commit: ff36e4f6862f3949e3bfedd7bb352cd9d0602ffe Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> AuthorDate: Sat Mar 30 17:02:56 2019 +0000 Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> CommitDate: Sat Mar 30 17:02:56 2019 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ff36e4f6
mail-filter/procmail: replace patch for CVE-2014-3618 Fixes an infinite loop. Bug: https://bugs.gentoo.org/638108 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org> .../files/procmail-3.22-CVE-2014-3618.patch | 18 ++++++++++++++++ .../files/procmail-3.22-CVE-2017-16844.patch | 13 +++++++++++ .../files/procmail-CVE-2014-3618-16844.patch | 25 ---------------------- ...il-3.22-r13.ebuild => procmail-3.22-r14.ebuild} | 3 ++- 4 files changed, 33 insertions(+), 26 deletions(-) diff --git a/mail-filter/procmail/files/procmail-3.22-CVE-2014-3618.patch b/mail-filter/procmail/files/procmail-3.22-CVE-2014-3618.patch new file mode 100644 index 00000000000..124d1f99685 --- /dev/null +++ b/mail-filter/procmail/files/procmail-3.22-CVE-2014-3618.patch @@ -0,0 +1,18 @@ +diff --git a/src/formisc.c b/src/formisc.c +index 338733b..c48df52 100644 +--- a/src/formisc.c ++++ b/src/formisc.c +@@ -84,12 +84,11 @@ normal: *target++= *start++; + case '"':*target++=delim='"';start++; + } + ;{ int i; +- do ++ while(*start) /* anything? */ + if((i= *target++= *start++)==delim) /* corresponding delimiter? */ + break; + else if(i=='\\'&&*start) /* skip quoted character */ + *target++= *start++; +- while(*start); /* anything? */ + } + hitspc=2; + } diff --git a/mail-filter/procmail/files/procmail-3.22-CVE-2017-16844.patch b/mail-filter/procmail/files/procmail-3.22-CVE-2017-16844.patch new file mode 100644 index 00000000000..5e610d723da --- /dev/null +++ b/mail-filter/procmail/files/procmail-3.22-CVE-2017-16844.patch @@ -0,0 +1,13 @@ +diff --git a/src/formisc.c b/src/formisc.c +index 5c2869d..54fd013 100644 +--- a/src/formisc.c ++++ b/src/formisc.c +@@ -103,7 +103,7 @@ void loadsaved(sp)const struct saved*const sp; /* load some saved text */ + } + /* append to buf */ + void loadbuf(text,len)const char*const text;const size_t len; +-{ if(buffilled+len>buflen) /* buf can't hold the text */ ++{ while(buffilled+len>buflen) /* buf can't hold the text */ + buf=realloc(buf,buflen+=Bsize); + tmemmove(buf+buffilled,text,len);buffilled+=len; + } diff --git a/mail-filter/procmail/files/procmail-CVE-2014-3618-16844.patch b/mail-filter/procmail/files/procmail-CVE-2014-3618-16844.patch deleted file mode 100644 index 4f1714063c9..00000000000 --- a/mail-filter/procmail/files/procmail-CVE-2014-3618-16844.patch +++ /dev/null @@ -1,25 +0,0 @@ ---- a/src/formisc.c 2019-03-23 19:52:18.450174402 -0400 -+++ b/src/formisc.c 2019-03-23 19:52:47.914351039 -0400 -@@ -84,12 +84,11 @@ - case '"':*target++=delim='"';start++; - } - ;{ int i; -- do -+ while(*start); - if((i= *target++= *start++)==delim) /* corresponding delimiter? */ - break; - else if(i=='\\'&&*start) /* skip quoted character */ - *target++= *start++; -- while(*start); /* anything? */ - } - hitspc=2; - } -@@ -104,7 +103,7 @@ - } - /* append to buf */ - void loadbuf(text,len)const char*const text;const size_t len; --{ if(buffilled+len>buflen) /* buf can't hold the text */ -+{ while(buffilled+len>buflen) /* buf can't hold the text */ - buf=realloc(buf,buflen+=Bsize); - tmemmove(buf+buffilled,text,len);buffilled+=len; - } diff --git a/mail-filter/procmail/procmail-3.22-r13.ebuild b/mail-filter/procmail/procmail-3.22-r14.ebuild similarity index 97% rename from mail-filter/procmail/procmail-3.22-r13.ebuild rename to mail-filter/procmail/procmail-3.22-r14.ebuild index 9534c350bf8..d99a4ffde72 100644 --- a/mail-filter/procmail/procmail-3.22-r13.ebuild +++ b/mail-filter/procmail/procmail-3.22-r14.ebuild @@ -56,7 +56,8 @@ src_prepare() { eapply "${FILESDIR}/${PN}-3.22-glibc-2.10.patch" # Fix security bugs #522114 and #638108 - eapply "${FILESDIR}/${PN}-CVE-2014-3618-16844.patch" + eapply "${FILESDIR}/${PN}-3.22-CVE-2014-3618.patch" + eapply "${FILESDIR}/${PN}-3.22-CVE-2017-16844.patch" eapply "${FILESDIR}/${PN}-3.22-crash-fix.patch"
