rpms/ssmtp/EL-4 ssmtp-md5auth-non-rsa, 1.1, 1.2 ssmtp-password-leak.patch, 1.1, 1.2 ssmtp.spec, 1.9, 1.10

Fri Sep 12 19:31:55 UTC 2008

Author: wolfy

Update of /cvs/pkgs/rpms/ssmtp/EL-4
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv4256

Modified Files:
	ssmtp-md5auth-non-rsa ssmtp-password-leak.patch ssmtp.spec 
Log Message:
* Fri Sep 12 2008 Manuel "lonely wolf" Wolfshant <wolfy at nobugconsulting.ro> 2.61-11.6.1
- use conditionals to consolidate specs for Fedora and EPEL
- fix CVE-2008-3962
- cleanup patches



Index: ssmtp-md5auth-non-rsa
===================================================================
RCS file: /cvs/pkgs/rpms/ssmtp/EL-4/ssmtp-md5auth-non-rsa,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2

--- ssmtp-md5auth-non-rsa	17 Oct 2007 00:18:13 -0000	1.1
+++ ssmtp-md5auth-non-rsa	12 Sep 2008 19:31:25 -0000	1.2
@@ -7391,38 +7391,3 @@
  
  	for (i = 0; i < MD5_DIGEST_LEN; i++) {
  		digascii[2 * i] = hextab[digest[i] >> 4];
-diff -Nupr ssmtp-2.61.orig/ssmtp.c.orig ssmtp-2.61/ssmtp.c.orig
---- ssmtp-2.61.orig/ssmtp.c.orig	2007-10-17 02:20:25.000000000 +0300
-+++ ssmtp-2.61/ssmtp.c.orig	2007-10-17 02:29:11.000000000 +0300
-@@ -708,6 +708,10 @@ void header_save(char *str)
- 		else if(strncasecmp(ht->string, "Bcc:", 4) == 0) {
- 			p = (ht->string + 4);
- 			rcpt_parse(p);
-+                        /* Undo adding the header to the list: */
-+                        free(ht->string);
-+                        ht->string = NULL;
-+                        return;
- 		}
- 		else if(strncasecmp(ht->string, "CC:", 3) == 0) {
- 			p = (ht->string + 3);
-@@ -1406,6 +1410,7 @@ int ssmtp(char *argv[])
- 	struct passwd *pw;
- 	int i, sock;
- 	uid_t uid;
-+	bool_t minus_v_save;
- 	int timeout = 0;
- 
- 	outbytes = 0;
-@@ -1522,7 +1527,12 @@ int ssmtp(char *argv[])
- #ifdef MD5AUTH
- 		}
- #endif
-+		/* We do NOT want the password output to STDERR
-+		 * even base64 encoded.*/
-+		minus_v_save = minus_v;
-+		minus_v = False;
- 		outbytes += smtp_write(sock, "%s", buf);
-+		minus_v = minus_v_save;
- 		(void)alarm((unsigned) MEDWAIT);
- 
- 		if(smtp_okay(sock, buf) == False) {

ssmtp-password-leak.patch:

Index: ssmtp-password-leak.patch
===================================================================
RCS file: /cvs/pkgs/rpms/ssmtp/EL-4/ssmtp-password-leak.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- ssmtp-password-leak.patch	8 Dec 2006 00:09:53 -0000	1.1
+++ ssmtp-password-leak.patch	12 Sep 2008 19:31:25 -0000	1.2
@@ -1,6 +1,6 @@
 --- ssmtp-2.61.redhat/ssmtp.c	2006-12-08 01:25:35.000000000 +0200
 +++ ssmtp-2.61.debian/ssmtp.c	2006-12-08 01:24:25.000000000 +0200
-@@ -1404,6 +1406,7 @@
+@@ -1406,6 +1404,7 @@
  	struct passwd *pw;
  	int i, sock;
  	uid_t uid;
@@ -8,7 +8,7 @@
  	int timeout = 0;
  
  	outbytes = 0;
-@@ -1520,7 +1523,12 @@
+@@ -1522,7 +1521,12 @@
  #ifdef MD5AUTH
  		}
  #endif


