100 @@ -1,7 +1,7 @@ # # spec file for package libesmtp # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,31 +12,26 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # +%define so_ver 6.2.0 +%define lname libesmtp6_2_0 Name: libesmtp -%define lname libesmtp6 -Version: 1.0.6 +Version: 1.1.0 Release: 0 Summary: A Library for Posting Electronic Mail -License: GPL-2.0+ and LGPL-2.1+ +License: GPL-2.0-or-later AND LGPL-2.1-or-later Group: Development/Libraries/C and C++ -Url: http://www.stafford.uklinux.net/libesmtp/ -Source0: %{name}-%{version}.tar.bz2 -# PATCH-MISSING-TAG -- See http://wiki.opensuse.org/Packaging/Patches -Patch0: libesmtp-removedecls.diff -# PATCH-MISSING-TAG -- See http://wiki.opensuse.org/Packaging/Patches -Patch1: libesmtp-1.0.4-bloat.patch -# PATCH-FIX-UPSTREAM libesmtp-tlsv12.patch crrodrig...@opensuse.org -- All TLS clients must support and use the highest TLS version available -Patch2: libesmtp-tlsv12.patch -Patch3: libesmtp-openssl11.patch -# PATCH-FIX-UPSTREAM libesmtp-fix-cve-2019-19977.patch yfji...@suse.com bsc#1189097 bsc#1160462 - Fix stack-based buffer over-read in ntlm/ntlmstruct.c. -Patch4: libesmtp-fix-cve-2019-19977.patch -BuildRequires: openssl-devel +URL: https://libesmtp.github.io/ +Source0: https://github.com/libesmtp/libESMTP/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +Patch0: add_ntlm.patch BuildRequires: libtool -BuildRoot: %{_tmppath}/%{name}-%{version}-build +BuildRequires: meson >= 0.50.0 +BuildRequires: openssl-devel >= 1.1.0 +BuildRequires: pkgconfig +BuildRequires: pkgconfig(libntlm) %description libESMTP is a library to manage posting (or submission of) electronic @@ -45,11 +40,11 @@ must be able to post electronic mail but where mail functionality is not that program's primary purpose. -%package -n %lname +%package -n %{lname} Summary: A Library for Posting Electronic Mail Group: System/Libraries -%description -n %lname +%description -n %{lname} libESMTP is a library to manage posting (or submission of) electronic mail using SMTP to a preconfigured Mail Transport Agent (MTA). It may be used as part of a Mail User Agent (MUA) or another program that @@ -59,7 +54,7 @@ %package devel Summary: A Library for Posting Electronic Mail Group: Development/Libraries/C and C++ -Requires: %lname = %version +Requires: %{lname} = %{version} %description devel libESMTP is a library to manage posting (or submission of) electronic @@ -68,38 +63,28 @@ This subpackage contains the API definition files. %prep -%setup -q -%patch0 -%patch1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 +%autosetup -p1 -n libESMTP-%{version} %build -autoreconf -fiv -%configure --with-openssl=yes --disable-static --enable-ntlm --enable-etrn \ - --disable-isoc --with-auth-plugin-dir="%_libdir/%lname-plugins" -make %{?_smp_mflags} +%meson \ + -Dntlm=enabled +%meson_build %install -%make_install -# library uses dlsym not ltdl -find "%buildroot" -type f -name "*.la" -delete - -%post -n %lname -p /sbin/ldconfig -%postun -n %lname -p /sbin/ldconfig - -%files -n %lname -%defattr(-,root,root) -%doc README AUTHORS ChangeLog -%license COPYING -%_libdir/%lname-plugins/ -%{_libdir}/libesmtp.*so.* +%meson_install + +%post -n %{lname} -p /sbin/ldconfig +%postun -n %{lname} -p /sbin/ldconfig + +%files -n %{lname} +%license LICENSE +%doc README.md docs/* +%{_libdir}/esmtp-plugins-%{so_ver} +%{_libdir}/libesmtp.so.