Date: Thu, 7 Mar 2024 14:15:51 GMT From: Norikatsu Shigemura <nork@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: d1ebdbe935e6 - main - mail/opendkim: Security fix for CVE-2022-48521 Message-ID: <202403071415.427EFpRT041247@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by nork: URL: https://cgit.FreeBSD.org/ports/commit/?id=d1ebdbe935e64935459953aa49e47538724736fb commit d1ebdbe935e64935459953aa49e47538724736fb Author: Yasuhito FUTATSUKI <freebsd-bug-report-yf@yf.bsdclub.org> AuthorDate: 2024-03-07 14:15:00 +0000 Commit: Norikatsu Shigemura <nork@FreeBSD.org> CommitDate: 2024-03-07 14:15:00 +0000 mail/opendkim: Security fix for CVE-2022-48521 PR: 277319 Security: CVE-2022-48521 Approved by: hrs (mentor), maintainer timeout --- mail/opendkim/Makefile | 2 +- mail/opendkim/files/patch-opendkim_opendkim.c | 36 +++++++++++++++++++++++++++ 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/mail/opendkim/Makefile b/mail/opendkim/Makefile index 17a8669827dc..9e10cdd23229 100644 --- a/mail/opendkim/Makefile +++ b/mail/opendkim/Makefile @@ -1,6 +1,6 @@ PORTNAME= opendkim PORTVERSION= 2.10.3 -PORTREVISION= 17 +PORTREVISION= 18 CATEGORIES= mail security MASTER_SITES= SF/${PORTNAME} \ SF/${PORTNAME}/Previous%20Releases \ diff --git a/mail/opendkim/files/patch-opendkim_opendkim.c b/mail/opendkim/files/patch-opendkim_opendkim.c new file mode 100644 index 000000000000..8ec336794477 --- /dev/null +++ b/mail/opendkim/files/patch-opendkim_opendkim.c @@ -0,0 +1,36 @@ +commit 7c70ee7c86da1cecc621182355cc950d3b193314 +Author: David Bürgin <dbuergin@gluet.ch> +Date: Sat Oct 14 09:19:37 2023 +0200 + + Delete Authentication-Results headers in reverse + +diff --git opendkim/opendkim.c opendkim/opendkim.c +index 803f37b0..cfa5f018 100644 +--- opendkim/opendkim.c ++++ opendkim/opendkim.c +@@ -13653,8 +13653,15 @@ mlfi_eom(SMFICTX *ctx) + return SMFIS_TEMPFAIL; + } + +- c = 0; ++ c = 1; ++ + for (hdr = dfc->mctx_hqhead; hdr != NULL; hdr = hdr->hdr_next) ++ { ++ if (strcasecmp(hdr->hdr_hdr, AUTHRESULTSHDR) == 0) ++ c++; ++ } ++ ++ for (hdr = dfc->mctx_hqtail; hdr != NULL; hdr = hdr->hdr_prev) + { + memset(ares, '\0', sizeof(struct authres)); + +@@ -13666,7 +13673,7 @@ mlfi_eom(SMFICTX *ctx) + char *slash; + + /* remember index */ +- c++; ++ c--; + + /* parse the header */ + arstat = ares_parse((u_char *) hdr->hdr_val,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202403071415.427EFpRT041247>