summaryrefslogtreecommitdiff
path: root/user/mailx/mailx-12.4-cve.patch
diff options
context:
space:
mode:
Diffstat (limited to 'user/mailx/mailx-12.4-cve.patch')
-rw-r--r--user/mailx/mailx-12.4-cve.patch232
1 files changed, 0 insertions, 232 deletions
diff --git a/user/mailx/mailx-12.4-cve.patch b/user/mailx/mailx-12.4-cve.patch
deleted file mode 100644
index fa6d51197..000000000
--- a/user/mailx/mailx-12.4-cve.patch
+++ /dev/null
@@ -1,232 +0,0 @@
-Submitted By: Ken Moffat <ken at linuxfromscratch dot org>
-Date: 2014-12-27
-Initial Package Version: 12.5
-Upstream Status: Unknown
-Origin: Changes to remove SSL2 found at debian, remainder from redhat.
-Description: Removes support for SSL2 (openssl no longer supports it)
-and fixes CVE-2004-2771 [sic] and CVE-2014-7844.
-
-diff -Naur heirloom-mailx-12.5/extern.h heirloom-mailx-12.5-patched/extern.h
---- heirloom-mailx-12.5/extern.h 2011-04-26 22:23:22.000000000 +0100
-+++ heirloom-mailx-12.5-patched/extern.h 2014-12-27 01:26:59.654169487 +0000
-@@ -396,7 +396,7 @@
- int is_fileaddr(char *name);
- struct name *usermap(struct name *names);
- struct name *cat(struct name *n1, struct name *n2);
--char **unpack(struct name *np);
-+char **unpack(struct name *smopts, struct name *np);
- struct name *elide(struct name *names);
- int count(struct name *np);
- struct name *delete_alternates(struct name *np);
-diff -Naur heirloom-mailx-12.5/fio.c heirloom-mailx-12.5-patched/fio.c
---- heirloom-mailx-12.5/fio.c 2011-04-26 22:23:22.000000000 +0100
-+++ heirloom-mailx-12.5-patched/fio.c 2014-12-27 01:27:15.634561413 +0000
-@@ -43,12 +43,15 @@
- #endif /* not lint */
-
- #include "rcv.h"
-+
-+#ifndef HAVE_WORDEXP
-+#error wordexp support is required
-+#endif
-+
- #include <sys/stat.h>
- #include <sys/file.h>
- #include <sys/wait.h>
--#ifdef HAVE_WORDEXP
- #include <wordexp.h>
--#endif /* HAVE_WORDEXP */
- #include <unistd.h>
-
- #if defined (USE_NSS)
-@@ -481,7 +484,6 @@
- static char *
- globname(char *name)
- {
--#ifdef HAVE_WORDEXP
- wordexp_t we;
- char *cp;
- sigset_t nset;
-@@ -495,7 +497,7 @@
- sigemptyset(&nset);
- sigaddset(&nset, SIGCHLD);
- sigprocmask(SIG_BLOCK, &nset, NULL);
-- i = wordexp(name, &we, 0);
-+ i = wordexp(name, &we, WRDE_NOCMD);
- sigprocmask(SIG_UNBLOCK, &nset, NULL);
- switch (i) {
- case 0:
-@@ -527,65 +529,6 @@
- }
- wordfree(&we);
- return cp;
--#else /* !HAVE_WORDEXP */
-- char xname[PATHSIZE];
-- char cmdbuf[PATHSIZE]; /* also used for file names */
-- int pid, l;
-- char *cp, *shell;
-- int pivec[2];
-- extern int wait_status;
-- struct stat sbuf;
--
-- if (pipe(pivec) < 0) {
-- perror("pipe");
-- return name;
-- }
-- snprintf(cmdbuf, sizeof cmdbuf, "echo %s", name);
-- if ((shell = value("SHELL")) == NULL)
-- shell = SHELL;
-- pid = start_command(shell, 0, -1, pivec[1], "-c", cmdbuf, NULL);
-- if (pid < 0) {
-- close(pivec[0]);
-- close(pivec[1]);
-- return NULL;
-- }
-- close(pivec[1]);
--again:
-- l = read(pivec[0], xname, sizeof xname);
-- if (l < 0) {
-- if (errno == EINTR)
-- goto again;
-- perror("read");
-- close(pivec[0]);
-- return NULL;
-- }
-- close(pivec[0]);
-- if (wait_child(pid) < 0 && WTERMSIG(wait_status) != SIGPIPE) {
-- fprintf(stderr, catgets(catd, CATSET, 81,
-- "\"%s\": Expansion failed.\n"), name);
-- return NULL;
-- }
-- if (l == 0) {
-- fprintf(stderr, catgets(catd, CATSET, 82,
-- "\"%s\": No match.\n"), name);
-- return NULL;
-- }
-- if (l == sizeof xname) {
-- fprintf(stderr, catgets(catd, CATSET, 83,
-- "\"%s\": Expansion buffer overflow.\n"), name);
-- return NULL;
-- }
-- xname[l] = 0;
-- for (cp = &xname[l-1]; *cp == '\n' && cp > xname; cp--)
-- ;
-- cp[1] = '\0';
-- if (strchr(xname, ' ') && stat(xname, &sbuf) < 0) {
-- fprintf(stderr, catgets(catd, CATSET, 84,
-- "\"%s\": Ambiguous.\n"), name);
-- return NULL;
-- }
-- return savestr(xname);
--#endif /* !HAVE_WORDEXP */
- }
-
- /*
-diff -Naur heirloom-mailx-12.5/mailx.1 heirloom-mailx-12.5-patched/mailx.1
---- heirloom-mailx-12.5/mailx.1 2011-04-26 22:23:22.000000000 +0100
-+++ heirloom-mailx-12.5-patched/mailx.1 2014-12-27 01:26:53.838026857 +0000
-@@ -656,6 +656,14 @@
- will have the system wide alias expanded
- as all mail goes through sendmail.
