summaryrefslogtreecommitdiffstats
path: root/mail/nbsmtp
diff options
context:
space:
mode:
authorniels <niels@FreeBSD.org>2005-07-25 19:32:17 +0000
committerniels <niels@FreeBSD.org>2005-07-25 19:32:17 +0000
commit5b5d445205e82f0a0c32700656e5e757fbd2d62d (patch)
treec141ecdd2eb5d69232bc87f38c23c91bcc57c449 /mail/nbsmtp
parent1000bd8e95ed79e9e9e74ad687ed9c4e384d12ae (diff)
downloadFreeBSD-ports-5b5d445205e82f0a0c32700656e5e757fbd2d62d.zip
FreeBSD-ports-5b5d445205e82f0a0c32700656e5e757fbd2d62d.tar.gz
Fixed format string vulnerability that might be exploitable if
the program runs in debug mode and is used to connect to an untrusted SMTP server. Approved by: nectar (mentor)
Diffstat (limited to 'mail/nbsmtp')
-rw-r--r--mail/nbsmtp/Makefile1
-rw-r--r--mail/nbsmtp/files/patch-util.c11
2 files changed, 12 insertions, 0 deletions
diff --git a/mail/nbsmtp/Makefile b/mail/nbsmtp/Makefile
index 5ea7f15..4336e0c 100644
--- a/mail/nbsmtp/Makefile
+++ b/mail/nbsmtp/Makefile
@@ -10,6 +10,7 @@
PORTNAME= nbsmtp
PORTVERSION= 0.99
CATEGORIES= mail
+PORTREVISION= 1
MASTER_SITES= http://www.gentoo-es.org/~ferdy/ \
http://www.it.uc3m.es/~ferdy/nbsmtp/
diff --git a/mail/nbsmtp/files/patch-util.c b/mail/nbsmtp/files/patch-util.c
new file mode 100644
index 0000000..48f78b7
--- /dev/null
+++ b/mail/nbsmtp/files/patch-util.c
@@ -0,0 +1,11 @@
+--- util.orig Tue Jul 12 11:43:06 2005
++++ util.c Tue Jul 12 11:43:32 2005
+@@ -187,7 +187,7 @@
+ if (debug==0 || debug==1)
+ {
+ openlog("nbSMTP", LOG_PID, LOG_MAIL);
+- syslog(priority,buffer);
++ syslog(priority,"%s",buffer);
+ closelog();
+ }
+ else /* if (debug==2) */
OpenPOWER on IntegriCloud