[gentoo-commits] repo/gentoo:master commit in: mail-filter/opendmarc/, mail-filter/opendmarc/files/
commit: 00e2b5b66dfbd80001a280ef9e3c066903d70ffb
Author: Fabian Groffen gentoo org>
AuthorDate: Fri Jan 26 20:20:48 2024 +
Commit: Fabian Groffen gentoo org>
CommitDate: Fri Jan 26 20:21:43 2024 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=00e2b5b6
mail-filter/opendmarc-1.4.1.1-r6: add patch for arc-seal headers crash
Closes: https://bugs.gentoo.org/900521
Signed-off-by: Fabian Groffen gentoo.org>
.../files/opendmarc-1.4.1.1-arc-seal-crash.patch | 38 ++
...4.1.1-r4.ebuild => opendmarc-1.4.1.1-r6.ebuild} | 7 ++--
2 files changed, 42 insertions(+), 3 deletions(-)
diff --git a/mail-filter/opendmarc/files/opendmarc-1.4.1.1-arc-seal-crash.patch
b/mail-filter/opendmarc/files/opendmarc-1.4.1.1-arc-seal-crash.patch
new file mode 100644
index ..7f96512fe45c
--- /dev/null
+++ b/mail-filter/opendmarc/files/opendmarc-1.4.1.1-arc-seal-crash.patch
@@ -0,0 +1,38 @@
+https://github.com/trusteddomainproject/OpenDMARC/issues/183
+https://bugs.gentoo.org/900521
+
+--- a/opendmarc/opendmarc-arcseal.h2021-04-30 17:34:43.0 +0100
b/opendmarc/opendmarc-arcseal.h2021-06-25 14:23:01.725593770 +0100
+@@ -32,7 +32,7 @@
+ /* max header tag value length (short) */
+ #define OPENDMARC_ARCSEAL_MAX_SHORT_VALUE_LEN 256
+ /* max header tag value length (long) */
+-#define OPENDMARC_ARCSEAL_MAX_LONG_VALUE_LEN 512
++#define OPENDMARC_ARCSEAL_MAX_LONG_VALUE_LEN 768
+
+ /* names and field labels */
+ #define OPENDMARC_ARCSEAL_HDRNAME "ARC-Seal"
+--- a/opendmarc/opendmarc-arcseal.c2021-04-30 17:34:43.0 +0100
b/opendmarc/opendmarc-arcseal.c2021-06-25 14:27:10.689908703 +0100
+@@ -29,7 +29,7 @@
+ #include "opendmarc.h"
+
+ #define OPENDMARC_ARCSEAL_MAX_FIELD_NAME_LEN 255
+-#define OPENDMARC_ARCSEAL_MAX_TOKEN_LEN 512
++#define OPENDMARC_ARCSEAL_MAX_TOKEN_LEN 768
+
+ /* tables */
+ struct opendmarc_arcseal_lookup
+@@ -167,7 +167,12 @@ opendmarc_arcseal_parse(u_char *hdr, str
+ if (*token_ptr == '\0')
+ return 0;
+ tag_label = strsep(_ptr, "=");
++ if (token_ptr == NULL)
++ return 0;
++
+ tag_value = opendmarc_arcseal_strip_whitespace(token_ptr);
++ if (tag_value == NULL)
++ return 0;
+
+ tag_code = opendmarc_arcseal_convert(as_tags, tag_label);
+
diff --git a/mail-filter/opendmarc/opendmarc-1.4.1.1-r4.ebuild
b/mail-filter/opendmarc/opendmarc-1.4.1.1-r6.ebuild
similarity index 89%
rename from mail-filter/opendmarc/opendmarc-1.4.1.1-r4.ebuild
rename to mail-filter/opendmarc/opendmarc-1.4.1.1-r6.ebuild
index e0d08ea8755b..27b732ba2fb5 100644
--- a/mail-filter/opendmarc/opendmarc-1.4.1.1-r4.ebuild
+++ b/mail-filter/opendmarc/opendmarc-1.4.1.1-r6.ebuild
@@ -12,11 +12,11 @@ S="${WORKDIR}/OpenDMARC-rel-${PN}-${PV//./-}"
LICENSE="BSD"
SLOT="0/3" # 1.4 has API breakage with 1.3, yet uses same soname
-KEYWORDS="~alpha amd64 arm ~arm64 ~hppa ~ia64 ppc ppc64 sparc x86"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
IUSE="spf +reports"
-DEPEND="reports? ( dev-perl/DBI )
- || ( mail-filter/libmilter mail-mta/sendmail )"
+DEPEND="mail-filter/libmilter:=
