update to v4.7c1 & add security notice. ok turan@.

mail/imap-uw/Makefile

@@ -1,7 +1,7 @@
-# $OpenBSD: Makefile,v 1.5 2000/03/07 08:25:52 jakob Exp $
+# $OpenBSD: Makefile,v 1.6 2000/05/03 07:44:56 jakob Exp $
 
-DISTNAME=	imap-4.7b
-PKGNAME=	imap-uw-4.7b
+DISTNAME=	imap-4.7c1
+PKGNAME=	imap-uw-4.7c1
 CATEGORIES=	mail
 
 MAINTAINER=     jakob@openbsd.org
@@ -17,8 +17,8 @@ MASTER_SITES=	ftp://ftp.cac.washington.edu/imap/ \
 		ftp://ftp.sunet.se/pub/unix/mail/imap/old/
 EXTRACT_SUFX=	.tar.Z
 
-FAKE=	yes
-
+FAKE=		yes
+WRKDIST=	${WRKDIR}/imap-4.7c
 ALL_TARGET=	bso
 
 do-install:

mail/imap-uw/files/md5

@@ -1,3 +1,3 @@
-MD5 (imap-4.7b.tar.Z) = 18ea9e22bde74afaa6c5b18236137ec0
-RMD160 (imap-4.7b.tar.Z) = 92605e353e61883047b7d9c383cd7aa8377689cd
-SHA1 (imap-4.7b.tar.Z) = ce0261ad3a25ea2bb1689ad9e2513456e3753f28
+MD5 (imap-4.7c1.tar.Z) = c99eb0c3db2d9433562d74de5e799c09
+RMD160 (imap-4.7c1.tar.Z) = 4a5d8893289adc8c255a69500e1224369e90a775
+SHA1 (imap-4.7c1.tar.Z) = c8848e1bb4ebd7abe3769722ed41c22ee2529fda

mail/imap-uw/pkg/SECURITY

@@ -0,0 +1,9 @@
+$Id: SECURITY,v 1.1 2000/05/03 07:44:56 jakob Exp $
+
+This port is not safe to use on a system which does not provide shell
+access to users who can retrieve mail via IMAP. imapd contains buffer
+overflows which a user can exploit after they have logged into imap to get
+access to their account on the machine. If your imap users have shell
+access anyway, this is not a significant vulnerability. There is also a
+vulnerability wherein local users can prevent arbitrary POP2/3 mailboxes
+from being opened, and force IMAP mailboxes to only open read-only.