Hi, This is the diff to update mail/bogofilter to 1.2.3
This version correct (from 1.1.6) several security issues: - bogofilter-SA-2012-01/CVE-2012-5468: bogofilter/bogolexer heap buffer overrun with base64 input that decodes to invalid multi-byte characters (versions up to and including 1.2.2). - bogofilter-SA-2010-01/CVE-2010-2494: bogofilter/bogolexer heap buffer underrun (1 byte) with invalid base64 input (versions up to and including 1.2.1). The diff pass regress for all flavors (on i386). [db3] : 55 passed (2 were not run) db4 : 55 passed (2 were not run) sqlite3: 54 passed (3 were not run) qdbm : 54 passed (3 were not run) Are you ok ? Thanks. -- Sébastien Marie
Index: Makefile =================================================================== RCS file: /cvs/ports/mail/bogofilter/Makefile,v retrieving revision 1.22 diff -u -p -r1.22 Makefile --- Makefile 23 Apr 2012 17:15:18 -0000 1.22 +++ Makefile 22 Dec 2012 11:24:15 -0000 @@ -2,8 +2,7 @@ COMMENT = bayesian spam filter -DISTNAME = bogofilter-1.1.6 -REVISION = 5 +DISTNAME = bogofilter-1.2.3 CATEGORIES = mail MAINTAINER = Marc Espie <es...@openbsd.org> Index: distinfo =================================================================== RCS file: /cvs/ports/mail/bogofilter/distinfo,v retrieving revision 1.7 diff -u -p -r1.7 distinfo --- distinfo 19 Dec 2007 21:44:08 -0000 1.7 +++ distinfo 22 Dec 2012 11:24:15 -0000 @@ -1,5 +1,2 @@ -MD5 (bogofilter-1.1.6.tar.gz) = NexS5dLFjeBKHgLdzI0CUg== -RMD160 (bogofilter-1.1.6.tar.gz) = dNnLd8oRhFlB7rrhAs8PjDXoZVI= -SHA1 (bogofilter-1.1.6.tar.gz) = GwEcZ9UY/v/5q20SD1tRP84Pj8I= -SHA256 (bogofilter-1.1.6.tar.gz) = gtsImUBd4VJXkZ7wV+rQkW3rhzFnr1m+z/FfsFjwv40= -SIZE (bogofilter-1.1.6.tar.gz) = 1044042 +SHA256 (bogofilter-1.2.3.tar.gz) = JvuAejZDciNi7QLtnO6kknyhP6N78gVlxCh52V2EB60= +SIZE (bogofilter-1.2.3.tar.gz) = 1056248 Index: patches/patch-configure =================================================================== RCS file: /cvs/ports/mail/bogofilter/patches/patch-configure,v retrieving revision 1.2 diff -u -p -r1.2 patch-configure --- patches/patch-configure 19 Dec 2007 21:44:08 -0000 1.2 +++ patches/patch-configure 22 Dec 2012 11:24:15 -0000 @@ -1,17 +1,7 @@ $OpenBSD: patch-configure,v 1.2 2007/12/19 21:44:08 bernd Exp $ ---- configure.orig Sat Nov 24 05:37:19 2007 -+++ configure Fri Dec 14 18:01:09 2007 -@@ -12520,7 +12520,8 @@ echo "${ECHO_T}$ac_cv_libsqlite3_libs" >&6; } - - - -- LIBDB="$LIBSQLITE3" -+ LIBDB="$LTLIBSQLITE3" -+ LTLIBDB="$LTLIBSQLITE3" - WITH_DB_ENGINE="sqlite3" - ;; - xtokyocabinet) -@@ -13455,7 +13456,8 @@ echo "${ECHO_T}$ac_cv_libqdbm_libs" >&6; } +--- configure.orig Sat Dec 22 11:41:09 2012 ++++ configure Sat Dec 22 11:50:16 2012 +@@ -9849,7 +9849,8 @@ $as_echo "$ac_cv_libqdbm_libs" >&6; } @@ -20,44 +10,4 @@ $OpenBSD: patch-configure,v 1.2 2007/12/ + LTLIBDB="$LTLIBQDBM" saveLIBS="$LIBS" LIBS="$LIBS $LIBDB" - cat >conftest.