From: Jason A. Donenfeld Date: Mon, 5 Oct 2015 08:42:58 +0000 (+0200) Subject: mail-mta/opensmtpd: bump release for urgent security issue X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=3f8e2fe24f3ff174d8515b82607e951e054f68f6;p=gentoo.git mail-mta/opensmtpd: bump release for urgent security issue Committing this as stable and removing the old version too, because it's being exploited in the wild. Package-Manager: portage-2.2.22 --- diff --git a/mail-mta/opensmtpd/files/opensmtpd-5.7.2-remote-header-crash.patch b/mail-mta/opensmtpd/files/opensmtpd-5.7.2-remote-header-crash.patch new file mode 100644 index 000000000000..f9da33b5f2aa --- /dev/null +++ b/mail-mta/opensmtpd/files/opensmtpd-5.7.2-remote-header-crash.patch @@ -0,0 +1,26 @@ +diff --git a/smtpd/filter.c b/smtpd/filter.c +index 062f00f..8af6eab 100644 +--- a/smtpd/filter.c ++++ b/smtpd/filter.c +@@ -726,7 +726,6 @@ filter_tx_io(struct io *io, int evt) + struct filter_session *s = io->arg; + size_t len, n; + char *data; +- char buf[65535]; + + log_trace(TRACE_FILTERS, "filter: filter_tx_io(%p, %s)", s, io_strevent(evt)); + +@@ -734,10 +733,9 @@ filter_tx_io(struct io *io, int evt) + case IO_DATAIN: + data = iobuf_data(&s->ibuf); + len = iobuf_len(&s->ibuf); +- memmove(buf, data, len); +- buf[len] = 0; +- log_trace(TRACE_FILTERS, "filter: filter_tx_io: datain (%zu) for req %016"PRIx64": %s", +- len, s->id, buf); ++ ++ log_trace(TRACE_FILTERS, "filter: filter_tx_io: datain (%zu) for req %016"PRIx64"", ++ len, s->id); + + n = fwrite(data, 1, len, s->ofile); + if (n != len) { diff --git a/mail-mta/opensmtpd/opensmtpd-5.7.2_p1.ebuild b/mail-mta/opensmtpd/opensmtpd-5.7.2_p1-r1.ebuild similarity index 97% rename from mail-mta/opensmtpd/opensmtpd-5.7.2_p1.ebuild rename to mail-mta/opensmtpd/opensmtpd-5.7.2_p1-r1.ebuild index fe35e0f7025a..deba857e02ce 100644 --- a/mail-mta/opensmtpd/opensmtpd-5.7.2_p1.ebuild +++ b/mail-mta/opensmtpd/opensmtpd-5.7.2_p1-r1.ebuild @@ -47,6 +47,8 @@ src_prepare() { # Use /run instead of /var/run sed -i -e '/pidfile_path/s:_PATH_VARRUN:"/run/":' openbsd-compat/pidfile.c || die + epatch "${FILESDIR}"/"${PN}"-5.7.2-remote-header-crash.patch + epatch_user eautoreconf }