Git-Url:
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-1.0.git;a=commitdiff;h=c4720ab81beb785d3d0aabc73e9c09c607ab72f0
commit c4720ab81beb785d3d0aabc73e9c09c607ab72f0
Author: Miklos Vajna <vmik...@frugalware.org>
Date: Sat May 30 13:22:35 2009 +0200
squirrelmail-1.4.17-3anacreon1-i686
- backport 41a7638
- closes #3779
diff --git a/source/network-extra/squirrelmail/CVE-2009-1579.patch
b/source/network-extra/squirrelmail/CVE-2009-1579.patch
new file mode 100644
index 0000000..94caafc
--- /dev/null
+++ b/source/network-extra/squirrelmail/CVE-2009-1579.patch
@@ -0,0 +1,12 @@
+--- squirrelmail/functions/imap_general.php 2009/05/11 22:08:25 13673
++++ squirrelmail/functions/imap_general.php 2009/05/11 22:17:35 13674
+@@ -973,7 +973,8 @@
+ * LDAP whatever way to find the users IMAP server.
+ */
+ function map_yp_alias($username) {
++ $escusername = escapeshellarg($username);
++ $yp = `ypmatch $escusername aliases`;
+- $yp = `ypmatch $username aliases`;
+ return chop(substr($yp, strlen($username)+1));
+ }
+
diff --git a/source/network-extra/squirrelmail/FrugalBuild
b/source/network-extra/squirrelmail/FrugalBuild
index 83902a6..7f3d8c7 100644
--- a/source/network-extra/squirrelmail/FrugalBuild
+++ b/source/network-extra/squirrelmail/FrugalBuild
@@ -6,7 +6,7 @@ pkgname=squirrelmail
pkgver=1.4.17
pkgextraver=
compatpluginver=2.0.9-1.0
-pkgrel=2anacreon1
+pkgrel=3anacreon1
pkgdesc="SquirrelMail is a standards-based webmail package written in PHP"
rodepends=('php' 'php-pear-db')
backup=(var/www/squirrelmail/config/config.php \
@@ -20,14 +20,16 @@ if [ "x$pkgextraver" == "x" ]; then
else
up2date="lynx -dump http://www.squirrelmail.org/download.php|grep
'squirrelmail-'|sed -n 's/.*squirrelmail-\(.*\)\.t.*/\1/; 1 p' |sed
s/$pkgextraver//"
fi
-source=($source
http://www.$pkgname.org/plugins/compatibility-$compatpluginver.tar.gz
README.Frugalware)
+source=($source
http://www.$pkgname.org/plugins/compatibility-$compatpluginver.tar.gz
README.Frugalware CVE-2009-1579.patch)
sha1sums=('ac2ed4ac009405b3ab256b3b6724d7368082bee1' \
'25779cf0d97b10b9dfe41c2580b723eb6bcb5f9e' \
- '1bfe33f98b235076efc97764d8b0224fb1141f65')
+ '1bfe33f98b235076efc97764d8b0224fb1141f65' \
+ '5ec737e80c9c1837fcbff07698b6cd292b4da768')
build()
{
Fcd ${pkgname}-${pkgver}${pkgextraver}
+ Fpatchall
Fmkdir /var/www/ /usr/share/$pkgname
Fcpr ${pkgname}-${pkgver}${pkgextraver}/* usr/share/${pkgname}/
Fln /usr/share/${pkgname} /var/www/squirrelmail
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git