$ac_ext <<_ACEOF -@@ -16427,7 +16429,7 @@ DISABLE_UNICODE_TRUE!$DISABLE_UNICODE_TRUE$ac_delim - DISABLE_UNICODE_FALSE!$DISABLE_UNICODE_FALSE$ac_delim - ENABLE_UNICODE_TRUE!$ENABLE_UNICODE_TRUE$ac_delim - ENABLE_UNICODE_FALSE!$ENABLE_UNICODE_FALSE$ac_delim --LIBICONV!$LIBICONV$ac_delim -+LIBICONV!$LTLIBICONV$ac_delim - LTLIBICONV!$LTLIBICONV$ac_delim - ENCODING!$ENCODING$ac_delim - DEFAULT_CHARSET!$DEFAULT_CHARSET$ac_delim -@@ -16442,13 +16444,13 @@ DISABLE_TRANSACTIONS_TRUE!$DISABLE_TRANSACTIONS_TRUE$a - DISABLE_TRANSACTIONS_FALSE!$DISABLE_TRANSACTIONS_FALSE$ac_delim - ENABLE_TRANSACTIONS_TRUE!$ENABLE_TRANSACTIONS_TRUE$ac_delim - ENABLE_TRANSACTIONS_FALSE!$ENABLE_TRANSACTIONS_FALSE$ac_delim --LIBSQLITE3!$LIBSQLITE3$ac_delim -+LIBSQLITE3!$LTLIBSQLITE3$ac_delim - LTLIBSQLITE3!$LTLIBSQLITE3$ac_delim - LIBTOKYOCABINET!$LIBTOKYOCABINET$ac_delim - LTLIBTOKYOCABINET!$LTLIBTOKYOCABINET$ac_delim --LIBQDBM!$LIBQDBM$ac_delim -+LIBQDBM!$LTLIBQDBM$ac_delim - LTLIBQDBM!$LTLIBQDBM$ac_delim --LIBDB!$LIBDB$ac_delim -+LIBDB!$LTLIBDB$ac_delim - LTLIBDB!$LTLIBDB$ac_delim - DB_EXT!$DB_EXT$ac_delim - DB_TYPE!$DB_TYPE$ac_delim -@@ -17086,9 +17088,9 @@ echo "$as_me: CFLAGS=$CFLAGS" >&6;} - echo "$as_me: LDFLAGS=$LDFLAGS" >&6;} - { echo "$as_me:$LINENO: LIBS=$LIBS" >&5 - echo "$as_me: LIBS=$LIBS" >&6;} --{ echo "$as_me:$LINENO: LIBDB=$LIBDB" >&5 --echo "$as_me: LIBDB=$LIBDB" >&6;} -+{ echo "$as_me:$LINENO: LIBDB=$LTLIBDB" >&5 -+echo "$as_me: LIBDB=$LTLIBDB" >&6;} - { echo "$as_me:$LINENO: GSL_LIBS=$GSL_LIBS" >&5 - echo "$as_me: GSL_LIBS=$GSL_LIBS" >&6;} --{ echo "$as_me:$LINENO: LIBICONV=$LIBICONV" >&5 --echo "$as_me: LIBICONV=$LIBICONV" >&6;} -+{ echo "$as_me:$LINENO: LIBICONV=$LTLIBICONV" >&5 -+echo "$as_me: LIBICONV=$LTLIBICONV" >&6;} + cat confdefs.h - <<_ACEOF >conftest.$ac_ext Index: pkg/PFRAG.qdbm =================================================================== RCS file: /cvs/ports/mail/bogofilter/pkg/PFRAG.qdbm,v retrieving revision 1.1 diff -u -p -r1.1 PFRAG.qdbm --- pkg/PFRAG.qdbm 18 Mar 2006 19:33:10 -0000 1.1 +++ pkg/PFRAG.qdbm 22 Dec 2012 11:24:15 -0000 @@ -1,2 +1,2 @@ @comment $OpenBSD: PFRAG.qdbm,v 1.1 2006/03/18 19:33:10 bernd Exp $ -bin/bogoQDBMupgrade +@bin bin/bogoQDBMupgrade Index: pkg/PLIST =================================================================== RCS file: /cvs/ports/mail/bogofilter/pkg/PLIST,v retrieving revision 1.4 diff -u -p -r1.4 PLIST --- pkg/PLIST 19 Dec 2007 21:44:08 -0000 1.4 +++ pkg/PLIST 22 Dec 2012 11:24:15 -0000 @@ -2,11 +2,11 @@ bin/bf_compact bin/bf_copy bin/bf_tar -bin/bogofilter -bin/bogolexer -bin/bogotune +@bin bin/bogofilter +@bin bin/bogolexer +@bin bin/bogotune bin/bogoupgrade -bin/bogoutil +@bin bin/bogoutil @man man/man1/bf_compact.1 @man man/man1/bf_copy.1 @man man/man1/bf_tar.1