meta-openembedded/meta-oe/recipes-extended/mailx/files/0011-outof-Introduce-expandaddr-flag.patch - mdmillerii/openbmc - Gitiles

 From 9984ae5cb0ea0d61df1612b06952a61323c083d9 Mon Sep 17 00:00:00 2001
 From: Florian Weimer <fweimer@redhat.com>
 Date: Mon, 17 Nov 2014 11:13:38 +0100
 Subject: [PATCH 1/4] outof: Introduce expandaddr flag

 Document that address expansion is disabled unless the expandaddr
 binary option is set.

 This has been assigned CVE-2014-7844 for BSD mailx, but it is not
 a vulnerability in Heirloom mailx because this feature was documented.

 This patch is taken from
 ftp://ftp.debian.org/debian/pool/main/h/heirloom-mailx/heirloom-mailx_12.5-5.debian.tar.xz

 Upstream-Status: Inappropriate [upstream is dead]
 CVE: CVE-2014-7844
 ---
  mailx.1 | 14 ++++++++++++++
  names.c |  3 +++
  2 files changed, 17 insertions(+)

 diff --git a/mailx.1 b/mailx.1
 index 70a7859..22a171b 100644
 --- a/mailx.1
 +++ b/mailx.1
 @@ -656,6 +656,14 @@ but any reply returned to the machine
  will have the system wide alias expanded
  as all mail goes through sendmail.
  .SS "Recipient address specifications"
 +If the
 +.I expandaddr
 +option is not set (the default), recipient addresses must be names of
 +local mailboxes or Internet mail addresses.
 +.PP
 +If the
 +.I expandaddr
 +option is set, the following rules apply:
  When an address is used to name a recipient
  (in any of To, Cc, or Bcc),
  names of local mail folders
 @@ -2391,6 +2399,12 @@ and exits immediately.
  If this option is set,
  \fImailx\fR starts even with an empty mailbox.
  .TP
 +.B expandaddr
 +Causes
 +.I mailx
 +to expand message recipient addresses, as explained in the section,
 +Recipient address specifications.
 +.TP
  .B flipr
  Exchanges the
  .I Respond
 diff --git a/names.c b/names.c
 index 66e976b..c69560f 100644
 --- a/names.c
 +++ b/names.c
 @@ -268,6 +268,9 @@ outof(struct name *names, FILE *fo, struct header *hp)
  	FILE *fout, *fin;
  	int ispipe;

 +	if (value("expandaddr") == NULL)
 +		return names;
 +
  	top = names;
  	np = names;
  	time(&now);
 --
 1.9.3
	From 9984ae5cb0ea0d61df1612b06952a61323c083d9 Mon Sep 17 00:00:00 2001
	From: Florian Weimer <fweimer@redhat.com>
	Date: Mon, 17 Nov 2014 11:13:38 +0100
	Subject: [PATCH 1/4] outof: Introduce expandaddr flag

	Document that address expansion is disabled unless the expandaddr
	binary option is set.

	This has been assigned CVE-2014-7844 for BSD mailx, but it is not
	a vulnerability in Heirloom mailx because this feature was documented.

	This patch is taken from
	ftp://ftp.debian.org/debian/pool/main/h/heirloom-mailx/heirloom-mailx_12.5-5.debian.tar.xz

	Upstream-Status: Inappropriate [upstream is dead]
	CVE: CVE-2014-7844
	---
	mailx.1 \| 14 ++++++++++++++
	names.c \| 3 +++
	2 files changed, 17 insertions(+)

	diff --git a/mailx.1 b/mailx.1
	index 70a7859..22a171b 100644
	--- a/mailx.1
	+++ b/mailx.1
	@@ -656,6 +656,14 @@ but any reply returned to the machine
	will have the system wide alias expanded
	as all mail goes through sendmail.
	.SS "Recipient address specifications"
	+If the
	+.I expandaddr
	+option is not set (the default), recipient addresses must be names of
	+local mailboxes or Internet mail addresses.
	+.PP
	+If the
	+.I expandaddr
	+option is set, the following rules apply:
	When an address is used to name a recipient
	(in any of To, Cc, or Bcc),
	names of local mail folders
	@@ -2391,6 +2399,12 @@ and exits immediately.
	If this option is set,
	\fImailx\fR starts even with an empty mailbox.
	.TP
	+.B expandaddr
	+Causes
	+.I mailx
	+to expand message recipient addresses, as explained in the section,
	+Recipient address specifications.
	+.TP
	.B flipr
	Exchanges the
	.I Respond
	diff --git a/names.c b/names.c
	index 66e976b..c69560f 100644
	--- a/names.c
	+++ b/names.c
	@@ -268,6 +268,9 @@ outof(struct name names, FILE fo, struct header *hp)
	FILE fout, fin;
	int ispipe;

	+ if (value("expandaddr") == NULL)
	+ return names;
	+
	top = names;
	np = names;
	time(&now);
	--
	1.9.3