diff options
| author |   Christopher Fore <csfore@posteo.net> | 2024-04-22 00:05:04 -0400 |
|---|---|---|
| committer |   Bernard Cafarelli <voyageur@gentoo.org> | 2024-04-22 17:51:30 +0200 |
| commit | cbf4ae0b94c68b61515b0db19ac301ca8743deb8 (patch) | |
| tree | fd0fd6ddd8a00f6baac4cf088915469f07ddd149 /net-libs/libetpan | |
| parent | media-gfx/argyllcms: add 3.2.0 (diff) | |
| download | gentoo-cbf4ae0b94c68b61515b0db19ac301ca8743deb8.tar.gz gentoo-cbf4ae0b94c68b61515b0db19ac301ca8743deb8.tar.bz2 gentoo-cbf4ae0b94c68b61515b0db19ac301ca8743deb8.zip | |
net-libs/libetpan: Add patch for CVE-2022-4121
- Also bump EAPI to version 8
- Build succeeds on amd64
- Tests don't seem to run
Bug: https://bugs.gentoo.org/891263
Signed-off-by: Christopher Fore <csfore@posteo.net>
Closes: https://github.com/gentoo/gentoo/pull/36351
Signed-off-by: Bernard Cafarelli <voyageur@gentoo.org>
Diffstat (limited to 'net-libs/libetpan')
| -rw-r--r-- | net-libs/libetpan/files/libetpan-1.9.4-CVE-2022-4121.patch | 29 | ||||
| -rw-r--r-- | net-libs/libetpan/libetpan-1.9.4-r2.ebuild | 78 |
2 files changed, 107 insertions, 0 deletions
diff --git a/net-libs/libetpan/files/libetpan-1.9.4-CVE-2022-4121.patch b/net-libs/libetpan/files/libetpan-1.9.4-CVE-2022-4121.patch new file mode 100644 index 000000000000..2d97ac8e972e --- /dev/null +++ b/net-libs/libetpan/files/libetpan-1.9.4-CVE-2022-4121.patch @@ -0,0 +1,29 @@ +From 5c9eb6b6ba64c4eb927d7a902317410181aacbba Mon Sep 17 00:00:00 2001 +From: Hoa Dinh <hoa@dinhvh.me> +Date: Mon, 19 Dec 2022 08:16:32 -0800 +Subject: [PATCH] Fixed crash when st_info_list is NULL. Fixes #420. Fixes + CVE-2022-4121. + +--- + src/low-level/imap/mailimap_types.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/src/low-level/imap/mailimap_types.c b/src/low-level/imap/mailimap_types.c +index 9923125c..79a0cc23 100644 +--- a/src/low-level/imap/mailimap_types.c ++++ b/src/low-level/imap/mailimap_types.c +@@ -1389,9 +1389,11 @@ void + mailimap_mailbox_data_status_free(struct mailimap_mailbox_data_status * info) + { + mailimap_mailbox_free(info->st_mailbox); +- clist_foreach(info->st_info_list, (clist_func) mailimap_status_info_free, +- NULL); +- clist_free(info->st_info_list); ++ if (info->st_info_list != NULL) { ++ clist_foreach(info->st_info_list, (clist_func) mailimap_status_info_free, ++ NULL); ++ clist_free(info->st_info_list); ++ } + free(info); + } + diff --git a/net-libs/libetpan/libetpan-1.9.4-r2.ebuild b/net-libs/libetpan/libetpan-1.9.4-r2.ebuild new file mode 100644 index 000000000000..149c51e7ac5f --- /dev/null +++ b/net-libs/libetpan/libetpan-1.9.4-r2.ebuild @@ -0,0 +1,78 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit autotools + +DESCRIPTION="A portable, efficient middleware for different kinds of mail access" +HOMEPAGE="https://libetpan.sourceforge.net/" +SRC_URI="https://github.com/dinhviethoa/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos" +IUSE="berkdb gnutls ipv6 liblockfile lmdb sasl ssl static-libs" + +# BerkDB is only supported up to version 6.0 +DEPEND="sys-libs/zlib + !lmdb? ( berkdb? ( sys-libs/db:= ) ) + lmdb? ( dev-db/lmdb ) + ssl? ( + gnutls? ( net-libs/gnutls:= ) + !gnutls? ( + dev-libs/openssl:0= + ) + ) + sasl? ( dev-libs/cyrus-sasl:2 ) + liblockfile? ( net-libs/liblockfile )" +RDEPEND="${DEPEND}" + +PATCHES=( + "${FILESDIR}"/${PN}-1.0-nonnull.patch + "${FILESDIR}"/${PN}-1.9.4-berkdb_lookup.patch #519846 + "${FILESDIR}"/${PN}-1.9.4-pkgconfig_file_no_ldflags.patch + "${FILESDIR}"/${P}-CVE-2020-15953.patch #734130 + "${FILESDIR}"/${P}-CVE-2022-4121.patch #891263 +) + +pkg_pretend() { + if use gnutls && ! use ssl ; then + ewarn "You have \"gnutls\" USE flag enabled but \"ssl\" USE flag disabled!" + ewarn "No ssl support will be available in ${PN}." + fi + + if use berkdb && use lmdb ; then + ewarn "You have \"berkdb\" _and_ \"lmdb\" USE flags enabled." + ewarn "Using lmdb as cache DB!" + fi +} + +src_prepare() { + default + eautoreconf +} + +src_configure() { + # in Prefix emake uses SHELL=${BASH}, export CONFIG_SHELL to the same so + # libtool recognises it as valid shell (bug #300211) + use prefix && export CONFIG_SHELL=${BASH} + local myeconfargs=( + # --enable-debug simply injects "-O2 -g" into CFLAGS + --disable-debug + $(use_enable ipv6) + $(use_enable liblockfile lockfile) + $(use_enable static-libs static) + $(use_with sasl) + $(usex lmdb '--enable-lmdb --disable-db' "$(use_enable berkdb db) --disable-lmdb") + $(usex ssl "$(use_with gnutls) $(use_with !gnutls openssl)" '--without-gnutls --without-openssl') + ) + econf "${myeconfargs[@]}" +} + +src_install() { + default + find "${ED}" -name "*.la" -delete || die + if ! use static-libs ; then + find "${ED}" -name "*.a" -delete || die + fi +} |