The same patch seems valid for OPENBSD_5_6, btw. Could I have test reports?
Log message: > SECURITY update to s-nail-14.7.10. > Fixes for CVE-2004-2771 and CVE-2014-7844 ("shell command injection via > crafted email addresses"). Index: Makefile =================================================================== RCS file: /cvs/ports/mail/s-nail/Makefile,v retrieving revision 1.9 diff -u -p -r1.9 Makefile --- Makefile 21 Apr 2014 14:00:22 -0000 1.9 +++ Makefile 2 Jan 2015 07:55:19 -0000 @@ -2,16 +2,15 @@ COMMENT= enhanced, MIME capable Berkeley Mail -DISTNAME= s-nail-14.4.5 +DISTNAME= s-nail-14.7.10 DISTFILES= ${DISTNAME:S/./_/g}.tar.gz CATEGORIES= mail HOMEPAGE= http://sdaoden.users.sourceforge.net/code.html#s-nail -REVISION= 0 # BSD PERMIT_PACKAGE_CDROM= Yes -WANTLIB += c crypto idn ssl +WANTLIB += c crypto edit idn ssl termcap MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=s-nail/} MAINTAINER= William Yodlowsky <will...@openbsd.org> @@ -19,12 +18,14 @@ MAINTAINER= William Yodlowsky <william@ MODULES= converters/libiconv MAKE_FILE= makefile -MAKE_FLAGS= CFLAGS="${CFLAGS}" \ +MAKE_FLAGS= CC="${CC}" \ + CFLAGS="${CFLAGS}" \ C_INCLUDE_PATH="${LOCALBASE}/include" \ LDFLAGS="${LDFLAGS}" \ LD_LIBRARY_PATH=${LOCALBASE}/lib \ SYSCONFDIR="${SYSCONFDIR}" \ WANT_EDITLINE=1 +MAKE_ENV= VERBOSE=Yes LIB_DEPENDS= devel/libidn Index: distinfo =================================================================== RCS file: /cvs/ports/mail/s-nail/distinfo,v retrieving revision 1.5 diff -u -p -r1.5 distinfo --- distinfo 8 Nov 2013 01:31:34 -0000 1.5 +++ distinfo 2 Jan 2015 07:31:39 -0000 @@ -1,2 +1,2 @@ -SHA256 (s-nail-14_4_5.tar.gz) = tKkKHjIUH786tSjw2KPiXhIQOqkQTjxqoXe4cwxpxmw= -SIZE (s-nail-14_4_5.tar.gz) = 396305 +SHA256 (s-nail-14_7_10.tar.gz) = BL6mBWW6yXccmr0d9eXGULeQVaDAnAkyKEVB60clzUg= +SIZE (s-nail-14_7_10.tar.gz) = 523565 Index: patches/patch-mk-mk_in =================================================================== RCS file: patches/patch-mk-mk_in diff -N patches/patch-mk-mk_in --- patches/patch-mk-mk_in 8 Nov 2013 01:31:34 -0000 1.2 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,12 +0,0 @@ -$OpenBSD: patch-mk-mk_in,v 1.2 2013/11/08 01:31:34 william Exp $ ---- mk-mk.in.orig Sat Oct 19 16:19:39 2013 -+++ mk-mk.in Thu Nov 7 07:16:49 2013 -@@ -16,7 +16,7 @@ EXT_CFLAGS = -std=c89 -O2 -g \ - - .SUFFIXES: .o .c .y - .c.o: -- @echo CC $(<); $(CC) $(CFLAGS) $(INCLUDES) -c $(<) -+ $(CC) $(CFLAGS) $(INCLUDES) -c $(<) - .c .y: ; - - all: echoes $(UAGENT) Index: patches/patch-nail_rc =================================================================== RCS file: /cvs/ports/mail/s-nail/patches/patch-nail_rc,v retrieving revision 1.3 diff -u -p -r1.3 patch-nail_rc --- patches/patch-nail_rc 8 Nov 2013 01:31:34 -0000 1.3 +++ patches/patch-nail_rc 2 Jan 2015 07:33:50 -0000 @@ -1,14 +1,14 @@ $OpenBSD: patch-nail_rc,v 1.3 2013/11/08 01:31:34 william Exp $ ---- nail.rc.orig Sat Oct 19 16:19:39 2013 -+++ nail.rc Thu Nov 7 07:14:25 2013 -@@ -20,6 +20,9 @@ set append - # Ask for a message subject. - set ask +--- nail.rc.orig Thu Dec 18 14:49:46 2014 ++++ nail.rc Fri Jan 2 08:33:46 2015 +@@ -41,6 +41,9 @@ set ask + # *header* on a per-folder basis (it is meaningless unless *header* is set) + set bsdannounce +# Use the traditional BSD Mail interface style. +set bsdcompat + - # Assume a CRT-like terminal and invoke a pager. - set crt - + # Uncomment this in order to get coloured output in $PAGER. + # (Coloured output is only used if $TERM is either found in *colour-terms* + # or includes the string "color") Index: patches/patch-openssl_c =================================================================== RCS file: patches/patch-openssl_c diff -N patches/patch-openssl_c --- patches/patch-openssl_c 19 Apr 2014 15:57:17 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,19 +0,0 @@ -$OpenBSD: patch-openssl_c,v 1.1 2014/04/19 15:57:17 sthen Exp $ ---- openssl.c.orig Sat Apr 19 16:51:05 2014 -+++ openssl.c Sat Apr 19 16:51:50 2014 -@@ -123,14 +123,7 @@ ssl_rand_init(void) - char *cp, *x; - int state = 0; - -- if ((cp = value("ssl-rand-egd")) != NULL) { -- if ((x = file_expand(cp)) == NULL || RAND_egd(cp = x) == -1) -- fprintf(stderr, tr(245, -- "entropy daemon at \"%s\" not available\n"), -- cp); -- else -- state = 1; -- } else if ((cp = value("ssl-rand-file")) != NULL) { -+ if ((cp = value("ssl-rand-file")) != NULL) { - if ((x = file_expand(cp)) == NULL || - RAND_load_file(cp = x, 1024) == -1) - fprintf(stderr, tr(246, -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE