SECURITY:

fix an arbitrary code execution vulnerability; bump PKGNAME http://www.vuxml.org/openbsd/84dd64b0-72cc-11d9-a56c-00065bd5b0b6.html ok marcm@, naddy@
2005-01-30 14:44:46 +00:00 · 2005-01-30 14:44:46 +00:00 · 94cb226cab
commit 94cb226cab
parent b0bb1cbbbb
2 changed files with 17 additions and 1 deletions
--- a/mail/evolution/Makefile
+++ b/mail/evolution/Makefile
@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.16 2005/01/02 12:33:37 alek Exp $
+# $OpenBSD: Makefile,v 1.17 2005/01/30 14:44:46 robert Exp $

 COMMENT=		"integrated email and PIM software for GNOME"
 COMMENT-devguide=	"Evolution Developer's Guide"
@ -6,6 +6,7 @@ COMMENT-devguide=	"Evolution Developer's Guide"
 V=			1.2
 VERSION=		${V}.4
 DISTNAME=		evolution-${VERSION}
+PKGNAME=		${DISTNAME}p0
 FULLPKGNAME-devguide=	evolution-devguide-${VERSION}p0
 CATEGORIES=    		mail x11

--- a/mail/evolution/patches/patch-camel_camel_lock_helper_c
+++ b/mail/evolution/patches/patch-camel_camel_lock_helper_c
@ -0,0 +1,15 @@
+$OpenBSD: patch-camel_camel_lock_helper_c,v 1.1 2005/01/30 14:44:46 robert Exp $
+--- camel/camel-lock-helper.c.orig	Wed Jan 26 15:34:53 2005
+++ camel/camel-lock-helper.c	Wed Jan 26 15:37:15 2005
+@@ -360,8 +360,9 @@
+ 			switch(msg.id) {
+ 			case CAMEL_LOCK_HELPER_LOCK:
+ 				res = CAMEL_LOCK_HELPER_STATUS_NOMEM;
+-				path = malloc(msg.data+1);
+-				if (path != NULL) {
+				if (msg.data > 0xffff) {
+					res = CAMEL_LOCK_HELPER_STATUS_PROTOCOL;
+				} else if ((path = malloc(msg.data+1)) != NULL) {
+ 					res = CAMEL_LOCK_HELPER_STATUS_PROTOCOL;
+ 					len = read_n(STDIN_FILENO, path, msg.data);
+ 					if (len == msg.data) {