+ reports? ( dev-perl/DBI )"
RDEPEND="${DEPEND}
acct-user/opendmarc
reports? (
@@ -29,6 +29,7 @@ RDEPEND="${DEPEND}
PATCHES=(
"${FILESDIR}"/${PN}-1.4.1.1-CVE-2021-34555.patch
"${FILESDIR}"/${PN}-1.4.1.1-underlinking.patch
+ "${FILESDIR}"/${PN}-1.4.1.1-arc-seal-crash.patch
)
src_prepare() {
[gentoo-commits] repo/gentoo:master commit in: mail-filter/opendmarc/, mail-filter/opendmarc/files/
commit: 5cdf10e604f2bfdd5663aa2e23c55dce8cf44321
Author: Fabian Groffen gentoo org>
AuthorDate: Sun Aug 8 06:54:58 2021 +
Commit: Fabian Groffen gentoo org>
CommitDate: Sun Aug 8 06:55:11 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5cdf10e6
mail-filter/opendmarc-1.4.1.1-r2: bump for CVE-2021-34555
Bug: https://bugs.gentoo.org/797214
Package-Manager: Portage-3.0.20, Repoman-3.0.2
Signed-off-by: Fabian Groffen gentoo.org>
.../files/opendmarc-1.4.1.1-CVE-2021-34555.patch | 87 ++
mail-filter/opendmarc/opendmarc-1.4.1.1-r2.ebuild | 70 +
2 files changed, 157 insertions(+)
diff --git a/mail-filter/opendmarc/files/opendmarc-1.4.1.1-CVE-2021-34555.patch
b/mail-filter/opendmarc/files/opendmarc-1.4.1.1-CVE-2021-34555.patch
new file mode 100644
index 000..2bf87ffbde0
--- /dev/null
+++ b/mail-filter/opendmarc/files/opendmarc-1.4.1.1-CVE-2021-34555.patch
@@ -0,0 +1,87 @@
+From afa44abe68afe5ce29b6418538a60a642f39e459 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?David=20B=C3=BCrgin?=
+Date: Thu, 3 Jun 2021 21:59:55 +0200
+Subject: [PATCH 1/3] Fix multi-value From handling logic
+
+Fixes #175
+---
+ opendmarc/opendmarc.c | 10 +-
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/opendmarc/opendmarc.c b/opendmarc/opendmarc.c
+index 65f6b49..bc38103 100644
+--- a/opendmarc/opendmarc.c
b/opendmarc/opendmarc.c
+@@ -2479,12 +2479,12 @@ mlfi_eom(SMFICTX *ctx)
+ syslog(LOG_ERR,
+ "%s: multi-valued From field detected",
+ dfc->mctx_jobid);
+- }
+
+- if (conf->conf_reject_multi_from)
+- return SMFIS_REJECT;
+- else
+- return SMFIS_ACCEPT;
++ if (conf->conf_reject_multi_from)
++ return SMFIS_REJECT;
++ else
++ return SMFIS_ACCEPT;
++ }
+ }
+
+ user = users[0];
+
+From 4ea4b219c6c93dbfd512b1caa433f5a810fdb436 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?David=20B=C3=BCrgin?=
+Date: Thu, 3 Jun 2021 22:01:34 +0200
+Subject: [PATCH 2/3] Guard syslog call with conf_dolog flag
+
+---
+ opendmarc/opendmarc.c | 9 ++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/opendmarc/opendmarc.c b/opendmarc/opendmarc.c
+index bc38103..fb3d4b9 100644
+--- a/opendmarc/opendmarc.c
b/opendmarc/opendmarc.c
+@@ -2476,9 +2476,12 @@ mlfi_eom(SMFICTX *ctx)
+ {
+ if (strcasecmp(domains[0], domains[c]) != 0)
+ {
+- syslog(LOG_ERR,
+- "%s: multi-valued From field detected",
+- dfc->mctx_jobid);
++ if (conf->conf_dolog)
++ {
++ syslog(LOG_ERR,
++ "%s: multi-valued From field
detected",
++ dfc->mctx_jobid);
++ }
+
+ if (conf->conf_reject_multi_from)
+ return SMFIS_REJECT;
+
+From 1245589ad44baadb3eb18ce110932da8c6fe286c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?David=20B=C3=BCrgin?=
+Date: Wed, 9 Jun 2021 19:18:21 +0200
