update to procmail-3.24 which rolls in fixes we had in patches, plus others.
there has not been any major change to invalidate the recommendations to avoid it (https://anarc.at/blog/2022-03-02-procmail-considered-harmful/ and others) but there still seems to be no good alternative to formail (maildrop's reformail isn't a direct replacement) and better to have those fixes which do exist than leave it at the old version.
This commit is contained in:
parent
4f764b7935
commit
cd37e7364c
|
@ -1,23 +1,15 @@
|
|||
COMMENT= filtering local mail delivery agent
|
||||
|
||||
DISTNAME= procmail-3.22
|
||||
GH_ACCOUNT= BuGlessRB
|
||||
GH_PROJECT= procmail
|
||||
GH_TAGNAME= v3.24
|
||||
|
||||
CATEGORIES= mail
|
||||
REVISION= 8
|
||||
|
||||
MASTER_SITES= ${HOMEPAGE} \
|
||||
http://mirror.switch.ch/ftp/mirror/procmail/ \
|
||||
http://ftp.kfki.hu/packages/mail/procmail/ \
|
||||
http://ftp.ucsb.edu/pub/mirrors/procmail/ \
|
||||
http://www.ring.gr.jp/archives/net/mail/procmail/ \
|
||||
ftp://ftp.informatik.rwth-aachen.de/pub/packages/procmail/ \
|
||||
ftp://ftp.fu-berlin.de/pub/unix/mail/procmail/
|
||||
|
||||
HOMEPAGE= http://www.procmail.org/
|
||||
|
||||
# GPLv2+
|
||||
PERMIT_PACKAGE= Yes
|
||||
|
||||
WANTLIB= c m
|
||||
WANTLIB= c m
|
||||
|
||||
FLAVORS= lmtp
|
||||
FLAVOR?=
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
SHA256 (procmail-3.22.tar.gz) = CHx1s03TPYud9a/p5CgByTlfS/Nzp4TZvJcVOwBi4Rc=
|
||||
SIZE (procmail-3.22.tar.gz) = 226817
|
||||
SHA256 (procmail-3.24.tar.gz) = UU6kMzOXg+ld+TIeeUdx5Ih7mCOsVf2yRpcCz2m9OYk=
|
||||
SIZE (procmail-3.24.tar.gz) = 299704
|
||||
|
|
|
@ -1,14 +0,0 @@
|
|||
Fix escaping error that causes information loss.
|
||||
|
||||
Index: man/procmailrc.man
|
||||
--- man/procmailrc.man.orig
|
||||
+++ man/procmailrc.man
|
||||
@@ -779,7 +779,7 @@ one trailing newline will be stripped.
|
||||
.PP
|
||||
Some non-optimal and non-obvious regexps set MATCH to an incorrect
|
||||
value. The regexp can be made to work by removing one or more unneeded
|
||||
-'*', '+', or '?' operator on the left-hand side of the \e/ token.
|
||||
+\&'*', '+', or '?' operator on the left-hand side of the \e/ token.
|
||||
.SH MISCELLANEOUS
|
||||
If the regular expression contains `\fB@TO_key@\fP' it will be substituted by
|
||||
.na
|
|
@ -1,15 +0,0 @@
|
|||
A patch from Philip Guenther (procmail maintainer) fixing a
|
||||
crash when procmail is invoked without arguments and then
|
||||
receive a ^C.
|
||||
|
||||
--- src/comsat.c.orig Tue Sep 11 06:55:46 2001
|
||||
+++ src/comsat.c Wed Dec 2 23:13:21 2009
|
||||
@@ -120,7 +120,7 @@ void sendcomsat(folder)const char*folder;
|
||||
{ int s;const char*p;
|
||||
if(!csvalid||!buf) /* is comat on and set to a valid address? */
|
||||
return;
|
||||
- if(!*cslgname||strlen(cslgname)+2>linebuf) /* is $LOGNAME bogus? */
|
||||
+ if(!cslgname||!*cslgname||strlen(cslgname)+2>linebuf)/* is $LOGNAME bogus? */
|
||||
return;
|
||||
if(!(p=folder?folder:cslastf)) /* do we have a folder? */
|
||||
return;
|
|
@ -1,22 +0,0 @@
|
|||
--- src/fields.c.orig Sat Mar 17 10:43:03 2012
|
||||
+++ src/fields.c Sat Mar 17 10:43:14 2012
|
||||
@@ -110,16 +110,16 @@ void dispfield(p)register const struct field*p;
|
||||
/* try and append one valid field to rdheader from stdin */
|
||||
int readhead P((void))
|
||||
{ int idlen;
|
||||
- getline();
|
||||
+ get_line();
|
||||
if((idlen=breakfield(buf,buffilled))<=0) /* not the start of a valid field */
|
||||
return 0;
|
||||
if(idlen==STRLEN(FROM)&&eqFrom_(buf)) /* it's a From_ line */
|
||||
{ if(rdheader)
|
||||
return 0; /* the From_ line was a fake! */
|
||||
- for(;buflast=='>';getline()); /* gather continued >From_ lines */
|
||||
+ for(;buflast=='>';get_line()); /* gather continued >From_ lines */
|
||||
}
|
||||
else
|
||||
- for(;;getline()) /* get the rest of the continued field */
|
||||
+ for(;;get_line()) /* get the rest of the continued field */
|
||||
{ switch(buflast) /* will this line be continued? */
|
||||
{ case ' ':case '\t': /* yep, it sure is */
|
||||
continue;
|
|
@ -1,11 +0,0 @@
|
|||
--- src/formail.c.orig Sat Mar 17 10:43:03 2012
|
||||
+++ src/formail.c Sat Mar 17 10:43:10 2012
|
||||
@@ -819,7 +819,7 @@ splitit: { if(!lnl) /* did the previous mail e
|
||||
{ if(split) /* gobble up the next start separator */
|
||||
{ buffilled=0;
|
||||
#ifdef sMAILBOX_SEPARATOR
|
||||
- getline();buffilled=0; /* but only if it's defined */
|
||||
+ get_line();buffilled=0; /* but only if it's defined */
|
||||
#endif
|
||||
if(buflast!=EOF) /* if any */
|
||||
goto splitit;
|
|
@ -1,42 +0,0 @@
|
|||
Hunk #1: CVE-2014-3618, heap overflow in formail when parsing addresses
|
||||
with unbalanced quotes.
