80 lines
2.8 KiB
Diff
80 lines
2.8 KiB
Diff
From f4ddc59778ebaa1bd58ba89aaee44a56049eec3f Mon Sep 17 00:00:00 2001
|
|
From: catvayor <catvayor@katvayor.net>
|
|
Date: Fri, 20 Dec 2024 11:49:04 +0100
|
|
Subject: [PATCH] revert: procmail to 3.22
|
|
|
|
---
|
|
pkgs/by-name/pr/procmail/CVE-2014-3618.patch | 18 ++++++++++++++++++
|
|
pkgs/by-name/pr/procmail/package.nix | 19 +++++++++----------
|
|
2 files changed, 27 insertions(+), 10 deletions(-)
|
|
create mode 100644 pkgs/by-name/pr/procmail/CVE-2014-3618.patch
|
|
|
|
diff --git a/pkgs/by-name/pr/procmail/CVE-2014-3618.patch b/pkgs/by-name/pr/procmail/CVE-2014-3618.patch
|
|
new file mode 100644
|
|
index 000000000000..e3aa5600e40e
|
|
--- /dev/null
|
|
+++ b/pkgs/by-name/pr/procmail/CVE-2014-3618.patch
|
|
@@ -0,0 +1,18 @@
|
|
+From http://seclists.org/oss-sec/2014/q3/495 (with whitespace corrected).
|
|
+
|
|
+--- a/src/formisc.c 2013-08-04 00:13:33.000000000 -0700
|
|
++++ b/src/formisc.c 2014-09-03 11:42:25.986002396 -0700
|
|
+@@ -84,12 +84,11 @@
|
|
+ case '"':*target++=delim='"';start++;
|
|
+ }
|
|
+ ;{ int i;
|
|
+- do
|
|
++ while(*start)
|
|
+ if((i= *target++= *start++)==delim) /* corresponding delimiter? */
|
|
+ break;
|
|
+ else if(i=='\\'&&*start) /* skip quoted character */
|
|
+ *target++= *start++;
|
|
+- while(*start); /* anything? */
|
|
+ }
|
|
+ hitspc=2;
|
|
+ }
|
|
diff --git a/pkgs/by-name/pr/procmail/package.nix b/pkgs/by-name/pr/procmail/package.nix
|
|
index dfb4bdb5a895..be9187234c12 100644
|
|
--- a/pkgs/by-name/pr/procmail/package.nix
|
|
+++ b/pkgs/by-name/pr/procmail/package.nix
|
|
@@ -8,20 +8,19 @@
|
|
|
|
stdenv.mkDerivation rec {
|
|
pname = "procmail";
|
|
- version = "3.24";
|
|
+ version = "3.22";
|
|
|
|
src = fetchurl {
|
|
- url = "https://github.com/BuGlessRB/procmail/archive/refs/tags/v${version}.tar.gz";
|
|
- sha256 = "UU6kMzOXg+ld+TIeeUdx5Ih7mCOsVf2yRpcCz2m9OYk=";
|
|
+ url = "ftp://ftp.fu-berlin.de/pub/unix/mail/procmail/procmail-${version}.tar.gz";
|
|
+ sha256 = "05z1c803n5cppkcq99vkyd5myff904lf9sdgynfqngfk9nrpaz08";
|
|
};
|
|
|
|
patches = [
|
|
- # Fix clang-16 and gcc-14 build failures:
|
|
- # https://github.com/BuGlessRB/procmail/pull/7
|
|
- (fetchpatch {
|
|
- name = "clang-16.patch";
|
|
- url = "https://github.com/BuGlessRB/procmail/commit/8cfd570fd14c8fb9983859767ab1851bfd064b64.patch";
|
|
- hash = "sha256-CaQeDKwF0hNOrxioBj7EzkCdJdsq44KwkfA9s8xK88g=";
|
|
+ ./CVE-2014-3618.patch
|
|
+ (fetchurl {
|
|
+ url = "https://sources.debian.org/data/main/p/procmail/3.22-26/debian/patches/30";
|
|
+ sha256 = "11zmz1bj0v9pay3ldmyyg7473b80h89gycrhndsgg9q50yhcqaaq";
|
|
+ name = "CVE-2017-16844";
|
|
})
|
|
];
|
|
|
|
@@ -55,7 +54,7 @@ stdenv.mkDerivation rec {
|
|
|
|
meta = with lib; {
|
|
description = "Mail processing and filtering utility";
|
|
- homepage = "https://github.com/BuGlessRB/procmail/";
|
|
+ homepage = "http://www.procmail.org/";
|
|
license = licenses.gpl2;
|
|
platforms = platforms.unix;
|
|
maintainers = with maintainers; [ gebner ];
|
|
--
|
|
2.47.0
|
|
|