diff options
| author |   Fabian Groffen <grobian@gentoo.org> | 2020-06-08 10:05:57 +0200 |
|---|---|---|
| committer | Fabian Groffen <grobian@gentoo.org> | 2020-06-08 10:06:10 +0200 |
| commit | 6a18f75bc0b98b1bc66844c82d5eee10eac9dfd7 (patch) | |
| tree | 1fa91c0465f6ab4788b85aa02136423ca5d58127 /mail-mta | |
| parent | mail-mta/exim-4.94: add warning about local_part being renamed (diff) | |
| download | gentoo-6a18f75bc0b98b1bc66844c82d5eee10eac9dfd7.tar.gz gentoo-6a18f75bc0b98b1bc66844c82d5eee10eac9dfd7.tar.bz2 gentoo-6a18f75bc0b98b1bc66844c82d5eee10eac9dfd7.zip | |
mail-mta/exim-4.94-r1: fix PAM expansion, bug #727310
Closes: https://bugs.gentoo.org/727310
Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Fabian Groffen <grobian@gentoo.org>
Diffstat (limited to 'mail-mta')
| -rw-r--r-- | mail-mta/exim/exim-4.94-r1.ebuild (renamed from mail-mta/exim/exim-4.94.ebuild) | 1 | ||||
| -rw-r--r-- | mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch | 35 |
2 files changed, 36 insertions, 0 deletions
diff --git a/mail-mta/exim/exim-4.94.ebuild b/mail-mta/exim/exim-4.94-r1.ebuild index cc977b34b9a7..52358f32bef5 100644 --- a/mail-mta/exim/exim-4.94.ebuild +++ b/mail-mta/exim/exim-4.94-r1.ebuild @@ -114,6 +114,7 @@ src_prepare() { eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591 eapply "${FILESDIR}"/exim-4.69-r1.27021.patch eapply "${FILESDIR}"/exim-4.94-localscan_dlopen.patch + eapply -p2 "${FILESDIR}"/exim-4.94-taint-pam-expansion.patch # drop on NR if use maildir ; then eapply "${FILESDIR}"/exim-4.94-maildir.patch diff --git a/mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch b/mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch new file mode 100644 index 000000000000..81863d340edb --- /dev/null +++ b/mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch @@ -0,0 +1,35 @@ +From f7f933a199be8bb7362c715e0040545b514cddca Mon Sep 17 00:00:00 2001 +From: Jeremy Harris <jgh146exb@wizmail.org> +Date: Tue, 2 Jun 2020 14:50:31 +0100 +Subject: [PATCH] Taint: fix pam expansion condition. Bug 2587 + +--- + doc/doc-txt/ChangeLog | 5 +++++ + src/src/auths/call_pam.c | 5 ++--- + 2 files changed, 7 insertions(+), 3 deletions(-) + +modified for gentoo so the patch applies by dropping Changelog part + +diff --git a/src/src/auths/call_pam.c b/src/src/auths/call_pam.c +index 2959cbbf3..80bb23ec3 100644 +--- a/src/src/auths/call_pam.c ++++ b/src/src/auths/call_pam.c +@@ -83,8 +83,7 @@ for (int i = 0; i < num_msg; i++) + { + case PAM_PROMPT_ECHO_ON: + case PAM_PROMPT_ECHO_OFF: +- arg = string_nextinlist(&pam_args, &sep, big_buffer, big_buffer_size); +- if (!arg) ++ if (!(arg = string_nextinlist(&pam_args, &sep, NULL, 0))) + { + arg = US""; + pam_arg_ended = TRUE; +@@ -155,7 +154,7 @@ pam_arg_ended = FALSE; + fail. PAM doesn't support authentication with an empty user (it prompts for it, + causing a potential mis-interpretation). */ + +-user = string_nextinlist(&pam_args, &sep, big_buffer, big_buffer_size); ++user = string_nextinlist(&pam_args, &sep, NULL, 0); + if (user == NULL || user[0] == 0) return FAIL; + + /* Start off PAM interaction */ |