Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/mail-mta/sendmail/files
diff options
context:
space:
mode:
authorAndrea Barisani <lcars@gentoo.org>2006-06-15 08:17:26 +0000
committerAndrea Barisani <lcars@gentoo.org>2006-06-15 08:17:26 +0000
commite732826ec71c826fb15fd1f32754a416c67eda46 (patch)
treeda5dd0de5dc54563df2ea7c9800925b531037243 /mail-mta/sendmail/files
parentdo not depend on eselect-compiler (diff)
downloadgentoo-2-e732826ec71c826fb15fd1f32754a416c67eda46.tar.gz
gentoo-2-e732826ec71c826fb15fd1f32754a416c67eda46.tar.bz2
gentoo-2-e732826ec71c826fb15fd1f32754a416c67eda46.zip
security bumo
(Portage version: 2.0.54-r2)
Diffstat (limited to 'mail-mta/sendmail/files')
-rw-r--r--mail-mta/sendmail/files/digest-sendmail-8.13.6-r11
-rw-r--r--mail-mta/sendmail/files/digest-sendmail-8.13.71
-rw-r--r--mail-mta/sendmail/files/sendmail-CVE-2006-1173.patch50
3 files changed, 52 insertions, 0 deletions
diff --git a/mail-mta/sendmail/files/digest-sendmail-8.13.6-r1 b/mail-mta/sendmail/files/digest-sendmail-8.13.6-r1
new file mode 100644
index 000000000000..1f17765b98d3
--- /dev/null
+++ b/mail-mta/sendmail/files/digest-sendmail-8.13.6-r1
@@ -0,0 +1 @@
+MD5 484cca51f74b5e562b3cf119ceb2f900 sendmail.8.13.6.tar.gz 1986576
diff --git a/mail-mta/sendmail/files/digest-sendmail-8.13.7 b/mail-mta/sendmail/files/digest-sendmail-8.13.7
new file mode 100644
index 000000000000..8bbc5e13735b
--- /dev/null
+++ b/mail-mta/sendmail/files/digest-sendmail-8.13.7
@@ -0,0 +1 @@
+MD5 5327e065cb0c1919122c8cecbeddbc28 sendmail.8.13.7.tar.gz 2010008
diff --git a/mail-mta/sendmail/files/sendmail-CVE-2006-1173.patch b/mail-mta/sendmail/files/sendmail-CVE-2006-1173.patch
new file mode 100644
index 000000000000..5866d7aba5d4
--- /dev/null
+++ b/mail-mta/sendmail/files/sendmail-CVE-2006-1173.patch
@@ -0,0 +1,50 @@
+--- sendmail/mime.c 24 Mar 2006 03:17:06 -0000 8.140
++++ sendmail/mime.c 27 Apr 2006 22:56:16 -0000 8.141
+@@ -242,7 +242,9 @@
+ */
+
+ if (sm_strcasecmp(type, "multipart") == 0 &&
+- (!bitset(M87F_NO8BIT, flags) || bitset(M87F_NO8TO7, flags)))
++ (!bitset(M87F_NO8BIT, flags) || bitset(M87F_NO8TO7, flags)) &&
++ !bitset(EF_TOODEEP, e->e_flags)
++ )
+ {
+
+ if (sm_strcasecmp(subtype, "digest") == 0)
+@@ -286,10 +288,13 @@
+ }
+ if (i >= MAXMIMENESTING)
+ {
+- usrerr("mime8to7: multipart nesting boundary too deep");
++ if (tTd(43, 4))
++ sm_dprintf("mime8to7: too deep, i=%d\n", i);
++ if (!bitset(EF_TOODEEP, e->e_flags))
++ usrerr("mime8to7: multipart nesting boundary too deep");
+
+ /* avoid bounce loops */
+- e->e_flags |= EF_DONT_MIME;
++ e->e_flags |= EF_DONT_MIME|EF_TOODEEP;
+ }
+ else
+ {
+@@ -374,7 +379,8 @@
+
+ if (sm_strcasecmp(type, "message") == 0)
+ {
+- if (!wordinclass(subtype, 's'))
++ if (!wordinclass(subtype, 's') ||
++ bitset(EF_TOODEEP, e->e_flags))
+ {
+ flags |= M87F_NO8BIT;
+ }
+--- sendmail/sendmail.h 22 Mar 2006 22:58:39 -0000 8.1007
++++ sendmail/sendmail.h 27 Apr 2006 22:56:16 -0000 8.1008
+@@ -942,6 +942,7 @@
+ #define EF_TOOBIG 0x02000000L /* message is too big */
+ #define EF_SPLIT 0x04000000L /* envelope has been split */
+ #define EF_UNSAFE 0x08000000L /* unsafe: read from untrusted source */
++#define EF_TOODEEP 0x10000000L /* message is nested too deep */
+
+ #define DLVR_NOTIFY 0x01
+ #define DLVR_RETURN 0x02
+