as with 2.0.3:

> apply a patch from evution CVS: > 2005-01-20 Not Zed <NotZed@Ximian.com> > * camel-lock-helper.c (main): since malloc(MAXINT+1) returns a > valid pointer, validate the length of the path before using it. > set maximum path to 65000 characters. Spotted by Max Vozeler > <max@hinterhof.net> > > This fixes the security vulnerability refered to as CAN-2005-0102. > bump PKGREVISION
2005-01-31 17:33:57 +00:00 · 2005-01-31 17:33:57 +00:00 · 6d0c25831d
commit 6d0c25831d
parent 9415f1f987
3 changed files with 20 additions and 3 deletions
--- a/mail/evolution12/Makefile
+++ b/mail/evolution12/Makefile
@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.14 2004/12/28 23:18:16 reed Exp $
+# $NetBSD: Makefile,v 1.15 2005/01/31 17:33:57 drochner Exp $

 DISTNAME=		evolution-1.2.4
 PKGNAME=		${DISTNAME:S/evolution/evolution12/}
-PKGREVISION=		3
+PKGREVISION=		4
 CATEGORIES=		mail time gnome
 MASTER_SITES=		ftp://ftp.ximian.com/pub/ximian-evolution/source/ \
 			ftp://ximian.netnitco.net/pub/mirrors/ximian/ximian-evolution/source/ \
--- a/mail/evolution12/distinfo
+++ b/mail/evolution12/distinfo
@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.1.1.1 2004/01/04 21:39:50 rh Exp $
+$NetBSD: distinfo,v 1.2 2005/01/31 17:33:57 drochner Exp $

 SHA1 (evolution-1.2.4.tar.bz2) = 924ef022d39ab437e41b784181ba572e8a16e59d
 Size (evolution-1.2.4.tar.bz2) = 12940769 bytes
@ -14,3 +14,4 @@ SHA1 (patch-ai) = 2d73b5a3a2a006bb29b83650154ca64d721ef09d
 SHA1 (patch-aj) = 0e132d78a59631d443a8fe03a838033089e1802c
 SHA1 (patch-ak) = 3c1f314f16743221a2ce9db659c0877b70f00f51
 SHA1 (patch-al) = de0b84420c20aabe4d9eadf5f322b117a71ca2dc
+SHA1 (patch-am) = 18b9a5eda1ca81ef158e04295e13a33c54683ae1
--- a/mail/evolution12/patches/patch-am
+++ b/mail/evolution12/patches/patch-am
@ -0,0 +1,16 @@
+$NetBSD: patch-am,v 1.1 2005/01/31 17:33:57 drochner Exp $
+
+--- camel/camel-lock-helper.c.orig	2001-11-03 01:26:18.000000000 +0100
+++ camel/camel-lock-helper.c
+@@ -360,8 +360,9 @@ int main(int argc, char **argv)
+ 			switch(msg.id) {
+ 			case CAMEL_LOCK_HELPER_LOCK:
+ 				res = CAMEL_LOCK_HELPER_STATUS_NOMEM;
+-				path = malloc(msg.data+1);
+-				if (path != NULL) {
+				if (msg.data > 0xffff) {
+					res = CAMEL_LOCK_HELPER_STATUS_PROTOCOL;
+				} else if ((path = malloc(msg.data+1)) != NULL) {
+ 					res = CAMEL_LOCK_HELPER_STATUS_PROTOCOL;
+ 					len = read_n(STDIN_FILENO, path, msg.data);
+ 					if (len == msg.data) {