[Midnightbsd-cvs] mports: mail/fetchmail: CVE-2007-4565

[laffer1 at midnightbsd.org]

Log Message:
-----------
CVE-2007-4565

Modified Files:
--------------
    mports/mail/fetchmail:
        Makefile (r1.5 -> r1.6)

Added Files:
-----------
    mports/mail/fetchmail/files:
        patch-CVE-2007-4565 (r1.1)

-------------- next part --------------
Index: Makefile
===================================================================
RCS file: /home/cvs/mports/mail/fetchmail/Makefile,v
retrieving revision 1.5
retrieving revision 1.6
diff -Lmail/fetchmail/Makefile -Lmail/fetchmail/Makefile -u -r1.5 -r1.6
--- mail/fetchmail/Makefile
+++ mail/fetchmail/Makefile
@@ -12,6 +12,7 @@
 
 PORTNAME=	fetchmail
 PORTVERSION=	6.3.8
+PORTREVISION=	1
 CATEGORIES=	mail ipv6
 MASTER_SITES=	${MASTER_SITE_BERLIOS} \
 		${MASTER_SITE_SUNSITE:S/$/:sunsite/
--- /dev/null
+++ mail/fetchmail/files/patch-CVE-2007-4565
@@ -0,0 +1,11 @@
+--- sink.c	(revision 5118)
++++ sink.c	(revision 5119)
+@@ -262,7 +262,7 @@
+     const char *md1 = "MAILER-DAEMON", *md2 = "MAILER-DAEMON@";
+ 
+     /* don't bounce in reply to undeliverable bounces */
+-    if (!msg->return_path[0] ||
++    if (!msg || !msg->return_path[0] ||
+ 	strcmp(msg->return_path, "<>") == 0 ||
+ 	strcasecmp(msg->return_path, md1) == 0 ||
+ 	strncasecmp(msg->return_path, md2, strlen(md2)) == 0)