+Subject: [PATCH 3/3] Skip null domains when checking multi-value From header
+
+---
+ opendmarc/opendmarc.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/opendmarc/opendmarc.c b/opendmarc/opendmarc.c
+index fb3d4b9..ffcbc3f 100644
+--- a/opendmarc/opendmarc.c
b/opendmarc/opendmarc.c
+@@ -2474,7 +2474,9 @@ mlfi_eom(SMFICTX *ctx)
+
+ for (c = 1; users[c] != NULL; c++)
+ {
+- if (strcasecmp(domains[0], domains[c]) != 0)
++ if (domains[0] != NULL
++ && domains[c] != NULL
++ && strcasecmp(domains[0], domains[c]) != 0)
+ {
+ if (conf->conf_dolog)
+ {
diff --git a/mail-filter/opendmarc/opendmarc-1.4.1.1-r2.ebuild
b/mail-filter/opendmarc/opendmarc-1.4.1.1-r2.ebuild
new file mode 100644
index 000..349716a8d7a
--- /dev/null
+++ b/mail-filter/opendmarc/opendmarc-1.4.1.1-r2.ebuild
@@ -0,0 +1,70 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools multilib systemd
+
+DESCRIPTION="Open source DMARC implementation"
+HOMEPAGE="http://www.trusteddomain.org/opendmarc/;
[gentoo-commits] repo/gentoo:master commit in: mail-filter/opendmarc/, mail-filter/opendmarc/files/
commit: 69c7c3a6972811fa55db4e302dc11fd72dd8eacc
Author: Fabian Groffen gentoo org>
AuthorDate: Thu Sep 10 08:21:06 2020 +
Commit: Fabian Groffen gentoo org>
CommitDate: Thu Sep 10 08:21:06 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=69c7c3a6
mail-filter/opendmarc-1.3.3: version bump for security, bug #734158
Bug: https://bugs.gentoo.org/734158
Package-Manager: Portage-2.3.103, Repoman-2.3.23
Signed-off-by: Fabian Groffen gentoo.org>
mail-filter/opendmarc/Manifest | 1 +
.../files/opendmarc-1.3.3-CVE-2020-12460.patch | 41
mail-filter/opendmarc/opendmarc-1.3.3.ebuild | 78 ++
3 files changed, 120 insertions(+)
diff --git a/mail-filter/opendmarc/Manifest b/mail-filter/opendmarc/Manifest
index fab6b479efb..905f6981f43 100644
--- a/mail-filter/opendmarc/Manifest
+++ b/mail-filter/opendmarc/Manifest
@@ -1 +1,2 @@
DIST opendmarc-1.3.2.tar.gz 593448 BLAKE2B
80f47a82e38c6cdc5791a695485262c50e9363b81537a52d7af204bd6a830df6eea9e9b6f710b72b7934c3ab7df800def7d4b3e54f53b8908a7f1b42bcea2b2d
SHA512
6045fb7d2be8f0ffdeca07324857d92908a41c6792749017c2fcc1058f05f55317b1919c67c780827dd7094ec8fff2e1fa4aeb5bab7ff7461537957af2652748
+DIST opendmarc-1.3.3.tar.gz 575319 BLAKE2B
72dae5553fea9a51d860aaac6d85171a245584a74134df2249217a88f3da04c4eb518141f6342e281c6a9186345d69a34b585dc3ed18bdb53313374db505f4f5
SHA512
bb4bf8e3ad2d1732b07e55316819d4fd708e529b54a336d7d00763e13bfc62580bb1b30f132fa786dbca15e526e8dd5e146c7be454e1c42714a9f57126fc5e12
diff --git a/mail-filter/opendmarc/files/opendmarc-1.3.3-CVE-2020-12460.patch
b/mail-filter/opendmarc/files/opendmarc-1.3.3-CVE-2020-12460.patch
new file mode 100644
index 000..334c11d5302
--- /dev/null
+++ b/mail-filter/opendmarc/files/opendmarc-1.3.3-CVE-2020-12460.patch
@@ -0,0 +1,41 @@
+From 50d28af25d8735504b6103537228ce7f76ad765f Mon Sep 17 00:00:00 2001
+From: "Murray S. Kucherawy"
+Date: Wed, 5 Aug 2020 21:56:01 +
+Subject: [PATCH] In opendmarc_xml_parse(), ensure NULL-termination of the
+ buffer passed to opendmarc_xml().
