git: 87f0f372e4b8 - main - mail/mailman: 2.1.38 security fixing CSRF vuln
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 01 Dec 2021 19:10:08 UTC
The branch main has been updated by mandree:
URL: https://cgit.FreeBSD.org/ports/commit/?id=87f0f372e4b844f16b8c6e7bd3bc68ecf703c17f
commit 87f0f372e4b844f16b8c6e7bd3bc68ecf703c17f
Author: Matthias Andree <mandree@FreeBSD.org>
AuthorDate: 2021-12-01 19:06:35 +0000
Commit: Matthias Andree <mandree@FreeBSD.org>
CommitDate: 2021-12-01 19:09:46 +0000
mail/mailman: 2.1.38 security fixing CSRF vuln
While here, fix pkg-message to mention -exim4 and -postfix
derived ports that override the default MTA.
Security: 0d6efbe3-52d9-11ec-9472-e3667ed6088e
Security: CVE-2021-44227
MFH: 2021Q4
---
mail/mailman/Makefile | 3 ++-
mail/mailman/distinfo | 6 +++---
mail/mailman/files/pkg-message.in | 11 +++++++----
3 files changed, 12 insertions(+), 8 deletions(-)
diff --git a/mail/mailman/Makefile b/mail/mailman/Makefile
index 8250bc733ec6..f385a3a09d7f 100644
--- a/mail/mailman/Makefile
+++ b/mail/mailman/Makefile
@@ -1,7 +1,8 @@
# Created by: n_hibma@qubesoft.com
PORTNAME= mailman
-DISTVERSION= 2.1.37
+DISTVERSION= 2.1.38
+PORTREVISION= 0
CATEGORIES= mail
MASTER_SITES= GNU \
SF/${PORTNAME}/Mailman%202.1%20%28stable%29/${PORTVERSION} \
diff --git a/mail/mailman/distinfo b/mail/mailman/distinfo
index b7eb6f32f810..acd4074ba3bb 100644
--- a/mail/mailman/distinfo
+++ b/mail/mailman/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1636797368
-SHA256 (mailman/mailman-2.1.37.tgz) = 689ff350857728ccc4ed379ceef54b93f710af8740cabc3bfe0348173b6b3f4f
-SIZE (mailman/mailman-2.1.37.tgz) = 9508379
+TIMESTAMP = 1638384323
+SHA256 (mailman/mailman-2.1.38.tgz) = ac093ec2ed3eb93b41f1e1b19d39cf41e1bdd09587979835fe154dac6777fc68
+SIZE (mailman/mailman-2.1.38.tgz) = 9508426
SHA256 (mailman/msapiro-htdig-1822.patch.xz) = fa1da6fb7c0946a6723bc2766501c222fa73c8d794566a3b6e5718a7d1840265
SIZE (mailman/msapiro-htdig-1822.patch.xz) = 50700
diff --git a/mail/mailman/files/pkg-message.in b/mail/mailman/files/pkg-message.in
index ea74d13ee574..7176faa9709b 100644
--- a/mail/mailman/files/pkg-message.in
+++ b/mail/mailman/files/pkg-message.in
@@ -14,10 +14,13 @@ Note (1):
- ESPECIALLY RELEVANT FOR USERS OF THE BINARY PACKAGE -
The FreeBSD binary package is built for use with Sendmail, and it will
not work properly with alternative MTAs such as Exim or Postfix.
- In order for Mailman to work with an alternative mailer,
-the port must be installed from source, with proper options configured,
-or from a package built in poudriere (which is a separate port in
-ports-mgmt) with adapted options. (poudriere options -cn mail/mailman)
+ In order for Mailman to work with an alternative mailer, please use
+mailman-exim4 or mailman-postfix instead, or
+mailman-exim4-with-htdig or mailman-postfix-with-htdig.
+ For use with other mailers (Courier, OpenSMTPd), the port must be installed
+from source, with proper options configured, or from a package built in
+poudriere (which is a separate port in ports-mgmt) with adapted options.
+(poudriere options -cn mail/mailman)
- FOR USERS OF A PORT BUILT FROM SOURCE -
If you use an alternate MTA (meaning "not Sendmail"), you MUST