Add patch-ak for a fetchmailconf security issue. This patch does
not impact the fetchmail package so no version bump is required.
This commit is contained in:
adrianp
parent
86b0585690
commit
13325b96ee
2 changed files with 48 additions and 1 deletions
|
|
@ -1,4 +1,4 @@
|
|||
$NetBSD: distinfo,v 1.32 2005/10/21 20:56:50 tonio Exp $
|
||||
$NetBSD: distinfo,v 1.33 2005/11/01 19:16:52 adrianp Exp $
|
||||
|
||||
SHA1 (fetchmail-6.2.5.tar.gz) = 4656ec4393ccd1c137fe7b331f77cb26b576ac0e
|
||||
RMD160 (fetchmail-6.2.5.tar.gz) = e32b91a959d0e80c4bd45a8758811cbe95a98180
|
||||
|
|
@ -13,3 +13,4 @@ SHA1 (patch-ag) = e27a4769dc804bec71b449bed7ff318d15ae8bdf
|
|||
SHA1 (patch-ah) = d6d08403b241a3e1a891faadbb36b0cd00df1398
|
||||
SHA1 (patch-ai) = 16449ab08c266936d80b8be11c93a3dd1ac5c2fe
|
||||
SHA1 (patch-aj) = 1051c1eb754b9c9cffad2eab4561791975aebbe1
|
||||
SHA1 (patch-ak) = d75b42146597a17a1ce91dddc7ed0821697d7ec2
|
||||
|
|
|
|||
46
mail/fetchmail/patches/patch-ak
Normal file
46
mail/fetchmail/patches/patch-ak
Normal file
|
|
@ -0,0 +1,46 @@
|
|||
$NetBSD: patch-ak,v 1.1 2005/11/01 19:16:52 adrianp Exp $
|
||||
|
||||
--- fetchmailconf.orig 2003-10-15 20:22:31.000000000 +0100
|
||||
+++ fetchmailconf 2005-10-21 14:48:02.000000000 +0100
|
||||
@@ -4,7 +4,19 @@
|
||||
# by Eric S. Raymond, <esr@snark.thyrsus.com>.
|
||||
# Requires Python with Tkinter, and the following OS-dependent services:
|
||||
# posix, posixpath, socket
|
||||
-version = "1.43"
|
||||
+#
|
||||
+# Changes by Matthias Andree, in 2005:
|
||||
+#
|
||||
+# 1.43.1 - unsuccessful attempt to fix a password exposure bug
|
||||
+#
|
||||
+# thanks to Thomas Wolff and Miloslav Trmac for pointing
|
||||
+# out the fix was insufficient
|
||||
+#
|
||||
+# 1.43.2 - fix password exposure bug, by restricting umask to 077
|
||||
+# before opening the file
|
||||
+# - record fetchmailconf version in output file
|
||||
+#
|
||||
+version = "1.43.2"
|
||||
|
||||
from Tkinter import *
|
||||
from Dialog import *
|
||||
@@ -858,14 +870,17 @@
|
||||
# Pre-1.5.2 compatibility...
|
||||
except os.error:
|
||||
pass
|
||||
+ old_umask = os.umask(077)
|
||||
fm = open(self.outfile, 'w')
|
||||
+ os.umask(old_umask)
|
||||
if fm:
|
||||
- fm.write("# Configuration created %s by fetchmailconf\n" % time.ctime(time.time()))
|
||||
+ if fm != sys.stdout:
|
||||
+ os.chmod(self.outfile, 0600)
|
||||
+ fm.write("# Configuration created %s by fetchmailconf %s\n"
|
||||
+ % (time.ctime(time.time()), version))
|
||||
fm.write(`self.configuration`)
|
||||
if self.outfile:
|
||||
fm.close()
|
||||
- if fm != sys.stdout:
|
||||
- os.chmod(self.outfile, 0600)
|
||||
self.destruct()
|
||||
|
||||
#
|
||||
Loading…
Reference in a new issue