- .SS "Recipient address specifications"
-+If the
-+.I expandaddr
-+option is not set (the default), recipient addresses must be names of
-+local mailboxes or Internet mail addresses.
-+.PP
-+If the
-+.I expandaddr
-+option is set, the following rules apply:
- When an address is used to name a recipient
- (in any of To, Cc, or Bcc),
- names of local mail folders
-@@ -2391,6 +2399,12 @@
- If this option is set,
- \fImailx\fR starts even with an empty mailbox.
- .TP
-+.B expandaddr
-+Causes
-+.I mailx
-+to expand message recipient addresses, as explained in the section,
-+Recipient address specifications.
-+.TP
- .B flipr
- Exchanges the
- .I Respond
-@@ -3575,7 +3589,7 @@
- .TP
- .B ssl-method
- Selects a SSL/TLS protocol version;
--valid values are `ssl2', `ssl3', and `tls1'.
-+valid values are `ssl3', and `tls1'.
- If unset, the method is selected automatically,
- if possible.
- .TP
-diff -Naur heirloom-mailx-12.5/names.c heirloom-mailx-12.5-patched/names.c
---- heirloom-mailx-12.5/names.c 2011-04-26 22:23:22.000000000 +0100
-+++ heirloom-mailx-12.5-patched/names.c 2014-12-27 01:26:59.654169487 +0000
-@@ -268,6 +268,9 @@
- FILE *fout, *fin;
- int ispipe;
-
-+ if (value("expandaddr") == NULL)
-+ return names;
-+
- top = names;
- np = names;
- time(&now);
-@@ -546,7 +549,7 @@
- * Return an error if the name list won't fit.
- */
- char **
--unpack(struct name *np)
-+unpack(struct name *smopts, struct name *np)
- {
- char **ap, **top;
- struct name *n;
-@@ -561,7 +564,7 @@
- * the terminating 0 pointer. Additional spots may be needed
- * to pass along -f to the host mailer.
- */
-- extra = 2;
-+ extra = 3 + count(smopts);
- extra++;
- metoo = value("metoo") != NULL;
- if (metoo)
-@@ -578,6 +581,10 @@
- *ap++ = "-m";
- if (verbose)
- *ap++ = "-v";
-+ for (; smopts != NULL; smopts = smopts->n_flink)
-+ if ((smopts->n_type & GDEL) == 0)
-+ *ap++ = smopts->n_name;
-+ *ap++ = "--";
- for (; n != NULL; n = n->n_flink)
- if ((n->n_type & GDEL) == 0)
- *ap++ = n->n_name;
-diff -Naur heirloom-mailx-12.5/openssl.c heirloom-mailx-12.5-patched/openssl.c
---- heirloom-mailx-12.5/openssl.c 2011-04-26 22:23:22.000000000 +0100
-+++ heirloom-mailx-12.5-patched/openssl.c 2014-12-27 01:26:34.385549867 +0000
-@@ -216,9 +216,7 @@
-
- cp = ssl_method_string(uhp);
- if (cp != NULL) {
-- if (equal(cp, "ssl2"))
-- method = SSLv2_client_method();
-- else if (equal(cp, "ssl3"))
-+ if (equal(cp, "ssl3"))
- method = SSLv3_client_method();
- else if (equal(cp, "tls1"))
- method = TLSv1_client_method();
-diff -Naur heirloom-mailx-12.5/sendout.c heirloom-mailx-12.5-patched/sendout.c
---- heirloom-mailx-12.5/sendout.c 2011-04-26 22:23:22.000000000 +0100
-+++ heirloom-mailx-12.5-patched/sendout.c 2014-12-27 01:26:59.654169487 +0000
-@@ -835,7 +835,7 @@
- #endif /* HAVE_SOCKETS */
-
- if ((smtp = value("smtp")) == NULL) {
-- args = unpack(cat(mailargs, to));
-+ args = unpack(mailargs, to);
- if (debug || value("debug")) {
- printf(catgets(catd, CATSET, 181,
- "Sendmail arguments:"));