Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 15 Sep 2019 09:57:33 +0000 (UTC)
From:      Kurt Jaeger <pi@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org
Subject:   svn commit: r512094 - in branches/2019Q3/mail/opendmarc: . files
Message-ID:  <201909150957.x8F9vXdo065589@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: pi
Date: Sun Sep 15 09:57:33 2019
New Revision: 512094
URL: https://svnweb.freebsd.org/changeset/ports/512094

Log:
  MFH: r512093
  
  mail/opendmarc: fix multiple addresses in From vulnerability
  
  - please note that it might only be a partial fix, see
    https://github.com/trusteddomainproject/OpenDMARC/pull/48#issuecomment-530375590
  
  PR:		240505
  Reported by:	protonmail
  Approved by:	ports-secteam (delphij)
  Obtained from:	https://github.com/trusteddomainproject/OpenDMARC/pull/48
  Security:	https://protonmail.com/blog/bellingcat-cyberattack-phishing/

Added:
  branches/2019Q3/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c
     - copied unchanged from r512093, head/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c
  branches/2019Q3/mail/opendmarc/files/patch-opendmarc_opendmarc.c
     - copied unchanged from r512093, head/mail/opendmarc/files/patch-opendmarc_opendmarc.c
Modified:
  branches/2019Q3/mail/opendmarc/Makefile
Directory Properties:
  branches/2019Q3/   (props changed)

Modified: branches/2019Q3/mail/opendmarc/Makefile
==============================================================================
--- branches/2019Q3/mail/opendmarc/Makefile	Sun Sep 15 09:51:20 2019	(r512093)
+++ branches/2019Q3/mail/opendmarc/Makefile	Sun Sep 15 09:57:33 2019	(r512094)
@@ -3,7 +3,7 @@
 
 PORTNAME=	opendmarc
 PORTVERSION=	1.3.2
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	mail security
 MASTER_SITES=	SF/${PORTNAME} \
 		SF/${PORTNAME}/Previous%20Releases

Copied: branches/2019Q3/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c (from r512093, head/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2019Q3/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c	Sun Sep 15 09:57:33 2019	(r512094, copy of r512093, head/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c)
@@ -0,0 +1,10 @@
+--- libopendmarc/tests/test_finddomain.c.orig	2012-10-25 15:38:55 UTC
++++ libopendmarc/tests/test_finddomain.c
+@@ -23,6 +23,7 @@ main(int argc, char **argv)
+ 		/* 11 */ {"(,) joe@joe.com", "joe.com"},
+ 		/* 12 */ {"\"( bob@bob.com)\" joe@joe.com", "joe.com"},
+ 		/* 12 */ {"From: Davide D'Marco <user@blah.com>", "blah.com"},
++		/* 13 */ {"blah.com>", "blah.com"},
+ 			 {NULL, NULL},
+ 	};
+ 	u_char dbuf[256];

Copied: branches/2019Q3/mail/opendmarc/files/patch-opendmarc_opendmarc.c (from r512093, head/mail/opendmarc/files/patch-opendmarc_opendmarc.c)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2019Q3/mail/opendmarc/files/patch-opendmarc_opendmarc.c	Sun Sep 15 09:57:33 2019	(r512094, copy of r512093, head/mail/opendmarc/files/patch-opendmarc_opendmarc.c)
@@ -0,0 +1,11 @@
+--- opendmarc/opendmarc.c.orig	2017-03-04 13:28:39 UTC
++++ opendmarc/opendmarc.c
+@@ -2193,7 +2193,7 @@ mlfi_eom(SMFICTX *ctx)
+ 	strncpy(dfc->mctx_fromdomain, domain, sizeof dfc->mctx_fromdomain - 1);
+ 
+ 	ostatus = opendmarc_policy_store_from_domain(cc->cctx_dmarc,
+-	                                             from->hdr_value);
++	                                             dfc->mctx_fromdomain);
+ 	if (ostatus != DMARC_PARSE_OKAY)
+ 	{
+ 		if (conf->conf_dolog)



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201909150957.x8F9vXdo065589>