[gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/ - gentoo-commits

From:	Fabian Groffen <grobian@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
Date:	Wed, 29 Nov 2017 08:51:01
Message-Id:	`1511945407.e7434ec7eeb4b4be5cd53cebba9576f940b076e9.grobian@gentoo`

1

commit:     e7434ec7eeb4b4be5cd53cebba9576f940b076e9

2

Author:     Fabian Groffen <grobian <AT> gentoo <DOT> org>

3

AuthorDate: Wed Nov 29 08:50:07 2017 +0000

4

Commit:     Fabian Groffen <grobian <AT> gentoo <DOT> org>

5

CommitDate: Wed Nov 29 08:50:07 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e7434ec7

7

8

mail-mta/exim: add patch for CVE-2017-16944, bug #638772

9

10

Original patch is slightly adjusted to the 4.98 codebase in order to

11

apply.

12

13

Bug: https://bugs.gentoo.org/638772

14

Package-Manager: Portage-2.3.13, Repoman-2.3.3

15

16

 .../{exim-4.89-r4.ebuild => exim-4.89-r5.ebuild}   |  1 +

17

 mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch | 57 ++++++++++++++++++++++

18

 2 files changed, 58 insertions(+)

19

20

diff --git a/mail-mta/exim/exim-4.89-r4.ebuild b/mail-mta/exim/exim-4.89-r5.ebuild

21

similarity index 99%

22

rename from mail-mta/exim/exim-4.89-r4.ebuild

23

rename to mail-mta/exim/exim-4.89-r5.ebuild

24

index 14b6181d4cb..c6da0e48afc 100644

25

--- a/mail-mta/exim/exim-4.89-r4.ebuild

26

+++ b/mail-mta/exim/exim-4.89-r5.ebuild

27

@@ -98,6 +98,7 @@ src_prepare() {

28

 	epatch "${FILESDIR}"/${P}-transport-crash.patch # from git/in next release

29

 	epatch "${FILESDIR}"/${P}-address-expando-crash.patch # from git/in next release

30

 	epatch "${FILESDIR}"/${P}-CVE-2017-16943.patch # from git/in next release

31

+	epatch "${FILESDIR}"/${P}-CVE-2017-16944.patch # from git/in next release

32

33

 	if use maildir ; then

34

 		epatch "${FILESDIR}"/exim-4.20-maildir.patch

35

36

diff --git a/mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch b/mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch

37

new file mode 100644

38

index 00000000000..285a6170aa8

39

--- /dev/null

40

+++ b/mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch

41

@@ -0,0 +1,57 @@

42

+From 178ecb70987f024f0e775d87c2f8b2cf587dd542 Mon Sep 17 00:00:00 2001

43

+From: "Heiko Schlittermann (HS12-RIPE)" <hs@×××××××××××××.de>

44

+Date: Mon, 27 Nov 2017 22:42:33 +0100

45

+Subject: [PATCH] Chunking: do not treat the first lonely dot special.

46

+ CVE-2017-16944, Bug 2201

47

+

48

+Modified to apply on 4.89-gentoo

49

+

50

+---

51

+ src/src/receive.c | 2 +-

52

+ src/src/smtp_in.c | 7 +++++++

53

+ 2 files changed, 8 insertions(+), 1 deletion(-)

54

+

55

+diff --git a/src/src/receive.c b/src/src/receive.c

56

+index 541eba1..417e975 100644

57

+--- a/src/src/receive.c

58

++++ b/src/src/receive.c

59

+@@ -1865,7 +1865,7 @@ for (;;)

60

+   prevent further reading), and break out of the loop, having freed the

61

+   empty header, and set next = NULL to indicate no data line. */

62

+

63

+-  if (ptr == 0 && ch == '.' && (smtp_input || dot_ends))

64

++  if (ptr == 0 && ch == '.' && dot_ends)

65

+     {

66

+     ch = (receive_getc)(GETC_BUFFER_UNLIMITED);

67

+     if (ch == '\r')

68

+diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c

69

+index 1fdb705..0aabc53 100644

70

+--- a/src/src/smtp_in.c

71

++++ b/src/src/smtp_in.c

72

+@@ -5094,16 +5094,23 @@ while (done <= 0)

73

+       DEBUG(D_receive) debug_printf("chunking state %d, %d bytes\n",

74

+ 				    (int)chunking_state, chunking_data_left);

75

+

76

++      /* push the current receive_* function on the "stack", and

77

++      replace them by bdat_getc(), which in turn will use the lwr_receive_*

78

++      functions to do the dirty work. */

79

+       lwr_receive_getc = receive_getc;

80

+       lwr_receive_ungetc = receive_ungetc;

81

++

82

+       receive_getc = bdat_getc;

83

+       receive_ungetc = bdat_ungetc;

84

+

85

++      dot_ends = FALSE;

86

++

87

+       goto DATA_BDAT;

88

+       }

89

+

90

+     case DATA_CMD:

91

+     HAD(SCH_DATA);

