Date: Fri, 12 Sep 2014 14:59:24 +0000 (UTC) From: Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r368028 - in branches/2014Q3/mail/procmail: . files Message-ID: <201409121459.s8CExOOD083973@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: sunpoet Date: Fri Sep 12 14:59:23 2014 New Revision: 368028 URL: http://svnweb.freebsd.org/changeset/ports/368028 QAT: https://qat.redports.org/buildarchive/r368028/ Log: MFH: r368009 - Fix heap-based buffer overflow in formisc.c - Bump PORTREVISION for package change Security: CVE-2014-3618 Approved by: portmgr (erwin) Added: branches/2014Q3/mail/procmail/files/patch-src-formisc.c - copied unchanged from r368009, head/mail/procmail/files/patch-src-formisc.c Modified: branches/2014Q3/mail/procmail/Makefile Directory Properties: branches/2014Q3/ (props changed) Modified: branches/2014Q3/mail/procmail/Makefile ============================================================================== --- branches/2014Q3/mail/procmail/Makefile Fri Sep 12 14:16:50 2014 (r368027) +++ branches/2014Q3/mail/procmail/Makefile Fri Sep 12 14:59:23 2014 (r368028) @@ -3,7 +3,7 @@ PORTNAME= procmail PORTVERSION= 3.22 -PORTREVISION= 7 +PORTREVISION= 8 CATEGORIES= mail MASTER_SITES= ftp://ftp.ucsb.edu/pub/mirrors/procmail/ \ ftp://ftp.informatik.rwth-aachen.de/pub/packages/procmail/ \ Copied: branches/2014Q3/mail/procmail/files/patch-src-formisc.c (from r368009, head/mail/procmail/files/patch-src-formisc.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2014Q3/mail/procmail/files/patch-src-formisc.c Fri Sep 12 14:59:23 2014 (r368028, copy of r368009, head/mail/procmail/files/patch-src-formisc.c) @@ -0,0 +1,16 @@ +--- src/formisc.c.orig 2001-06-29 10:20:45.000000000 +0800 ++++ src/formisc.c 2014-09-12 00:58:12.989105253 +0800 +@@ -84,12 +84,11 @@ + case '"':*target++=delim='"';start++; + } + ;{ int i; +- do ++ while(*start) + if((i= *target++= *start++)==delim) /* corresponding delimiter? */ + break; + else if(i=='\\'&&*start) /* skip quoted character */ + *target++= *start++; +- while(*start); /* anything? */ + } + hitspc=2; + }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201409121459.s8CExOOD083973>