cpet/freebsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mail/mailman: 2.1.38 security fixing CSRF vuln

Browse Source 
While here, fix pkg-message to mention -exim4 and -postfix
derived ports that override the default MTA.

Security:	0d6efbe3-52d9-11ec-9472-e3667ed6088e
Security:	CVE-2021-44227
MFH:		2021Q4
This commit is contained in:
Matthias Andree 2021-12-01 20:06:35 +01:00
parent f1e61db579
commit 87f0f372e4
3 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
mail/mailman/Makefile
View File

@ -1,7 +1,8 @@
# Created by: n_hibma@qubesoft.com
PORTNAME= mailman
DISTVERSION= 2.1.37
DISTVERSION= 2.1.38
PORTREVISION= 0
CATEGORIES= mail
MASTER_SITES= GNU \
SF/${PORTNAME}/Mailman%202.1%20%28stable%29/${PORTVERSION} \

6
mail/mailman/distinfo
View File

@ -1,5 +1,5 @@
TIMESTAMP = 1636797368
SHA256 (mailman/mailman-2.1.37.tgz) = 689ff350857728ccc4ed379ceef54b93f710af8740cabc3bfe0348173b6b3f4f
SIZE (mailman/mailman-2.1.37.tgz) = 9508379
TIMESTAMP = 1638384323
SHA256 (mailman/mailman-2.1.38.tgz) = ac093ec2ed3eb93b41f1e1b19d39cf41e1bdd09587979835fe154dac6777fc68
SIZE (mailman/mailman-2.1.38.tgz) = 9508426
SHA256 (mailman/msapiro-htdig-1822.patch.xz) = fa1da6fb7c0946a6723bc2766501c222fa73c8d794566a3b6e5718a7d1840265
SIZE (mailman/msapiro-htdig-1822.patch.xz) = 50700

11
mail/mailman/files/pkg-message.in
View File

@ -14,10 +14,13 @@ Note (1):
- ESPECIALLY RELEVANT FOR USERS OF THE BINARY PACKAGE -
The FreeBSD binary package is built for use with Sendmail, and it will
not work properly with alternative MTAs such as Exim or Postfix.
In order for Mailman to work with an alternative mailer,
the port must be installed from source, with proper options configured,
or from a package built in poudriere (which is a separate port in
ports-mgmt) with adapted options. (poudriere options -cn mail/mailman)
In order for Mailman to work with an alternative mailer, please use
mailman-exim4 or mailman-postfix instead, or
mailman-exim4-with-htdig or mailman-postfix-with-htdig.
For use with other mailers (Courier, OpenSMTPd), the port must be installed
from source, with proper options configured, or from a package built in
poudriere (which is a separate port in ports-mgmt) with adapted options.
(poudriere options -cn mail/mailman)
- FOR USERS OF A PORT BUILT FROM SOURCE -
If you use an alternate MTA (meaning "not Sendmail"), you MUST