diff options
Diffstat (limited to 'meta/recipes-extended/mailx/files/0011-outof-Introduce-expandaddr-flag.patch')
| -rw-r--r-- | meta/recipes-extended/mailx/files/0011-outof-Introduce-expandaddr-flag.patch | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/meta/recipes-extended/mailx/files/0011-outof-Introduce-expandaddr-flag.patch b/meta/recipes-extended/mailx/files/0011-outof-Introduce-expandaddr-flag.patch new file mode 100644 index 0000000000..fdce13f202 --- /dev/null +++ b/meta/recipes-extended/mailx/files/0011-outof-Introduce-expandaddr-flag.patch @@ -0,0 +1,70 @@ +From 9984ae5cb0ea0d61df1612b06952a61323c083d9 Mon Sep 17 00:00:00 2001 +From: Florian Weimer <fweimer@redhat.com> +Date: Mon, 17 Nov 2014 11:13:38 +0100 +Subject: [PATCH 1/4] outof: Introduce expandaddr flag + +Document that address expansion is disabled unless the expandaddr +binary option is set. + +This has been assigned CVE-2014-7844 for BSD mailx, but it is not +a vulnerability in Heirloom mailx because this feature was documented. + +This patch is taken from +ftp://ftp.debian.org/debian/pool/main/h/heirloom-mailx/heirloom-mailx_12.5-5.debian.tar.xz + +Upstream-status: Inappropriate [upstream is dead] +--- + mailx.1 | 14 ++++++++++++++ + names.c | 3 +++ + 2 files changed, 17 insertions(+) + +diff --git a/mailx.1 b/mailx.1 +index 70a7859..22a171b 100644 +--- a/mailx.1 ++++ b/mailx.1 +@@ -656,6 +656,14 @@ but any reply returned to the machine + will have the system wide alias expanded + as all mail goes through sendmail. + .SS "Recipient address specifications" ++If the ++.I expandaddr ++option is not set (the default), recipient addresses must be names of ++local mailboxes or Internet mail addresses. ++.PP ++If the ++.I expandaddr ++option is set, the following rules apply: + When an address is used to name a recipient + (in any of To, Cc, or Bcc), + names of local mail folders +@@ -2391,6 +2399,12 @@ and exits immediately. + If this option is set, + \fImailx\fR starts even with an empty mailbox. + .TP ++.B expandaddr ++Causes ++.I mailx ++to expand message recipient addresses, as explained in the section, ++Recipient address specifications. ++.TP + .B flipr + Exchanges the + .I Respond +diff --git a/names.c b/names.c +index 66e976b..c69560f 100644 +--- a/names.c ++++ b/names.c +@@ -268,6 +268,9 @@ outof(struct name *names, FILE *fo, struct header *hp) + FILE *fout, *fin; + int ispipe; + ++ if (value("expandaddr") == NULL) ++ return names; ++ + top = names; + np = names; + time(&now); +-- +1.9.3 + + |