Apply officially sanctioned patch to close a format string vulnerability

in exim batch SMTP mode.

The vulnerability is _not_ exploitable by external SMTP callers.

2 files changed, 12 insertions, 1 deletions

diff --git a/mail/exim/Makefile b/mail/exim/Makefile
index 935b05f..6b9b62e 100644
--- a/mail/exim/Makefile
+++ b/mail/exim/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	exim
 PORTVERSION=	3.22
-PORTREVISION=	5
+PORTREVISION=	6
 CATEGORIES=	mail
 MASTER_SITES=	ftp://ftp.csx.cam.ac.uk/pub/software/email/exim/ \
 		http://www.exim.org/ftp/ \
diff --git a/mail/exim/files/patch-src::accept.c b/mail/exim/files/patch-src::accept.c
new file mode 100644
index 0000000..c74c917
--- /dev/null
+++ b/mail/exim/files/patch-src::accept.c
@@ -0,0 +1,11 @@
+--- src/accept.c.orig	Mon Jun 11 17:00:24 2001
++++ src/accept.c	Mon Jun 11 17:01:30 2001
+@@ -2503,7 +2503,7 @@
+   nothing on success. The function moan_smtp_batch() does not return -
+   it exits from the program with a non-zero return code. */
+ 
+-  else if (smtp_reply != NULL) moan_smtp_batch(NULL, smtp_reply);
++  else if (smtp_reply != NULL) moan_smtp_batch(NULL, "%s", smtp_reply);
+   }
+ 
+ /* Reset headers so that logging of rejects for a subsequent message doesn't