diff options
| -rw-r--r-- | chinese/pine4/Makefile | 7 | ||||
| -rw-r--r-- | chinese/pine4/files/patch-bz | 20 | ||||
| -rw-r--r-- | chinese/pine4/pkg-install | 9 | ||||
| -rw-r--r-- | hebrew/pine/Makefile | 7 | ||||
| -rw-r--r-- | hebrew/pine/pkg-install | 9 | ||||
| -rw-r--r-- | mail/pine4-ssl/pkg-install | 9 | ||||
| -rw-r--r-- | mail/pine4/Makefile | 7 | ||||
| -rw-r--r-- | mail/pine4/files/patch-ba | 20 | ||||
| -rw-r--r-- | mail/pine4/pkg-install | 9 |
9 files changed, 91 insertions, 6 deletions
diff --git a/chinese/pine4/Makefile b/chinese/pine4/Makefile index 9307f3e..6e6017e 100644 --- a/chinese/pine4/Makefile +++ b/chinese/pine4/Makefile @@ -13,12 +13,15 @@ DISTNAME= pine${PORTVERSION} MAINTAINER= avatar@www.mmlab.cse.yzu.edu.tw -FORBIDDEN= "Remotely exploitable buffer overflows." - NO_LATEST_LINK= yes MAN1= pine.1 pico.1 pilot.1 +pre-fetch: +.if !defined(BATCH) && !defined(PACKAGE_BUILDING) + ${SH} pkg-install +.endif + post-patch: for i in ${WRKSRC}/doc/pine.1 \ ${WRKSRC}/pine/init.c \ diff --git a/chinese/pine4/files/patch-bz b/chinese/pine4/files/patch-bz new file mode 100644 index 0000000..84b3429 --- /dev/null +++ b/chinese/pine4/files/patch-bz @@ -0,0 +1,20 @@ +*** pine/newmail.c.orig Mon Sep 25 15:07:01 2000 +--- pine/newmail.c Tue Sep 26 15:34:24 2000 +*************** +*** 342,348 **** + e->from->personal, NULL), + ps_global->ttyo->screen_cols); + else +! sprintf(from + ((number > 1L) ? 18 : 6), "%s%s%s", + e->from->mailbox, + e->from->host ? "@" : "", + e->from->host ? e->from->host : ""); +--- 342,349 ---- + e->from->personal, NULL), + ps_global->ttyo->screen_cols); + else +! snprintf(from + ((number > 1L) ? 18 : 6), sizeof(from) - strlen(from), +! "%s%s%s", + e->from->mailbox, + e->from->host ? "@" : "", + e->from->host ? e->from->host : ""); diff --git a/chinese/pine4/pkg-install b/chinese/pine4/pkg-install new file mode 100644 index 0000000..b8e5db1 --- /dev/null +++ b/chinese/pine4/pkg-install @@ -0,0 +1,9 @@ +#!/bin/sh + +if [ "$2" = "POST-INSTALL" -o -n "${PACKAGE_BUILDING}" ]; then + exit 0 +fi + +/usr/bin/dialog --yesno "SECURITY NOTE: The pine software has had several remote vulnerabilities discovered in the past, which allowed remote attackers to execute arbitrary code as you on your local system, by the action of sending a specially-prepared email. All such KNOWN problems have been fixed, but the pine code is written in a very insecure style and the FreeBSD Security Officer believes there are likely to be other undiscovered vulnerabilities. Do you wish to proceed with the installation of pine anyway?" 12 70 || /usr/bin/false + + diff --git a/hebrew/pine/Makefile b/hebrew/pine/Makefile index 13f11af..6f9a870 100644 --- a/hebrew/pine/Makefile +++ b/hebrew/pine/Makefile @@ -12,10 +12,13 @@ DISTNAME= pine4.21_heb2.09 MAINTAINER?= nadav@cs.technion.ac.il -FORBIDDEN= "Remotely exploitable buffer overflows." - MAN1= pine.1 pico.1 pilot.1 +pre-fetch: +.if !defined(BATCH) && !defined(PACKAGE_BUILDING) + ${SH} pkg-install +.endif + post-patch: for i in ${WRKSRC}/doc/pine.1 \ ${WRKSRC}/pine/init.c \ diff --git a/hebrew/pine/pkg-install b/hebrew/pine/pkg-install new file mode 100644 index 0000000..b8e5db1 --- /dev/null +++ b/hebrew/pine/pkg-install @@ -0,0 +1,9 @@ +#!