Submitted By: Ken Moffat Date: 2014-12-27 Initial Package Version: 12.5 Upstream Status: Unknown Origin: Changes to remove SSL2 found at debian, remainder from redhat. Description: Removes support for SSL2 (openssl no longer supports it) and fixes CVE-2004-2771 [sic] and CVE-2014-7844. diff -Naur heirloom-mailx-12.5/extern.h heirloom-mailx-12.5-patched/extern.h --- heirloom-mailx-12.5/extern.h 2011-04-26 22:23:22.000000000 +0100 +++ heirloom-mailx-12.5-patched/extern.h 2014-12-27 01:26:59.654169487 +0000 @@ -396,7 +396,7 @@ int is_fileaddr(char *name); struct name *usermap(struct name *names); struct name *cat(struct name *n1, struct name *n2); -char **unpack(struct name *np); +char **unpack(struct name *smopts, struct name *np); struct name *elide(struct name *names); int count(struct name *np); struct name *delete_alternates(struct name *np); diff -Naur heirloom-mailx-12.5/fio.c heirloom-mailx-12.5-patched/fio.c --- heirloom-mailx-12.5/fio.c 2011-04-26 22:23:22.000000000 +0100 +++ heirloom-mailx-12.5-patched/fio.c 2014-12-27 01:27:15.634561413 +0000 @@ -43,12 +43,15 @@ #endif /* not lint */ #include "rcv.h" + +#ifndef HAVE_WORDEXP +#error wordexp support is required +#endif + #include #include #include -#ifdef HAVE_WORDEXP #include -#endif /* HAVE_WORDEXP */ #include #if defined (USE_NSS) @@ -481,7 +484,6 @@ static char * globname(char *name) { -#ifdef HAVE_WORDEXP wordexp_t we; char *cp; sigset_t nset; @@ -495,7 +497,7 @@ sigemptyset(&nset); sigaddset(&nset, SIGCHLD); sigprocmask(SIG_BLOCK, &nset, NULL); - i = wordexp(name, &we, 0); + i = wordexp(name, &we, WRDE_NOCMD); sigprocmask(SIG_UNBLOCK, &nset, NULL); switch (i) { case 0: @@ -527,65 +529,6 @@ } wordfree(&we); return cp; -#else /* !HAVE_WORDEXP */ - char xname[PATHSIZE]; - char cmdbuf[PATHSIZE]; /* also used for file names */ - int pid, l; - char *cp, *shell; - int pivec[2]; - extern int wait_status; - struct stat sbuf; - - if (pipe(pivec) < 0) { - perror("pipe"); - return name; - } - snprintf(cmdbuf, sizeof cmdbuf, "echo %s", name); - if ((shell = value("SHELL")) == NULL) - shell = SHELL; - pid = start_command(shell, 0, -1, pivec[1], "-c", cmdbuf, NULL); - if (pid < 0) { - close(pivec[0]); - close(pivec[1]); - return NULL; - } - close(pivec[1]); -again: - l = read(pivec[0], xname, sizeof xname); - if (l < 0) { - if (errno == EINTR) - goto again; - perror("read"); - close(pivec[0]); - return NULL; - } - close(pivec[0]); - if (wait_child(pid) < 0 && WTERMSIG(wait_status) != SIGPIPE) { - fprintf(stderr, catgets(catd, CATSET, 81, - "\"%s\": Expansion failed.\n"), name); - return NULL; - } - if (l == 0) { - fprintf(stderr, catgets(catd, CATSET, 82, - "\"%s\": No match.\n"), name); - return NULL; - } - if (l == sizeof xname) { - fprintf(stderr, catgets(catd, CATSET, 83, - "\"%s\": Expansion buffer overflow.\n"), name); - return NULL; - } - xname[l] = 0; - for (cp = &xname[l-1]; *cp == '\n' && cp > xname; cp--) - ; - cp[1] = '\0'; - if (strchr(xname, ' ') && stat(xname, &sbuf) < 0) { - fprintf(stderr, catgets(catd, CATSET, 84, - "\"%s\": Ambiguous.