Security update to fetchmail-6.3.8. (CVE-2007-1558)

Make the APOP challenge parser more distrustful and have it reject challenges that do not conform to RFC-822 msg-id format, in the hope to make mounting man-in-the-middle attacks (MITM) against APOP a bit more difficult. Detailed information: http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt
2007-04-13 13:22:25 +00:00 · 2007-04-13 13:22:25 +00:00 · 573299d695
commit 573299d695
parent d0e786804a
4 changed files with 18 additions and 18 deletions
--- a/mail/fetchmail/Makefile
+++ b/mail/fetchmail/Makefile
@ -1,8 +1,8 @@
-# $OpenBSD: Makefile,v 1.109 2007/01/09 10:35:42 bernd Exp $
+# $OpenBSD: Makefile,v 1.110 2007/04/13 13:22:25 bernd Exp $

 COMMENT=	"mail retrieval utility for POP2, POP3, KPOP, IMAP and more"

-DISTNAME=	fetchmail-6.3.6
+DISTNAME=	fetchmail-6.3.8
 CATEGORIES=	mail
 MASTER_SITES=	${MASTER_SITE_BERLIOS:=fetchmail/}

--- a/mail/fetchmail/distinfo
+++ b/mail/fetchmail/distinfo
@ -1,5 +1,5 @@
-MD5 (fetchmail-6.3.6.tar.bz2) = T6t8oQDKNuQaLo2/WzKjzw==
-RMD160 (fetchmail-6.3.6.tar.bz2) = RVwUE8xQkPg06Cvkh2tXLUvvNcw=
-SHA1 (fetchmail-6.3.6.tar.bz2) = TDYtjYbA1O+xkdD6rgtItUsIh7o=
-SHA256 (fetchmail-6.3.6.tar.bz2) = PIHnd2YXt48Y2c2LXl9ilE5w8de9R6hA/Y1EvN7XhP8=
-SIZE (fetchmail-6.3.6.tar.bz2) = 1307730
+MD5 (fetchmail-6.3.8.tar.bz2) = Zrl1ALCh48CRaztTFPWX9Q==
+RMD160 (fetchmail-6.3.8.tar.bz2) = NANPmun+RLo18KFtMSjUqbAAHfI=
+SHA1 (fetchmail-6.3.8.tar.bz2) = uOjFHtbPU/w5jIIf2ynRZsZxO7A=
+SHA256 (fetchmail-6.3.8.tar.bz2) = VhL5rzZ/ZB4O/QhPRPzxiJZp5xHb2MYPa3lT5JTRsJs=
+SIZE (fetchmail-6.3.8.tar.bz2) = 1323515
--- a/mail/fetchmail/patches/patch-Makefile_in
+++ b/mail/fetchmail/patches/patch-Makefile_in
@ -1,7 +1,7 @@
-$OpenBSD: patch-Makefile_in,v 1.9 2007/01/09 10:35:42 bernd Exp $
--- Makefile.in.orig	Fri Jan  5 22:27:59 2007
-+++ Makefile.in	Sun Jan  7 11:33:55 2007
-@@ -1413,7 +1413,7 @@ info: info-recursive
+$OpenBSD: patch-Makefile_in,v 1.10 2007/04/13 13:22:25 bernd Exp $
+--- Makefile.in.orig	Fri Apr  6 20:41:48 2007
+++ Makefile.in	Sun Apr  8 10:04:06 2007
+@@ -1440,7 +1440,7 @@ info: info-recursive
 
 info-am:
 
--- a/mail/fetchmail/patches/patch-configure
+++ b/mail/fetchmail/patches/patch-configure
@ -1,7 +1,7 @@
-$OpenBSD: patch-configure,v 1.11 2007/01/09 10:35:42 bernd Exp $
--- configure.orig	Sun Jan  7 11:34:15 2007
-+++ configure	Sun Jan  7 11:37:38 2007
-@@ -8530,7 +8530,7 @@ _ACEOF
+$OpenBSD: patch-configure,v 1.12 2007/04/13 13:22:25 bernd Exp $
+--- configure.orig	Fri Apr  6 20:41:49 2007
+++ configure	Sun Apr  8 10:04:06 2007
+@@ -8535,7 +8535,7 @@ _ACEOF
 
 
 
@ -10,7 +10,7 @@ $OpenBSD: patch-configure,v 1.11 2007/01/09 10:35:42 bernd Exp $
 
 
 
-@@ -13245,7 +13245,7 @@ cat >>confdefs.h <<\_ACEOF
+@@ -13251,7 +13251,7 @@ cat >>confdefs.h <<\_ACEOF
 _ACEOF
 
   CEFLAGS="$CEFLAGS -I/usr/include/kerberosV"
@ -19,7 +19,7 @@ $OpenBSD: patch-configure,v 1.11 2007/01/09 10:35:42 bernd Exp $
 elif krb5-config 2> /dev/null >/dev/null ; then
   krb5_prefix=`krb5-config --prefix krb5`
   { echo "$as_me:$LINENO: result: krb5-config points to kerberosV under $krb5_prefix" >&5
-@@ -16956,8 +16956,8 @@ pythondir!$pythondir$ac_delim
+@@ -16962,8 +16962,8 @@ pythondir!$pythondir$ac_delim
 pkgpythondir!$pkgpythondir$ac_delim
 pyexecdir!$pyexecdir$ac_delim
 pkgpyexecdir!$pkgpyexecdir$ac_delim
@ -30,7 +30,7 @@ $OpenBSD: patch-configure,v 1.11 2007/01/09 10:35:42 bernd Exp $
 CC!$CC$ac_delim
 CFLAGS!$CFLAGS$ac_delim
 LDFLAGS!$LDFLAGS$ac_delim
-@@ -17031,10 +17031,10 @@ GMSGFMT!$GMSGFMT$ac_delim
+@@ -17037,10 +17037,10 @@ GMSGFMT!$GMSGFMT$ac_delim
 XGETTEXT!$XGETTEXT$ac_delim
 MSGMERGE!$MSGMERGE$ac_delim
 INTL_MACOSX_LIBS!$INTL_MACOSX_LIBS$ac_delim