Update fetchmail to 6.3.21_1, fixing CVE-2012-3482.

Adjust VuXML database entry from < 6.3.22 to < 6.3.21_1. PR: ports/170613 Approved by: maintainer timeout (14 days) Security: http://www.vuxml.org/freebsd/83f9e943-e664-11e1-a66d-080027ef73ec.html Security: CVE-2012-3482
svn path=/head/; revision=303238
2025-07-18 01:39:16 -04:00 · 2012-08-27 17:44:23 +00:00 · 2012-08-27 17:44:23 +00:00 · 6b9d75c6d6 · 2021-03-31 03:12:20 +00:00
commit 6b9d75c6d6
parent 0271a4a8b2
3 changed files with 56 additions and 1 deletions
--- a/mail/fetchmail/Makefile
+++ b/mail/fetchmail/Makefile
@ -12,6 +12,7 @@

 PORTNAME=	fetchmail
 PORTVERSION=	6.3.21
+PORTREVISION=	1
 CATEGORIES=	mail ipv6
 MASTER_SITES=	BERLIOS/${PORTNAME}/ \
 		SF/${PORTNAME}/branch_6.3/ \
--- a/mail/fetchmail/files/patch-CVE-2012-3482
+++ b/mail/fetchmail/files/patch-CVE-2012-3482
@ -0,0 +1,53 @@
+diff --git a/ntlm.h b/ntlm.h
+index 1469633..ad83520 100644
+--- a/ntlm.h
+++ b/ntlm.h
+@@ -32,8 +32,8 @@ uint32        msgType;
+ tSmbStrHeader    uDomain;
+ uint32        flags;
+ uint8         challengeData[8];
+-uint8         reserved[8];
+-tSmbStrHeader    emptyString;
+uint32        context[2];
+tSmbStrHeader    targetInfo;
+ uint8         buffer[1024];
+ uint32        bufIndex;
+ }tSmbNtlmAuthChallenge;
+diff --git a/ntlmsubr.c b/ntlmsubr.c
+index f9d2733..63cbed8 100644
+--- a/ntlmsubr.c
+++ b/ntlmsubr.c
+@@ -55,7 +55,32 @@ int ntlm_helper(int sock, struct query *ctl, const char *proto)
+     if ((result = gen_recv(sock, msgbuf, sizeof msgbuf)))
+ 	goto cancelfail;
+ 
+-    (void)from64tobits (&challenge, msgbuf, sizeof(challenge));
+    if ((result = from64tobits (&challenge, msgbuf, sizeof(challenge))) < 0
+	    || result < ((void *)&challenge.context - (void *)&challenge))
+    {
+	report (stderr, GT_("could not decode BASE64 challenge\n"));
+	/* We do not goto cancelfail; the server has already sent the
+	 * tagged reply, so the protocol exchange has ended, no need
+	 * for us to send the asterisk. */
+	return PS_AUTHFAIL;
+    }
+
+    /* validate challenge:
+     * - ident
+     * - message type
+     * - that offset points into buffer
+     * - that offset + length does not wrap
+     * - that offset + length is not bigger than buffer */
+    if (0 != memcmp("NTLMSSP", challenge.ident, 8)
+	    || challenge.msgType != 2
+	    || challenge.uDomain.offset > result
+	    || challenge.uDomain.offset + challenge.uDomain.len < challenge.uDomain.offset
+	    || challenge.uDomain.offset + challenge.uDomain.len > result)
+    {
+	report (stderr, GT_("NTLM challenge contains invalid data.\n"));
+	result = PS_AUTHFAIL;
+	goto cancelfail;
+    }
+ 
+     if (outlevel >= O_DEBUG)
+ 	dumpSmbNtlmAuthChallenge(stdout, &challenge);
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@ -611,7 +611,7 @@ Note:  Please add new entries to the beginning of this file.
    <affects>
      <package>
 	<name>fetchmail</name>
-	<range><ge>5.0.8</ge><lt>6.3.22</lt></range>
+	<range><ge>5.0.8</ge><lt>6.3.21_1</lt></range>
      </package>
    </affects>
    <description>
@ -634,6 +634,7 @@ Note:  Please add new entries to the beginning of this file.
    <dates>
      <discovery>2012-08-12</discovery>
      <entry>2012-08-14</entry>
+      <modified>2012-08-27</modified>
    </dates>
  </vuln>