From a8ec44af72ad1e57db58418f0f2000b7fc3a924d Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 2 Jan 2023 10:16:01 +0100 Subject: [PATCH] procmail: update from 3.22 to 3.24 - Don't coredump in comsat code if interrupted early - Correctly handle COMSAT=on - Once used, the 'H' and 'r' flags would never be cleared - Fix possible buffer overflow in variable-capture actions - Fix up the parsing of variable-capture actions - LMTP code assumed sizeof(long)==sizeof(int) - SHELL is now always preset to /bin/sh. USER_SHELL contains the shell from the user's passwd entry - When HOST is mismatched, reset it for the next rcfile - Always read in a new, global rcfile (/etc/procmail.conf) to allow runtime configuration of variables like DEFAULT. This rcfile cannot deliver or filter messages - Mismatched HOST in /etc/procmailrc didn't discard the message - backquote expansion in a condition disabled header concatenation for that condition - LMTP didn't correctly handle quoted localparts - Removed SIZE extension from LMTP (unsupportable semantics) - Don't coredump if unable to exec /bin/sh - Enable "+detail" processing in LMTP mode by passing the delimiter (e.g., "+") as an optional argument after -z - In LMTP mode, save the domain of the recipient in PROCMAIL_DOMAIN - Set PROCMAIL_MODE to one of "d", "m", "z", or "" to reflect the mode option it was invoked with, if any - Fixed all bugs collected by Debian and others during the past 21 years. See the git commit history for detailed descriptions. --- .../misc/procmail/CVE-2014-3618.patch | 18 ------------------ pkgs/applications/misc/procmail/default.nix | 17 ++++------------- 2 files changed, 4 insertions(+), 31 deletions(-) delete mode 100644 pkgs/applications/misc/procmail/CVE-2014-3618.patch diff --git a/pkgs/applications/misc/procmail/CVE-2014-3618.patch b/pkgs/applications/misc/procmail/CVE-2014-3618.patch deleted file mode 100644 index e3aa5600e40..00000000000 --- a/pkgs/applications/misc/procmail/CVE-2014-3618.patch +++ /dev/null @@ -1,18 +0,0 @@ -From http://seclists.org/oss-sec/2014/q3/495 (with whitespace corrected). - ---- a/src/formisc.c 2013-08-04 00:13:33.000000000 -0700 -+++ b/src/formisc.c 2014-09-03 11:42:25.986002396 -0700 -@@ -84,12 +84,11 @@ - case '"':*target++=delim='"';start++; - } - ;{ int i; -- do -+ while(*start) - if((i= *target++= *start++)==delim) /* corresponding delimiter? */ - break; - else if(i=='\\'&&*start) /* skip quoted character */ - *target++= *start++; -- while(*start); /* anything? */ - } - hitspc=2; - } diff --git a/pkgs/applications/misc/procmail/default.nix b/pkgs/applications/misc/procmail/default.nix index dafc73925b5..ea299d73cbb 100644 --- a/pkgs/applications/misc/procmail/default.nix +++ b/pkgs/applications/misc/procmail/default.nix @@ -2,22 +2,13 @@ stdenv.mkDerivation rec { pname = "procmail"; - version = "3.22"; + version = "3.24"; src = fetchurl { - url = "ftp://ftp.fu-berlin.de/pub/unix/mail/procmail/procmail-${version}.tar.gz"; - sha256 = "05z1c803n5cppkcq99vkyd5myff904lf9sdgynfqngfk9nrpaz08"; + url = "https://github.com/BuGlessRB/procmail/archive/refs/tags/v${version}.tar.gz"; + sha256 = "UU6kMzOXg+ld+TIeeUdx5Ih7mCOsVf2yRpcCz2m9OYk="; }; - patches = [ - ./CVE-2014-3618.patch - (fetchurl { - url = "https://sources.debian.org/data/main/p/procmail/3.22-26/debian/patches/30"; - sha256 = "11zmz1bj0v9pay3ldmyyg7473b80h89gycrhndsgg9q50yhcqaaq"; - name = "CVE-2017-16844"; - }) - ]; - # getline is defined differently in glibc now. So rename it. # Without the .PHONY target "make install" won't install anything on Darwin. postPatch = '' @@ -33,7 +24,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "Mail processing and filtering utility"; - homepage = "http://www.procmail.org/"; + homepage = "https://github.com/BuGlessRB/procmail/"; license = licenses.gpl2; platforms = platforms.unix; maintainers = with maintainers; [ gebner ];