+
+---
+ libopendmarc/opendmarc_xml.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/libopendmarc/opendmarc_xml.c b/libopendmarc/opendmarc_xml.c
+index 26bb9dc..b3ac55a 100644
+--- a/libopendmarc/opendmarc_xml.c
b/libopendmarc/opendmarc_xml.c
+@@ -158,7 +158,7 @@ opendmarc_xml(char *b, size_t blen, char *e, size_t elen)
+ if (*cp != '<')
+ continue;
+ ++cp;
+- for(sp = cp; *sp != '\0'; ++sp)
++ for (sp = cp; *sp != '\0'; ++sp)
+ {
+ if (*sp == '?')
+ break;
+@@ -546,7 +546,7 @@ opendmarc_xml_parse(char *fname, char *err_buf, size_t
err_len)
+ if (fname == NULL)
+ {
+ xerror = errno;
+- (void) snprintf(err_buf, err_len, "%s: %s", fname, "File name
was NULL");
++ (void) snprintf(err_buf, err_len, "%s", "File name was NULL");
+ errno = EINVAL;
+ return NULL;
+ }
+@@ -572,7 +572,7 @@ opendmarc_xml_parse(char *fname, char *err_buf, size_t
err_len)
+ return NULL;
+ }
+
+- bufp = calloc(statb.st_size, 1);
++ bufp = calloc(statb.st_size + 1, 1);
+ if (bufp == NULL)
+ {
+ xerror = errno;
diff --git a/mail-filter/opendmarc/opendmarc-1.3.3.ebuild
b/mail-filter/opendmarc/opendmarc-1.3.3.ebuild
new file mode 100644
index 000..c572a891d2e
--- /dev/null
+++ b/mail-filter/opendmarc/opendmarc-1.3.3.ebuild
@@ -0,0 +1,78 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools user multilib systemd
+
+DESCRIPTION="Open source DMARC implementation "
+HOMEPAGE="http://www.trusteddomain.org/opendmarc/;
+SRC_URI="https://github.com/trusteddomainproject/OpenDMARC/archive/rel-${PN}-${PV//./-}.tar.gz
-> ${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+IUSE="spf +reports static-libs"
+
+DEPEND="reports? ( dev-perl/DBI )
+ || ( mail-filter/libmilter mail-mta/sendmail )"
+RDEPEND="${DEPEND}
+ reports? (
+ dev-perl/DBD-mysql
+ dev-perl/HTTP-Message
+ dev-perl/Switch
+ )
+ spf? ( mail-filter/libspf2 )"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-1.3.2-multiple-From.patch
+ "${FILESDIR}"/${PN}-1.3.3-CVE-2020-12460.patch
+)
+
+S=${WORKDIR}/OpenDMARC-rel-${PN}-${PV//./-}
+
+pkg_setup() {
+ enewgroup milter
+ enewuser milter -1 -1 /var/lib/milter milter
+}
+
+src_prepare() {
+ default
+
+ # fix issue after they removed docs
+ sed -i -e '/^\s\+docs\/Makefile/d' configure.ac || die
+
+ eautoreconf
+ if use !reports ;
