From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:41116)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1eHCgO-0000cH-Sb
	for guix-patches@gnu.org; Tue, 21 Nov 2017 12:50:09 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1eHCgM-0000SC-8z
	for guix-patches@gnu.org; Tue, 21 Nov 2017 12:50:04 -0500
Received: from debbugs.gnu.org ([208.118.235.43]:42648)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1eHCgM-0000S6-5b
	for guix-patches@gnu.org; Tue, 21 Nov 2017 12:50:02 -0500
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1eHCgL-0006HK-JL
	for guix-patches@gnu.org; Tue, 21 Nov 2017 12:50:01 -0500
Subject: [bug#29383] [PATCH] gnu: procmail: Fix CVE-2017-16844.
Resent-Message-ID: <handler.29383.B.151128656424080@debbugs.gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:40818)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1eHCfY-0008TW-Q3
	for guix-patches@gnu.org; Tue, 21 Nov 2017 12:49:13 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1eHCfV-0008Uo-CJ
	for guix-patches@gnu.org; Tue, 21 Nov 2017 12:49:12 -0500
Received: from out4-smtp.messagingengine.com ([66.111.4.28]:55011)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <leo@famulari.name>) id 1eHCfV-0008TN-6t
	for guix-patches@gnu.org; Tue, 21 Nov 2017 12:49:09 -0500
Received: from jasmine.lan (c-73-165-108-70.hsd1.pa.comcast.net
	[73.165.108.70])
	by mail.messagingengine.com (Postfix) with ESMTPA id C97F024A81
	for <guix-patches@gnu.org>; Tue, 21 Nov 2017 12:49:06 -0500 (EST)
From: Leo Famulari <leo@famulari.name>
Date: Tue, 21 Nov 2017 12:49:03 -0500
Message-Id: <a0ab0e2bc8db8f153cd6a9ae68420fac29f68eed.1511286541.git.leo@famulari.name>
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: 29383@debbugs.gnu.org

* gnu/packages/patches/procmail-CVE-2017-16844.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/mail.scm (procmail)[source]: Use it.
---
 gnu/local.mk                                       |  1 +
 gnu/packages/mail.scm                              |  3 ++-
 gnu/packages/patches/procmail-CVE-2017-16844.patch | 25 ++++++++++++++++++++++
 3 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/procmail-CVE-2017-16844.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index f8e553965..0993c4587 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -978,6 +978,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/portmidi-modular-build.patch		\
   %D%/packages/patches/procmail-ambiguous-getline-debian.patch  \
   %D%/packages/patches/procmail-CVE-2014-3618.patch		\
+  %D%/packages/patches/procmail-CVE-2017-16844.patch		\
   %D%/packages/patches/proot-test-fhs.patch			\
   %D%/packages/patches/psm-arch.patch				\
   %D%/packages/patches/psm-ldflags.patch			\
diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm
index 77d935171..38140d6e6 100644
--- a/gnu/packages/mail.scm
+++ b/gnu/packages/mail.scm
@@ -1611,7 +1611,8 @@ deliver it in various ways.")
        ;; getline() in formail.c.  The patch is provided by Debian as
        ;; patch 24.
        (patches (search-patches "procmail-ambiguous-getline-debian.patch"
-                                "procmail-CVE-2014-3618.patch"))))
+                                "procmail-CVE-2014-3618.patch"
+                                "procmail-CVE-2017-16844.patch"))))
     (arguments
      `(#:phases (modify-phases %standard-phases
                   (replace 'configure
diff --git a/gnu/packages/patches/procmail-CVE-2017-16844.patch b/gnu/packages/patches/procmail-CVE-2017-16844.patch
new file mode 100644
index 000000000..b96540c8c
--- /dev/null
+++ b/gnu/packages/patches/procmail-CVE-2017-16844.patch
@@ -0,0 +1,25 @@
+Fix CVE-2017-16844:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16844
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876511
+
+Patch copied from Debian procmail package 3.22-26:
+
+http://http.debian.net/debian/pool/main/p/procmail/procmail_3.22-26.debian.tar.xz
+
+From: Santiago Vila <sanvila@debian.org>
+Subject: Fix heap-based buffer overflow in loadbuf()
+Bug-Debian: http://bugs.debian.org/876511
+X-Debian-version: 3.22-26
+
+--- a/src/formisc.c
++++ b/src/formisc.c
+@@ -103,7 +103,7 @@
+ }
+ 							    /* append to buf */
+ void loadbuf(text,len)const char*const text;const size_t len;
+-{ if(buffilled+len>buflen)			  /* buf can't hold the text */
++{ while(buffilled+len>buflen)			  /* buf can't hold the text */
+      buf=realloc(buf,buflen+=Bsize);
+   tmemmove(buf+buffilled,text,len);buffilled+=len;
+ }
-- 
2.15.0