procmail: update from 3.22 to 3.24
- Don't coredump in comsat code if interrupted early - Correctly handle COMSAT=on - Once used, the 'H' and 'r' flags would never be cleared - Fix possible buffer overflow in variable-capture actions - Fix up the parsing of variable-capture actions - LMTP code assumed sizeof(long)==sizeof(int) - SHELL is now always preset to /bin/sh. USER_SHELL contains the shell from the user's passwd entry - When HOST is mismatched, reset it for the next rcfile - Always read in a new, global rcfile (/etc/procmail.conf) to allow runtime configuration of variables like DEFAULT. This rcfile cannot deliver or filter messages - Mismatched HOST in /etc/procmailrc didn't discard the message - backquote expansion in a condition disabled header concatenation for that condition - LMTP didn't correctly handle quoted localparts - Removed SIZE extension from LMTP (unsupportable semantics) - Don't coredump if unable to exec /bin/sh - Enable "+detail" processing in LMTP mode by passing the delimiter (e.g., "+") as an optional argument after -z - In LMTP mode, save the domain of the recipient in PROCMAIL_DOMAIN - Set PROCMAIL_MODE to one of "d", "m", "z", or "" to reflect the mode option it was invoked with, if any - Fixed all bugs collected by Debian and others during the past 21 years. See the git commit history for detailed descriptions.
This commit is contained in:
parent
39de769024
commit
a8ec44af72
|
@ -1,18 +0,0 @@
|
||||||
From http://seclists.org/oss-sec/2014/q3/495 (with whitespace corrected).
|
|
||||||
|
|
||||||
--- a/src/formisc.c 2013-08-04 00:13:33.000000000 -0700
|
|
||||||
+++ b/src/formisc.c 2014-09-03 11:42:25.986002396 -0700
|
|
||||||
@@ -84,12 +84,11 @@
|
|
||||||
case '"':*target++=delim='"';start++;
|
|
||||||
}
|
|
||||||
;{ int i;
|
|
||||||
- do
|
|
||||||
+ while(*start)
|
|
||||||
if((i= *target++= *start++)==delim) /* corresponding delimiter? */
|
|
||||||
break;
|
|
||||||
else if(i=='\\'&&*start) /* skip quoted character */
|
|
||||||
*target++= *start++;
|
|
||||||
- while(*start); /* anything? */
|
|
||||||
}
|
|
||||||
hitspc=2;
|
|
||||||
}
|
|
|
@ -2,22 +2,13 @@
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "procmail";
|
pname = "procmail";
|
||||||
version = "3.22";
|
version = "3.24";
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "ftp://ftp.fu-berlin.de/pub/unix/mail/procmail/procmail-${version}.tar.gz";
|
url = "https://github.com/BuGlessRB/procmail/archive/refs/tags/v${version}.tar.gz";
|
||||||
sha256 = "05z1c803n5cppkcq99vkyd5myff904lf9sdgynfqngfk9nrpaz08";
|
sha256 = "UU6kMzOXg+ld+TIeeUdx5Ih7mCOsVf2yRpcCz2m9OYk=";
|
||||||
};
|
};
|
||||||
|
|
||||||
patches = [
|
|
||||||
./CVE-2014-3618.patch
|
|
||||||
(fetchurl {
|
|
||||||
url = "https://sources.debian.org/data/main/p/procmail/3.22-26/debian/patches/30";
|
|
||||||
sha256 = "11zmz1bj0v9pay3ldmyyg7473b80h89gycrhndsgg9q50yhcqaaq";
|
|
||||||
name = "CVE-2017-16844";
|
|
||||||
})
|
|
||||||
];
|
|
||||||
|
|
||||||
# getline is defined differently in glibc now. So rename it.
|
# getline is defined differently in glibc now. So rename it.
|
||||||
# Without the .PHONY target "make install" won't install anything on Darwin.
|
# Without the .PHONY target "make install" won't install anything on Darwin.
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
|
@ -33,7 +24,7 @@ stdenv.mkDerivation rec {
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
description = "Mail processing and filtering utility";
|
description = "Mail processing and filtering utility";
|
||||||
homepage = "http://www.procmail.org/";
|
homepage = "https://github.com/BuGlessRB/procmail/";
|
||||||
license = licenses.gpl2;
|
license = licenses.gpl2;
|
||||||
platforms = platforms.unix;
|
platforms = platforms.unix;
|
||||||
maintainers = with maintainers; [ gebner ];
|
maintainers = with maintainers; [ gebner ];
|
||||||
|
|
Loading…
Reference in a new issue