\n"), name); - return NULL; - } - return savestr(xname); -#endif /* !HAVE_WORDEXP */ } /* diff -Naur heirloom-mailx-12.5/mailx.1 heirloom-mailx-12.5-patched/mailx.1 --- heirloom-mailx-12.5/mailx.1 2011-04-26 22:23:22.000000000 +0100 +++ heirloom-mailx-12.5-patched/mailx.1 2014-12-27 01:26:53.838026857 +0000 @@ -656,6 +656,14 @@ will have the system wide alias expanded as all mail goes through sendmail. .SS "Recipient address specifications" +If the +.I expandaddr +option is not set (the default), recipient addresses must be names of +local mailboxes or Internet mail addresses. +.PP +If the +.I expandaddr +option is set, the following rules apply: When an address is used to name a recipient (in any of To, Cc, or Bcc), names of local mail folders @@ -2391,6 +2399,12 @@ If this option is set, \fImailx\fR starts even with an empty mailbox. .TP +.B expandaddr +Causes +.I mailx +to expand message recipient addresses, as explained in the section, +Recipient address specifications. +.TP .B flipr Exchanges the .I Respond @@ -3575,7 +3589,7 @@ .TP .B ssl-method Selects a SSL/TLS protocol version; -valid values are `ssl2', `ssl3', and `tls1'. +valid values are `ssl3', and `tls1'. If unset, the method is selected automatically, if possible. .TP diff -Naur heirloom-mailx-12.5/names.c heirloom-mailx-12.5-patched/names.c --- heirloom-mailx-12.5/names.c 2011-04-26 22:23:22.000000000 +0100 +++ heirloom-mailx-12.5-patched/names.c 2014-12-27 01:26:59.654169487 +0000 @@ -268,6 +268,9 @@ FILE *fout, *fin; int ispipe; + if (value("expandaddr") == NULL) + return names; + top = names; np = names; time(&now); @@ -546,7 +549,7 @@ * Return an error if the name list won't fit. */ char ** -unpack(struct name *np) +unpack(struct name *smopts, struct name *np) { char **ap, **top; struct name *n; @@ -561,7 +564,7 @@ * the terminating 0 pointer. Additional spots may be needed * to pass along -f to the host mailer. */ - extra = 2; + extra = 3 + count(smopts); extra++; metoo = value("metoo") != NULL; if (metoo) @@ -578,6 +581,10 @@ *ap++ = "-m"; if (verbose) *ap++ = "-v"; + for (; smopts != NULL; smopts = smopts->n_flink) + if ((smopts->n_type & GDEL) == 0) + *ap++ = smopts->n_name; + *ap++ = "--"; for (; n != NULL; n = n->n_flink) if ((n->n_type & GDEL) == 0) *ap++ = n->n_name; diff -Naur heirloom-mailx-12.5/openssl.c heirloom-mailx-12.5-patched/openssl.c --- heirloom-mailx-12.5/openssl.c 2011-04-26 22:23:22.000000000 +0100 +++ heirloom-mailx-12.5-patched/openssl.c 2014-12-27 01:26:34.385549867 +0000 @@ -216,9 +216,7 @@ cp = ssl_method_string(uhp); if (cp != NULL) { - if (equal(cp, "ssl2")) - method = SSLv2_client_method(); - else if (equal(cp, "ssl3")) + if (equal(cp, "ssl3")) method = SSLv3_client_method(); else if (equal(cp, "tls1")) method = TLSv1_client_method(); diff -Naur heirloom-mailx-12.5/sendout.c heirloom-mailx-12.5-patched/sendout.c --- heirloom-mailx-12.5/sendout.c 2011-04-26 22:23:22.000000000 +0100 +++ heirloom-mailx-12.5-patched/sendout.c 2014-12-27 01:26:59.654169487 +0000 @@ -835,7 +835,7 @@ #endif /* HAVE_SOCKETS */ if ((smtp = value("smtp")) == NULL) { - args = unpack(cat(mailargs, to)); + args = unpack(mailargs, to); if (debug || value("debug")) { printf(catgets(catd, CATSET, 181, "Sendmail arguments:"));