From b19fb8302f524c784cf09fb1e94626c6655aee24 Mon Sep 17 00:00:00 2001 From: jakob Date: Thu, 10 Jan 2002 10:48:44 +0000 Subject: [PATCH] update to pine v4.44 - security update -- This note is to announce the availability of the Pine Message System version 4.44. The purpose of this release is to fix a security bug with the treatment of quotes in the URL-handling code. The bug allows a malicious sender to embed commands in a URL. This bug is present in all versions of UNIX Pine. There is no vulnerability from this bug in PC-Pine. --- mail/pine/Makefile | 4 ++-- mail/pine/distinfo | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/mail/pine/Makefile b/mail/pine/Makefile index 93e0ebc883b..927382211e4 100644 --- a/mail/pine/Makefile +++ b/mail/pine/Makefile @@ -1,10 +1,10 @@ -# $OpenBSD: Makefile,v 1.40 2001/12/16 21:57:47 brad Exp $ +# $OpenBSD: Makefile,v 1.41 2002/01/10 10:48:44 jakob Exp $ COMMENT= "Program for Internet E-mail and News, with pico" COMMENT-pico= "small text editor" COMMENT-pine= "Program for Internet E-mail and News, without pico" -VERSION= 4.43 +VERSION= 4.44 PICO_VERSION= 4.2 DISTNAME= pine${VERSION} PKGNAME= pine+pico-${VERSION} diff --git a/mail/pine/distinfo b/mail/pine/distinfo index 5dd2b1e32cc..8a5a71206a9 100644 --- a/mail/pine/distinfo +++ b/mail/pine/distinfo @@ -1,3 +1,3 @@ -MD5 (pine4.43.tar.gz) = 9395df6346b9c0748a93163df83e6150 -RMD160 (pine4.43.tar.gz) = 3160888b35779c279e75226f20e8714c7a4fe5ec -SHA1 (pine4.43.tar.gz) = 733bc7797cf8de9f5d5cfd7aab7e4a7dc2127f79 +MD5 (pine4.44.tar.gz) = bb405bd52b9fd84b9a981626847cc098 +RMD160 (pine4.44.tar.gz) = e089ed87fef3b366769ed560933fa4537582a1e8 +SHA1 (pine4.44.tar.gz) = 0657a5bd51cacc300260224320ee114c0b2b26e5