%{so_ver} %files devel -%defattr(-,root,root) -%{_bindir}/libesmtp-config %{_includedir}/*.h -%{_libdir}/libesmtp.*so +%{_libdir}/libesmtp.so +%{_libdir}/pkgconfig/libesmtp-1.0.pc %changelog ++++++ add_ntlm.patch ++++++ >From 1c304e7886a08fb56485e41614ff3f8685afb59d Mon Sep 17 00:00:00 2001 From: Jiaqing Zhao <jiaqing.z...@intel.com> Date: Tue, 8 Mar 2022 15:05:32 +0000 Subject: [PATCH] Add build option for NTLM support Currently, NTLM plugin is built by default when openssl is available and STARTTLS is enabled. But in libesmtp 1.0.6, there is a separate build option. This commits adds the 'ntlm' option back. It's also disabled by default. Like 1.0.6, it will check openssl MD4 algorithm support as MD4 is insecure and modern systems may drop MD4 support. Signed-off-by: Jiaqing Zhao <jiaqing.z...@intel.com> --- meson.build | 13 ++++++++++--- meson_options.txt | 1 + ntlm/meson.build | 2 +- 3 files changed, 12 insertions(+), 4 deletions(-) Index: libESMTP-1.1.0/meson.build =================================================================== --- libESMTP-1.1.0.orig/meson.build +++ libESMTP-1.1.0/meson.build @@ -63,6 +63,7 @@ add_project_arguments(cc.get_supported_a ################################################################################ dldep = cc.find_library('dl') ssldep = dependency('openssl', version : '>=1.1.0', required : get_option('tls')) +ntlmdep = dependency('openssl', version : '>=1.1.0', required : get_option('ntlm')) threaddep = dependency('threads', required : get_option('pthreads')) #XXX add test for libbind9.so @@ -71,6 +72,7 @@ lwresdep = cc.find_library('lwres', requ deps = [ dldep, ssldep, + ntlmdep, threaddep, lwresdep, ] @@ -220,8 +222,12 @@ include_dir = include_directories('.') subdir('login') subdir('plain') subdir('crammd5') -if ssldep.found() - subdir('ntlm') +if ntlmdep.found() + if cc.has_header('openssl/md4.h') and cc.has_function('MD4_Init', dependencies : ntlmdep) + subdir('ntlm') + else + error('MD4 is not supported in current openssl, unable to build NTLM plugin') + endif endif ################################################################################ @@ -247,4 +253,5 @@ summary({'current:revision:age': libesmt 'STARTTLS': ssldep.found(), 'CHUNKING': get_option('bdat'), 'ETRN': get_option('etrn'), - 'XUSR': get_option('xusr')}) + 'XUSR': get_option('xusr'), + 'NTLM': ntlmdep.found()}) Index: libESMTP-1.1.0/meson_options.txt =================================================================== --- libESMTP-1.1.0.orig/meson_options.txt +++ libESMTP-1.1.0/meson_options.txt @@ -5,3 +5,4 @@ option('lwres', type : 'feature', value option('bdat', type : 'boolean', value : 'true', description : 'enable SMTP BDAT extension') option('etrn', type : 'boolean', value : 'true', description : 'enable SMTP ETRN extension') option('xusr', type : 'boolean', value : 'true', description : 'enable sendmail XUSR extension') +option('ntlm', type : 'feature', value : 'disabled', description : 'build with support for NTLM authentication') Index: libESMTP-1.1.0/ntlm/meson.build =================================================================== --- libESMTP-1.1.0.orig/ntlm/meson.build +++ libESMTP-1.1.0/ntlm/meson.build @@ -5,7 +5,7 @@ sasl_ntlm_sources = [ 'ntlmstruct.c', ] -ntlm_deps = [ ssldep, ] +ntlm_deps = [ ntlmdep, ] sasl_ntlm = shared_module('ntlm', sasl_ntlm_sources, name_prefix : 'sasl-',
