1 |
robbat2 13/05/27 00:45:52 |
2 |
|
3 |
Modified: conf-smtpd conf-common servercert.cnf conf-qmtpd |
4 |
conf-qmqpd |
5 |
Added: genqmail-20080406-ldflags.patch |
6 |
Log: |
7 |
Fix security bug #372967. Also fixes bugs #335077, #331901, #370611, #403893, #404225. |
8 |
|
9 |
(Portage version: 2.2.0_alpha177/cvs/Linux x86_64, unsigned Manifest commit) |
10 |
|
11 |
Revision Changes Path |
12 |
1.2 mail-mta/netqmail/files/conf-smtpd |
13 |
|
14 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/conf-smtpd?rev=1.2&view=markup |
15 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/conf-smtpd?rev=1.2&content-type=text/plain |
16 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/conf-smtpd?r1=1.1&r2=1.2 |
17 |
|
18 |
Index: conf-smtpd |
19 |
=================================================================== |
20 |
RCS file: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-smtpd,v |
21 |
retrieving revision 1.1 |
22 |
retrieving revision 1.2 |
23 |
diff -p -w -b -B -u -u -r1.1 -r1.2 |
24 |
--- conf-smtpd 12 Feb 2006 18:42:33 -0000 1.1 |
25 |
+++ conf-smtpd 27 May 2013 00:45:52 -0000 1.2 |
26 |
@@ -1,5 +1,5 @@ |
27 |
# Configuration file for qmail-smtpd |
28 |
-# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-smtpd,v 1.1 2006/02/12 18:42:33 hansmi Exp $ |
29 |
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-smtpd,v 1.2 2013/05/27 00:45:52 robbat2 Exp $ |
30 |
|
31 |
# Stuff to run before tcpserver |
32 |
#QMAIL_TCPSERVER_PRE="" |
33 |
@@ -8,9 +8,6 @@ |
34 |
# Stuff to after qmail-smtpd |
35 |
#QMAIL_SMTP_POST="" |
36 |
|
37 |
-# this turns off the IDENT grab attempt on connecting |
38 |
-TCPSERVER_OPTS="${TCPSERVER_OPTS} -R" |
39 |
- |
40 |
# fixcrio inserts missing CRs at the ends of lines. See: |
41 |
# http://cr.yp.to/ucspi-tcp/fixcrio.html |
42 |
# http://cr.yp.to/docs/smtplf.html |
43 |
|
44 |
|
45 |
|
46 |
1.2 mail-mta/netqmail/files/conf-common |
47 |
|
48 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/conf-common?rev=1.2&view=markup |
49 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/conf-common?rev=1.2&content-type=text/plain |
50 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/conf-common?r1=1.1&r2=1.2 |
51 |
|
52 |
Index: conf-common |
53 |
=================================================================== |
54 |
RCS file: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-common,v |
55 |
retrieving revision 1.1 |
56 |
retrieving revision 1.2 |
57 |
diff -p -w -b -B -u -u -r1.1 -r1.2 |
58 |
--- conf-common 12 Feb 2006 18:42:33 -0000 1.1 |
59 |
+++ conf-common 27 May 2013 00:45:52 -0000 1.2 |
60 |
@@ -1,6 +1,6 @@ |
61 |
#!/bin/bash |
62 |
# Common Configuration file for all qmail daemons |
63 |
-# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-common,v 1.1 2006/02/12 18:42:33 hansmi Exp $ |
64 |
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-common,v 1.2 2013/05/27 00:45:52 robbat2 Exp $ |
65 |
|
66 |
# Qmail User IDS to run daemons as |
67 |
QMAILDUID=$(id -u qmaild) |
68 |
@@ -17,7 +17,7 @@ TCPSERVER_PORT=${SERVICE} |
69 |
|
70 |
# you do not need to specify -x, -c, -u or -g in this variable as those are |
71 |
# added later |
72 |
