mail/s-nail: -stable backport

Jérémie Courrèges-Anglas Tue, 06 Jan 2015 05:01:13 -0800

The same patch seems valid for OPENBSD_5_6, btw.  Could I have test
reports?


Log message:
> SECURITY update to s-nail-14.7.10.

> Fixes for CVE-2004-2771 and CVE-2014-7844 ("shell command injection via
> crafted email addresses").

Index: Makefile
===================================================================
RCS file: /cvs/ports/mail/s-nail/Makefile,v
retrieving revision 1.9
diff -u -p -r1.9 Makefile
--- Makefile    21 Apr 2014 14:00:22 -0000      1.9
+++ Makefile    2 Jan 2015 07:55:19 -0000
@@ -2,16 +2,15 @@
 
 COMMENT=               enhanced, MIME capable Berkeley Mail
 
-DISTNAME=              s-nail-14.4.5
+DISTNAME=              s-nail-14.7.10
 DISTFILES=             ${DISTNAME:S/./_/g}.tar.gz
 CATEGORIES=            mail
 HOMEPAGE=              http://sdaoden.users.sourceforge.net/code.html#s-nail
-REVISION=              0
 
 # BSD
 PERMIT_PACKAGE_CDROM=  Yes
 
-WANTLIB += c crypto idn ssl
+WANTLIB += c crypto edit idn ssl termcap
 
 MASTER_SITES=          ${MASTER_SITE_SOURCEFORGE:=s-nail/}
 MAINTAINER=            William Yodlowsky <will...@openbsd.org>
@@ -19,12 +18,14 @@ MAINTAINER=         William Yodlowsky <william@
 MODULES=               converters/libiconv
 
 MAKE_FILE=             makefile
-MAKE_FLAGS=            CFLAGS="${CFLAGS}" \
+MAKE_FLAGS=            CC="${CC}" \
+                       CFLAGS="${CFLAGS}" \
                        C_INCLUDE_PATH="${LOCALBASE}/include" \
                        LDFLAGS="${LDFLAGS}" \
                        LD_LIBRARY_PATH=${LOCALBASE}/lib \
                        SYSCONFDIR="${SYSCONFDIR}" \
                        WANT_EDITLINE=1
+MAKE_ENV=              VERBOSE=Yes
 
 LIB_DEPENDS=           devel/libidn
 
Index: distinfo
===================================================================
RCS file: /cvs/ports/mail/s-nail/distinfo,v
retrieving revision 1.5
diff -u -p -r1.5 distinfo
--- distinfo    8 Nov 2013 01:31:34 -0000       1.5
+++ distinfo    2 Jan 2015 07:31:39 -0000
@@ -1,2 +1,2 @@
-SHA256 (s-nail-14_4_5.tar.gz) = tKkKHjIUH786tSjw2KPiXhIQOqkQTjxqoXe4cwxpxmw=
-SIZE (s-nail-14_4_5.tar.gz) = 396305
+SHA256 (s-nail-14_7_10.tar.gz) = BL6mBWW6yXccmr0d9eXGULeQVaDAnAkyKEVB60clzUg=
+SIZE (s-nail-14_7_10.tar.gz) = 523565
Index: patches/patch-mk-mk_in
===================================================================
RCS file: patches/patch-mk-mk_in
diff -N patches/patch-mk-mk_in
--- patches/patch-mk-mk_in      8 Nov 2013 01:31:34 -0000       1.2
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,12 +0,0 @@
-$OpenBSD: patch-mk-mk_in,v 1.2 2013/11/08 01:31:34 william Exp $
---- mk-mk.in.orig      Sat Oct 19 16:19:39 2013
-+++ mk-mk.in   Thu Nov  7 07:16:49 2013
-@@ -16,7 +16,7 @@ EXT_CFLAGS = -std=c89 -O2 -g \
- 
- .SUFFIXES: .o .c .y
- .c.o:
--      @echo CC $(<); $(CC) $(CFLAGS) $(INCLUDES) -c $(<)
-+      $(CC) $(CFLAGS) $(INCLUDES) -c $(<)
- .c .y: ;
- 
- all: echoes $(UAGENT)
Index: patches/patch-nail_rc
===================================================================
RCS file: /cvs/ports/mail/s-nail/patches/patch-nail_rc,v
retrieving revision 1.3
diff -u -p -r1.3 patch-nail_rc
--- patches/patch-nail_rc       8 Nov 2013 01:31:34 -0000       1.3
+++ patches/patch-nail_rc       2 Jan 2015 07:33:50 -0000
@@ -1,14 +1,14 @@
 $OpenBSD: patch-nail_rc,v 1.3 2013/11/08 01:31:34 william Exp $
 
---- nail.rc.orig       Sat Oct 19 16:19:39 2013
-+++ nail.rc    Thu Nov  7 07:14:25 2013
-@@ -20,6 +20,9 @@ set append
- # Ask for a message subject.
- set ask
+--- nail.rc.orig       Thu Dec 18 14:49:46 2014
++++ nail.rc    Fri Jan  2 08:33:46 2015
+@@ -41,6 +41,9 @@ set ask
+ # *header* on a per-folder basis (it is meaningless unless *header* is set)
+ set bsdannounce
  
 +# Use the traditional BSD Mail interface style.
 +set bsdcompat
 +
- # Assume a CRT-like terminal and invoke a pager.
- set crt
- 
+ # Uncomment this in order to get coloured output in $PAGER.
+ # (Coloured output is only used if $TERM is either found in *colour-terms*
+ # or includes the string "color")
Index: patches/patch-openssl_c
===================================================================
RCS file: patches/patch-openssl_c
diff -N patches/patch-openssl_c
--- patches/patch-openssl_c     19 Apr 2014 15:57:17 -0000      1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,19 +0,0 @@
-$OpenBSD: patch-openssl_c,v 1.1 2014/04/19 15:57:17 sthen Exp $
---- openssl.c.orig     Sat Apr 19 16:51:05 2014
-+++ openssl.c  Sat Apr 19 16:51:50 2014
-@@ -123,14 +123,7 @@ ssl_rand_init(void)
-       char *cp, *x;
-       int state = 0;
- 
--      if ((cp = value("ssl-rand-egd")) != NULL) {
--              if ((x = file_expand(cp)) == NULL || RAND_egd(cp = x) == -1)
--                      fprintf(stderr, tr(245,
--                              "entropy daemon at \"%s\" not available\n"),
--                              cp);
--              else
--                      state = 1;
--      } else if ((cp = value("ssl-rand-file")) != NULL) {
-+      if ((cp = value("ssl-rand-file")) != NULL) {
-               if ((x = file_expand(cp)) == NULL ||
-                               RAND_load_file(cp = x, 1024) == -1)
-                       fprintf(stderr, tr(246,


-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

mail/s-nail: -stable backport

Reply via email to