mail-filter/opendmarc-1.3.3: version bump for security, bug #734158

Bug: https://bugs.gentoo.org/734158 Package-Manager: Portage-2.3.103, Repoman-2.3.23 Signed-off-by: Fabian Groffen <[email protected]>
johu · Sep 10, 2020 · 69c7c3a · 69c7c3a
1 parent 52fc47e
commit 69c7c3a
Show file tree

Hide file tree

Showing 3 changed files with 120 additions and 0 deletions.
diff --git a/mail-filter/opendmarc/Manifest b/mail-filter/opendmarc/Manifest
@@ -1 +1,2 @@
 DIST opendmarc-1.3.2.tar.gz 593448 BLAKE2B 80f47a82e38c6cdc5791a695485262c50e9363b81537a52d7af204bd6a830df6eea9e9b6f710b72b7934c3ab7df800def7d4b3e54f53b8908a7f1b42bcea2b2d SHA512 6045fb7d2be8f0ffdeca07324857d92908a41c6792749017c2fcc1058f05f55317b1919c67c780827dd7094ec8fff2e1fa4aeb5bab7ff7461537957af2652748
+DIST opendmarc-1.3.3.tar.gz 575319 BLAKE2B 72dae5553fea9a51d860aaac6d85171a245584a74134df2249217a88f3da04c4eb518141f6342e281c6a9186345d69a34b585dc3ed18bdb53313374db505f4f5 SHA512 bb4bf8e3ad2d1732b07e55316819d4fd708e529b54a336d7d00763e13bfc62580bb1b30f132fa786dbca15e526e8dd5e146c7be454e1c42714a9f57126fc5e12
diff --git a/mail-filter/opendmarc/files/opendmarc-1.3.3-CVE-2020-12460.patch b/mail-filter/opendmarc/files/opendmarc-1.3.3-CVE-2020-12460.patch
@@ -0,0 +1,41 @@
+From 50d28af25d8735504b6103537228ce7f76ad765f Mon Sep 17 00:00:00 2001
+From: "Murray S. Kucherawy" <[email protected]>
+Date: Wed, 5 Aug 2020 21:56:01 +0000
+Subject: [PATCH] In opendmarc_xml_parse(), ensure NULL-termination of the
+ buffer passed to opendmarc_xml().
+
+---
+ libopendmarc/opendmarc_xml.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/libopendmarc/opendmarc_xml.c b/libopendmarc/opendmarc_xml.c
+index 26bb9dc..b3ac55a 100644
+--- a/libopendmarc/opendmarc_xml.c
++++ b/libopendmarc/opendmarc_xml.c
+@@ -158,7 +158,7 @@ opendmarc_xml(char *b, size_t blen, char *e, size_t elen)
+ 			if (*cp != '<')
+ 				continue;
+ 			++cp;
+-			for(sp = cp; *sp != '\0'; ++sp)
++			for (sp = cp; *sp != '\0'; ++sp)
+ 			{
+ 				if (*sp == '?')
+ 					break;
+@@ -546,7 +546,7 @@ opendmarc_xml_parse(char *fname, char *err_buf, size_t err_len)
+ 	if (fname == NULL)
+ 	{
+ 		xerror = errno;
+-		(void) snprintf(err_buf, err_len, "%s: %s", fname, "File name was NULL");
++		(void) snprintf(err_buf, err_len, "%s", "File name was NULL");
+ 		errno = EINVAL;
+ 		return NULL;
+ 	}
+@@ -572,7 +572,7 @@ opendmarc_xml_parse(char *fname, char *err_buf, size_t err_len)
+ 		return NULL;
+ 	}
+
+-	bufp = calloc(statb.st_size, 1);
++	bufp = calloc(statb.st_size + 1, 1);
+ 	if (bufp == NULL)
+ 	{
+ 		xerror = errno;
diff --git a/mail-filter/opendmarc/opendmarc-1.3.3.ebuild b/mail-filter/opendmarc/opendmarc-1.3.3.ebuild
@@ -0,0 +1,78 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools user multilib systemd
+
+DESCRIPTION="Open source DMARC implementation "
+HOMEPAGE="http://www.trusteddomain.org/opendmarc/"
+SRC_URI="https://github.com/trusteddomainproject/OpenDMARC/archive/rel-${PN}-${PV//./-}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+IUSE="spf +reports static-libs"
+
+DEPEND="reports? ( dev-perl/DBI )
+	|| ( mail-filter/libmilter mail-mta/sendmail )"
+RDEPEND="${DEPEND}
+	reports? (
+		dev-perl/DBD-mysql
+		dev-perl/HTTP-Message
+		dev-perl/Switch
+	)
+	spf? ( mail-filter/libspf2 )"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-1.3.2-multiple-From.patch
+	"${FILESDIR}"/${PN}-1.3.3-CVE-2020-12460.patch
+)
+
+S=${WORKDIR}/OpenDMARC-rel-${PN}-${PV//./-}
+
+pkg_setup() {
+	enewgroup milter
+	enewuser milter -1 -1 /var/lib/milter milter
+}
+
+src_prepare() {
+	default
+
+	# fix issue after they removed docs
+	sed -i -e '/^\s\+docs\/Makefile/d' configure.ac || die
+
+	eautoreconf
+	if use !reports ; then
+		sed -i -e '/^SUBDIRS =/s/reports//' Makefile.in || die
+	fi
+}
+
+src_configure() {
+	econf \
+		$(use_with spf) \
+		$(use_with spf spf2-include "${EPREFIX}"/usr/include/spf2) \
+		$(use_with spf spf2-lib "${EPREFIX}"/usr/$(get_libdir)) \
+		$(use_enable static-libs static)
+}
+
+src_install() {
+	default
+
+	use static-libs || rm -f "${ED}"/usr/$(get_libdir)/*.la
+
+	newinitd "${FILESDIR}"/opendmarc.initd opendmarc
+	newconfd "${FILESDIR}"/opendmarc.confd opendmarc
+	systemd_dounit "${FILESDIR}/${PN}.service"
+
+	dodir /etc/opendmarc
+
+	# create config file
+	sed \
+		-e 's:^# UserID .*$:UserID milter:' \
+		-e "s:^# PidFile .*:PidFile ${EPREFIX}/var/run/opendmarc/opendmarc.pid:" \
+		-e '/^# Socket /s:^# ::' \
+		"${S}"/opendmarc/opendmarc.conf.sample \
+		> "${ED}"/etc/opendmarc/opendmarc.conf \
+		|| die
+}
Original file line number	Diff line number	Diff line change
		@@ -1 +1,2 @@
		DIST opendmarc-1.3.2.tar.gz 593448 BLAKE2B 80f47a82e38c6cdc5791a695485262c50e9363b81537a52d7af204bd6a830df6eea9e9b6f710b72b7934c3ab7df800def7d4b3e54f53b8908a7f1b42bcea2b2d SHA512 6045fb7d2be8f0ffdeca07324857d92908a41c6792749017c2fcc1058f05f55317b1919c67c780827dd7094ec8fff2e1fa4aeb5bab7ff7461537957af2652748
		DIST opendmarc-1.3.3.tar.gz 575319 BLAKE2B 72dae5553fea9a51d860aaac6d85171a245584a74134df2249217a88f3da04c4eb518141f6342e281c6a9186345d69a34b585dc3ed18bdb53313374db505f4f5 SHA512 bb4bf8e3ad2d1732b07e55316819d4fd708e529b54a336d7d00763e13bfc62580bb1b30f132fa786dbca15e526e8dd5e146c7be454e1c42714a9f57126fc5e12