svn commit: r512094 - in branches/2019Q3/mail/opendmarc: . files
Kurt Jaeger
pi at FreeBSD.org
Sun Sep 15 09:57:34 UTC 2019
Author: pi
Date: Sun Sep 15 09:57:33 2019
New Revision: 512094
URL: https://svnweb.freebsd.org/changeset/ports/512094
Log:
MFH: r512093
mail/opendmarc: fix multiple addresses in From vulnerability
- please note that it might only be a partial fix, see
https://github.com/trusteddomainproject/OpenDMARC/pull/48#issuecomment-530375590
PR: 240505
Reported by: protonmail
Approved by: ports-secteam (delphij)
Obtained from: https://github.com/trusteddomainproject/OpenDMARC/pull/48
Security: https://protonmail.com/blog/bellingcat-cyberattack-phishing/
Added:
branches/2019Q3/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c
- copied unchanged from r512093, head/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c
branches/2019Q3/mail/opendmarc/files/patch-opendmarc_opendmarc.c
- copied unchanged from r512093, head/mail/opendmarc/files/patch-opendmarc_opendmarc.c
Modified:
branches/2019Q3/mail/opendmarc/Makefile
Directory Properties:
branches/2019Q3/ (props changed)
Modified: branches/2019Q3/mail/opendmarc/Makefile
==============================================================================
--- branches/2019Q3/mail/opendmarc/Makefile Sun Sep 15 09:51:20 2019 (r512093)
+++ branches/2019Q3/mail/opendmarc/Makefile Sun Sep 15 09:57:33 2019 (r512094)
@@ -3,7 +3,7 @@
PORTNAME= opendmarc
PORTVERSION= 1.3.2
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= mail security
MASTER_SITES= SF/${PORTNAME} \
SF/${PORTNAME}/Previous%20Releases
Copied: branches/2019Q3/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c (from r512093, head/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2019Q3/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c Sun Sep 15 09:57:33 2019 (r512094, copy of r512093, head/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c)
@@ -0,0 +1,10 @@
+--- libopendmarc/tests/test_finddomain.c.orig 2012-10-25 15:38:55 UTC
++++ libopendmarc/tests/test_finddomain.c
+@@ -23,6 +23,7 @@ main(int argc, char **argv)
+ /* 11 */ {"(,) joe at joe.com", "joe.com"},
+ /* 12 */ {"\"( bob at bob.com)\" joe at joe.com", "joe.com"},
+ /* 12 */ {"From: Davide D'Marco <user at blah.com>", "blah.com"},
++ /* 13 */ {"blah.com>", "blah.com"},
+ {NULL, NULL},
+ };
+ u_char dbuf[256];
Copied: branches/2019Q3/mail/opendmarc/files/patch-opendmarc_opendmarc.c (from r512093, head/mail/opendmarc/files/patch-opendmarc_opendmarc.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2019Q3/mail/opendmarc/files/patch-opendmarc_opendmarc.c Sun Sep 15 09:57:33 2019 (r512094, copy of r512093, head/mail/opendmarc/files/patch-opendmarc_opendmarc.c)
@@ -0,0 +1,11 @@
+--- opendmarc/opendmarc.c.orig 2017-03-04 13:28:39 UTC
++++ opendmarc/opendmarc.c
+@@ -2193,7 +2193,7 @@ mlfi_eom(SMFICTX *ctx)
+ strncpy(dfc->mctx_fromdomain, domain, sizeof dfc->mctx_fromdomain - 1);
+
+ ostatus = opendmarc_policy_store_from_domain(cc->cctx_dmarc,
+- from->hdr_value);
++ dfc->mctx_fromdomain);
+ if (ostatus != DMARC_PARSE_OKAY)
+ {
+ if (conf->conf_dolog)
More information about the svn-ports-branches
mailing list