/bin/sh + +if [ "$2" = "POST-INSTALL" -o -n "${PACKAGE_BUILDING}" ]; then + exit 0 +fi + +/usr/bin/dialog --yesno "SECURITY NOTE: The pine software has had several remote vulnerabilities discovered in the past, which allowed remote attackers to execute arbitrary code as you on your local system, by the action of sending a specially-prepared email. All such KNOWN problems have been fixed, but the pine code is written in a very insecure style and the FreeBSD Security Officer believes there are likely to be other undiscovered vulnerabilities. Do you wish to proceed with the installation of pine anyway?" 12 70 || /usr/bin/false + + diff --git a/mail/pine4-ssl/pkg-install b/mail/pine4-ssl/pkg-install new file mode 100644 index 0000000..b8e5db1 --- /dev/null +++ b/mail/pine4-ssl/pkg-install @@ -0,0 +1,9 @@ +#!/bin/sh + +if [ "$2" = "POST-INSTALL" -o -n "${PACKAGE_BUILDING}" ]; then + exit 0 +fi + +/usr/bin/dialog --yesno "SECURITY NOTE: The pine software has had several remote vulnerabilities discovered in the past, which allowed remote attackers to execute arbitrary code as you on your local system, by the action of sending a specially-prepared email. All such KNOWN problems have been fixed, but the pine code is written in a very insecure style and the FreeBSD Security Officer believes there are likely to be other undiscovered vulnerabilities. Do you wish to proceed with the installation of pine anyway?" 12 70 || /usr/bin/false + + diff --git a/mail/pine4/Makefile b/mail/pine4/Makefile index 14e696f..3fc4022 100644 --- a/mail/pine4/Makefile +++ b/mail/pine4/Makefile @@ -16,8 +16,6 @@ DISTNAME?= ${PORTNAME}${PORTVERSION} MAINTAINER?= pine@freebsd.ady.ro -FORBIDDEN= "Remotely exploitable buffer overflows." - Y2K= http://www.washington.edu/pine/QandA/sysadmins.html#Millenium MAN1= pine.1 pico.1 pilot.1 @@ -33,6 +31,11 @@ LDAP_PREFIX?= ${LOCALBASE} BUILD_DEPENDS+= ${LDAP_PREFIX}/lib/libldap.a:${PORTSDIR}/net/ldap .endif +pre-fetch: +.if !defined(BATCH) && !defined(PACKAGE_BUILDING) + ${SH} pkg-install +.endif + post-patch: for i in ${WRKSRC}/doc/pine.1 \ ${WRKSRC}/pine/init.c \ diff --git a/mail/pine4/files/patch-ba b/mail/pine4/files/patch-ba new file mode 100644 index 0000000..84b3429 --- /dev/null +++ b/mail/pine4/files/patch-ba @@ -0,0 +1,20 @@ +*** pine/newmail.c.orig Mon Sep 25 15:07:01 2000 +--- pine/newmail.c Tue Sep 26 15:34:24 2000 +*************** +*** 342,348 **** + e->from->personal, NULL), + ps_global->ttyo->screen_cols); + else +! sprintf(from + ((number > 1L) ? 18 : 6), "%s%s%s", + e->from->mailbox, + e->from->host ? "@" : "", + e->from->host ? e->from->host : ""); +--- 342,349 ---- + e->from->personal, NULL), + ps_global->ttyo->screen_cols); + else +! snprintf(from + ((number > 1L) ? 18 : 6), sizeof(from) - strlen(from), +! "%s%s%s", + e->from->mailbox, + e->from->host ? "@" : "", + e->from->host ? e->from->host : ""); diff --git a/mail/pine4/pkg-install b/mail/pine4/pkg-install new file mode 100644 index 0000000..b8e5db1 --- /dev/null +++ b/mail/pine4/pkg-install @@ -0,0 +1,9 @@ +#!/bin/sh + +if [ "$2" = "POST-INSTALL" -o -n "${PACKAGE_BUILDING}" ]; then + exit 0 +fi + +/usr/bin/dialog --yesno "SECURITY NOTE: The pine software has had several remote vulnerabilities discovered in the past, which allowed remote attackers to execute arbitrary code as you on your local system, by the action of sending a specially-prepared email. All such KNOWN problems have been fixed, but the pine code is written in a very insecure style and the FreeBSD Security Officer believes there are likely to be other undiscovered vulnerabilities. Do you wish to proceed with the installation of pine anyway?" 12 70 || /usr/bin/false + + |