|
||||
|
||||
Hunk #2: CVE-2017-16844: heap-based buffer overflow in loadbuf()
|
||||
http://bugs.debian.org/876511
|
||||
Patch taken from Debian package procmail_3.22-25+deb9u1.
|
||||
|
||||
Index: src/formisc.c
|
||||
--- src/formisc.c.orig
|
||||
+++ src/formisc.c
|
||||
@@ -84,12 +84,11 @@ normal: *target++= *start++;
|
||||
case '"':*target++=delim='"';start++;
|
||||
}
|
||||
;{ int i;
|
||||
- do
|
||||
+ while(*start)
|
||||
if((i= *target++= *start++)==delim) /* corresponding delimiter? */
|
||||
break;
|
||||
else if(i=='\\'&&*start) /* skip quoted character */
|
||||
*target++= *start++;
|
||||
- while(*start); /* anything? */
|
||||
}
|
||||
hitspc=2;
|
||||
}
|
||||
@@ -104,7 +103,7 @@ void loadsaved(sp)const struct saved*const sp; /*
|
||||
}
|
||||
/* append to buf */
|
||||
void loadbuf(text,len)const char*const text;const size_t len;
|
||||
-{ if(buffilled+len>buflen) /* buf can't hold the text */
|
||||
+{ while(buffilled+len>buflen) /* buf can't hold the text */
|
||||
buf=realloc(buf,buflen+=Bsize);
|
||||
tmemmove(buf+buffilled,text,len);buffilled+=len;
|
||||
}
|
||||
@@ -115,7 +114,7 @@ void loadchar(c)const int c; /* append one char
|
||||
buf[buffilled++]=c;
|
||||
}
|
||||
|
||||
-int getline P((void)) /* read a newline-terminated line */
|
||||
+int get_line P((void)) /* read a newline-terminated line */
|
||||
{ if(buflast==EOF) /* at the end of our Latin already? */
|
||||
{ loadchar('\n'); /* fake empty line */
|
||||
return EOF; /* spread the word */
|
|
@ -1,8 +0,0 @@
|
|||
--- src/formisc.h.orig Sat Mar 17 10:43:03 2012
|
||||
+++ src/formisc.h Sat Mar 17 10:43:17 2012
|
||||
@@ -17,4 +17,4 @@ void
|
||||
char*
|
||||
skipwords P((char*start));
|
||||
int
|
||||
- getline P((void));
|
||||
+ get_line P((void));
|
|
@ -1,11 +0,0 @@
|
|||
--- src/pipes.c.orig Tue Sep 11 06:58:44 2001
|
||||
+++ src/pipes.c Wed Dec 2 23:13:21 2009
|
||||
@@ -194,7 +194,7 @@ perr: progerr(line,excode,pwait==4); /* I'm goi
|
||||
makeblock(&temp,Stdfilled);
|
||||
tmemmove(temp.p,Stdout,Stdfilled);
|
||||
readdyn(&temp,&Stdfilled,Stdfilled+backlen+1);
|
||||
- Stdout=realloc(Stdout,&Stdfilled+1);
|
||||
+ Stdout=realloc(Stdout,Stdfilled+1);
|
||||
tmemmove(Stdout,temp.p,Stdfilled+1);
|
||||
freeblock(&temp);
|
||||
retStdout(Stdout,pwait&&pipw,!backblock);
|
|
@ -1,13 +0,0 @@
|
|||
Fix searching body alone.
|
||||
|
||||
--- src/procmail.c.orig Sat Jun 30 21:50:32 2007
|
||||
+++ src/procmail.c Sat Jun 30 21:51:22 2007
|
||||
@@ -652,7 +652,7 @@ commint:do skipspace(); /* skip whitespace */
|
||||
nrcond= -1;
|
||||
if(tolock) /* clear temporary buffer for lockfile name */
|
||||
free(tolock);
|
||||
- for(i=maxindex(flags);i;i--) /* clear the flags */
|
||||
+ for(i=maxindex(flags);i>=0;i--) /* clear the flags */
|
||||
flags[i]=0;
|
||||
for(tolock=0,locknext=0;;)
|
||||
{ chp=skpspace(chp);
|
Loading…
Reference in New Issue