Index: ssmtp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ssmtp/EL-4/ssmtp.spec,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- ssmtp.spec	17 Oct 2007 00:18:13 -0000	1.9
+++ ssmtp.spec	12 Sep 2008 19:31:25 -0000	1.10
@@ -1,6 +1,6 @@
 Name:		ssmtp
 Version:	2.61
-Release:	11.4%{?dist}
+Release:	11.6%{?dist}.1
 Summary:	Extremely simple MTA to get mail off the system to a Mailhub
 Group:		Applications/Internet
 License:	GPLv2+
@@ -16,8 +16,13 @@
 # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=340803
 # replaces RSA's md5 with a GPL compatible implementation
 Patch6:		%{name}-md5auth-non-rsa
+Patch7:		%{name}-unitialized-strdup.patch
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-Provides:	MTA smtpdaemon %{_sbindir}/sendmail 
+#hack around wrong requires for mutt and mdadm
+%if 0%{?rhel}
+Provides:	MTA smtpdaemon
+%endif
+Provides:	%{_sbindir}/sendmail 
 Requires(post):	%{_sbindir}/alternatives
 Requires(preun):	%{_sbindir}/alternatives
 BuildRequires:	openssl-devel
@@ -35,24 +40,25 @@
 
 %prep
 %setup -q
-%patch -p1
+%patch0 -p1
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
+%patch7 -p1
 
 
 %build
 #on RHEL3 krb5 is somewhere else
 #test -e /usr/include/krb5.h || CPPFLAGS="-I/usr/kerberos/include"
 #CPPFLAGS=$(pkg-config --cflags-only-I openssl)
-%if "0%{?dist}" == "0el3" 
+%if "0%{?dist}" == "0.el3" 
 	%define cppflags -I/usr/kerberos/include
 %endif
 %configure --enable-ssl --enable-md5auth --enable-inet6
-%if "0%{?dist}" == "0el3" 
+%if "0%{?dist}" == "0.el3" 
 	make %{?_smp_mflags} CPPFLAGS=%{cppflags}
 %else
 	make %{?_smp_mflags}
@@ -115,6 +121,30 @@
 
 
 %changelog
+* Fri Sep 12 2008 Manuel "lonely wolf" Wolfshant <wolfy at nobugconsulting.ro> 2.61-11.6.1
+- use conditionals to consolidate specs for Fedora and EPEL
+
+* Thu Sep 11 2008 Manuel "lonely wolf" Wolfshant <wolfy at nobugconsulting.ro> 2.61-11.6
+- patch to fix CVE-2008-3962 (courtesy https://bugs.gentoo.org/127592)
+- cleanup of other patches, make build with fuzz=0
+
+* Sat Aug 02 2008 Manuel "lonely wolf" Wolfshant <wolfy at nobugconsulting.ro> 2.61-11.5.4
+- work around rpmbuild more strict syntax checker
+
+* Tue Feb 12 2008 Manuel "lonely wolf" Wolfshant <wolfy at nobugconsulting.ro> 2.61-11.5.3
+- rebuilt for gcc 4.3.0
+
+* Wed Dec 5 2007 lonely wolf <wolfy at nobugconsulting.ro> 2.61-11.5.2
+- rebuilt for newer openssl
+- fix usage of disttag for compatibility with mock + el3
+
+* Wed Oct 24 2007 lonely wolf <wolfy at nobugconsulting.ro> 2.61-11.5.1
+- adds back /usr/sbin/sendmail provides, rpmbuild by default does not add it
+
+* Wed Oct 24 2007 lonely wolf <wolfy at nobugconsulting.ro> 2.61-11.5
+- fixes https://bugzilla.redhat.com/show_bug.cgi?id=235594 by removing MTA
+  and smtpdaemon provides, as the packages which required those were fixed
+
 * Tue Oct 16 2007 lonely wolf <wolfy at nobugconsulting.ro> 2.61-11.4
 - includes patch from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=340803
   replacing md5 from RSA with a version released under GPLv2+