92

++    dot_ends = TRUE;

93

+

94

+     DATA_BDAT:		/* Common code for DATA and BDAT */

95

+     if (!discarded && recipients_count <= 0)

96

+--

97

+1.9.1

98

+

1	commit: e7434ec7eeb4b4be5cd53cebba9576f940b076e9
2	Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
3	AuthorDate: Wed Nov 29 08:50:07 2017 +0000
4	Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
5	CommitDate: Wed Nov 29 08:50:07 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e7434ec7
7
8	mail-mta/exim: add patch for CVE-2017-16944, bug #638772
9
10	Original patch is slightly adjusted to the 4.98 codebase in order to
11	apply.
12
13	Bug: https://bugs.gentoo.org/638772
14	Package-Manager: Portage-2.3.13, Repoman-2.3.3
15
16	.../{exim-4.89-r4.ebuild => exim-4.89-r5.ebuild} \| 1 +
17	mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch \| 57 ++++++++++++++++++++++
18	2 files changed, 58 insertions(+)
19
20	diff --git a/mail-mta/exim/exim-4.89-r4.ebuild b/mail-mta/exim/exim-4.89-r5.ebuild
21	similarity index 99%
22	rename from mail-mta/exim/exim-4.89-r4.ebuild
23	rename to mail-mta/exim/exim-4.89-r5.ebuild
24	index 14b6181d4cb..c6da0e48afc 100644
25	--- a/mail-mta/exim/exim-4.89-r4.ebuild
26	+++ b/mail-mta/exim/exim-4.89-r5.ebuild
27	@@ -98,6 +98,7 @@ src_prepare() {
28	epatch "${FILESDIR}"/${P}-transport-crash.patch # from git/in next release
29	epatch "${FILESDIR}"/${P}-address-expando-crash.patch # from git/in next release
30	epatch "${FILESDIR}"/${P}-CVE-2017-16943.patch # from git/in next release
31	+ epatch "${FILESDIR}"/${P}-CVE-2017-16944.patch # from git/in next release
32
33	if use maildir ; then
34	epatch "${FILESDIR}"/exim-4.20-maildir.patch
35
36	diff --git a/mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch b/mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch
37	new file mode 100644
38	index 00000000000..285a6170aa8
39	--- /dev/null
40	+++ b/mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch
41	@@ -0,0 +1,57 @@
42	+From 178ecb70987f024f0e775d87c2f8b2cf587dd542 Mon Sep 17 00:00:00 2001
43	+From: "Heiko Schlittermann (HS12-RIPE)" <hs@×××××××××××××.de>
44	+Date: Mon, 27 Nov 2017 22:42:33 +0100
45	+Subject: [PATCH] Chunking: do not treat the first lonely dot special.
46	+ CVE-2017-16944, Bug 2201
47	+
48	+Modified to apply on 4.89-gentoo
49	+
50	+---
51	+ src/src/receive.c \| 2 +-
52	+ src/src/smtp_in.c \| 7 +++++++
53	+ 2 files changed, 8 insertions(+), 1 deletion(-)
54	+
55	+diff --git a/src/src/receive.c b/src/src/receive.c
56	+index 541eba1..417e975 100644
57	+--- a/src/src/receive.c
58	++++ b/src/src/receive.c
59	+@@ -1865,7 +1865,7 @@ for (;;)
60	+ prevent further reading), and break out of the loop, having freed the
61	+ empty header, and set next = NULL to indicate no data line. */
62	+
63	+- if (ptr == 0 && ch == '.' && (smtp_input \|\| dot_ends))
64	++ if (ptr == 0 && ch == '.' && dot_ends)
65	+ {
66	+ ch = (receive_getc)(GETC_BUFFER_UNLIMITED);
67	+ if (ch == '\r')
68	+diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
69	+index 1fdb705..0aabc53 100644
70	+--- a/src/src/smtp_in.c
71	++++ b/src/src/smtp_in.c
72	+@@ -5094,16 +5094,23 @@ while (done <= 0)
73	+ DEBUG(D_receive) debug_printf("chunking state %d, %d bytes\n",
74	+ (int)chunking_state, chunking_data_left);
75	+
76	++ /* push the current receive_* function on the "stack", and
77	++ replace them by bdat_getc(), which in turn will use the lwr_receive_*
78	++ functions to do the dirty work. */
79	+ lwr_receive_getc = receive_getc;
80	+ lwr_receive_ungetc = receive_ungetc;
81	++
82	+ receive_getc = bdat_getc;
83	+ receive_ungetc = bdat_ungetc;
84	+
85	++ dot_ends = FALSE;
86	++
87	+ goto DATA_BDAT;
88	+ }
89	+
90	+ case DATA_CMD:
91	+ HAD(SCH_DATA);
92	++ dot_ends = TRUE;
93	+
94	+ DATA_BDAT: /* Common code for DATA and BDAT */
95	+ if (!discarded && recipients_count <= 0)
96	+--
97	+1.9.1
98	+

Gentoo Archives: gentoo-commits