-TCPSERVER_OPTS="-p -v" |
73 |
+TCPSERVER_OPTS="-p -v -R" |
74 |
|
75 |
# This tells tcpserver where to file the rules cdb file |
76 |
[[ -d /etc/tcprules.d/ ]] && \ |
77 |
@@ -25,9 +25,10 @@ TCPSERVER_OPTS="-p -v" |
78 |
[[ ! -f "${TCPSERVER_RULESCDB}" ]] && \ |
79 |
TCPSERVER_RULESCDB=/etc/tcp.${SERVICE}.cdb |
80 |
|
81 |
-# we limit data and stack segments to 8mbytes, you may need to raise this if |
82 |
-# you are using a filter in QMAILQUEUE |
83 |
-SOFTLIMIT_OPTS="-m 16000000" |
84 |
+# we limit data and stack segments to 32mbytes, you may need to raise this if |
85 |
+# you are using a filter in QMAILQUEUE. |
86 |
+# Per bug #403893 amd64 needs a higher limit. |
87 |
+SOFTLIMIT_OPTS="-m 32000000" |
88 |
|
89 |
# We don't have anything to set QMAILQUEUE to at the moment, so we leave it |
90 |
# alone. Generally it is best to add this in your appropriate (usually SMTP) |
91 |
|
92 |
|
93 |
|
94 |
1.2 mail-mta/netqmail/files/servercert.cnf |
95 |
|
96 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/servercert.cnf?rev=1.2&view=markup |
97 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/servercert.cnf?rev=1.2&content-type=text/plain |
98 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/servercert.cnf?r1=1.1&r2=1.2 |
99 |
|
100 |
Index: servercert.cnf |
101 |
=================================================================== |
102 |
RCS file: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/servercert.cnf,v |
103 |
retrieving revision 1.1 |
104 |
retrieving revision 1.2 |
105 |
diff -p -w -b -B -u -u -r1.1 -r1.2 |
106 |
--- servercert.cnf 12 Feb 2006 18:42:33 -0000 1.1 |
107 |
+++ servercert.cnf 27 May 2013 00:45:52 -0000 1.2 |
108 |
@@ -1,4 +1,4 @@ |
109 |
-# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/servercert.cnf,v 1.1 2006/02/12 18:42:33 hansmi Exp $ |
110 |
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/servercert.cnf,v 1.2 2013/05/27 00:45:52 robbat2 Exp $ |
111 |
# This is the openssl config file to generate keys for qmail |
112 |
|
113 |
[ req ] |
114 |
@@ -6,7 +6,7 @@ |
115 |
# this should be a power of 2! |
116 |
default_bits = 1024 |
117 |
# leave the rest of these alone! |
118 |
-encrypt_key = yes |
119 |
+encrypt_key = no |
120 |
distinguished_name = req_dn |
121 |
x509_extensions = cert_type |
122 |
prompt = no |
123 |
|
124 |
|
125 |
|
126 |
1.2 mail-mta/netqmail/files/conf-qmtpd |
127 |
|
128 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/conf-qmtpd?rev=1.2&view=markup |
129 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/conf-qmtpd?rev=1.2&content-type=text/plain |
130 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/conf-qmtpd?r1=1.1&r2=1.2 |
131 |
|
132 |
Index: conf-qmtpd |
133 |
=================================================================== |
134 |
RCS file: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-qmtpd,v |
135 |
retrieving revision 1.1 |
136 |
retrieving revision 1.2 |
137 |
diff -p -w -b -B -u -u -r1.1 -r1.2 |
138 |
--- conf-qmtpd 12 Feb 2006 18:42:33 -0000 1.1 |
139 |
+++ conf-qmtpd 27 May 2013 00:45:52 -0000 1.2 |
140 |
@@ -1,5 +1,5 @@ |
141 |
# Configuration file for qmail-qmtpd |
142 |
-# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-qmtpd,v 1.1 2006/02/12 18:42:33 hansmi Exp $ |
143 |
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-qmtpd,v 1.2 2013/05/27 00:45:52 robbat2 Exp $ |
144 |
|
145 |
# For more information on making your servers talk QMTP |
146 |
# see http://cr.yp.to/im/mxps.html |
147 |
@@ -11,8 +11,5 @@ |
148 |
# Stuff to after qmail-qmtpd |
149 |
#QMAIL_QMTP_POST="" |
150 |
|
151 |
-# this turns off the IDENT grab attempt on connecting |
152 |
-TCPSERVER_OPTS="${TCPSERVER_OPTS} -R" |
153 |
- |
154 |
# I don't trust /etc/services to have obscure ports |
155 |
TCPSERVER_PORT=209 |
156 |
|
157 |
|
158 |
|
159 |
1.2 mail-mta/netqmail/files/conf-qmqpd |
160 |
|
161 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/conf-qmqpd?rev=1.2&view=markup |
162 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/conf-qmqpd?rev=1.2&content-type=text/plain |
163 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/conf-qmqpd?r1=1.1&r2=1.2 |
164 |
|
165 |
Index: conf-qmqpd |
166 |
=================================================================== |
167 |
RCS file: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-qmqpd,v |
168 |
retrieving revision 1.1 |
169 |
retrieving revision 1.2 |
170 |
diff -p -w -b -B -u -u -r1.1 -r1.2 |
171 |
--- conf-qmqpd 12 Feb 2006 18:42:33 -0000 1.1 |
172 |
+++ conf-qmqpd 27 May 2013 00:45:52 -0000 1.2 |
173 |
@@ -1,5 +1,5 @@ |
174 |
# Configuration file for qmail-qmqpd |
175 |
-# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-qmqpd,v 1.1 2006/02/12 18:42:33 hansmi Exp $ |
176 |
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/netqmail/files/conf-qmqpd,v 1.2 2013/05/27 00:45:52 robbat2 Exp $ |
177 |
|
178 |
# Stuff to run before tcpserver |
179 |
#QMAIL_TCPSERVER_PRE="" |
180 |
@@ -8,8 +8,5 @@ |
181 |
# Stuff to after qmail-qmqpd |
182 |
#QMAIL_QMQP_POST="" |
183 |
|
184 |
-# this turns off the IDENT grab attempt on connecting |
185 |
-TCPSERVER_OPTS="${TCPSERVER_OPTS} -R" |
186 |
- |
187 |
# I don't trust /etc/services to have obscure ports |
188 |
TCPSERVER_PORT=628 |
189 |
|
190 |
|
191 |
|
192 |
1.1 mail-mta/netqmail/files/genqmail-20080406-ldflags.patch |
193 |
|
194 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/genqmail-20080406-ldflags.patch?rev=1.1&view=markup |
195 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-mta/netqmail/files/genqmail-20080406-ldflags.patch?rev=1.1&content-type=text/plain |
196 |
|
197 |
Index: genqmail-20080406-ldflags.patch |
198 |
=================================================================== |
199 |
diff -Nuar genqmail-20080406.orig/spp/Makefile genqmail-20080406/spp/Makefile |
200 |
--- genqmail-20080406.orig/spp/Makefile 2008-04-06 15:44:14.000000000 +0000 |
201 |
+++ genqmail-20080406/spp/Makefile 2013-05-27 00:37:58.687763457 +0000 |
202 |
@@ -14,7 +14,7 @@ |
203 |
rm -f $(TARGETS) |
204 |
|
205 |
$(RESOLV_OBJS): |
206 |
- $(CC) $(CFLAGS) -o $@ $@.c -lresolv |
207 |
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $@.c -lresolv |
208 |
|
209 |
$(SIMPLE_OBJS): |
210 |
- $(CC) $(CFLAGS) -o $@ $@.c |
211 |
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $@.c |