From e9b63bece7eadfb42bb1e3b3460975e2849a822b Mon Sep 17 00:00:00 2001 From: wangmy Date: Thu, 19 Aug 2021 10:30:47 +0800 Subject: [PATCH] fetchmail: upgrade 6.4.20 -> 6.4.21 * The new security fix in 6.4.20 for CVE-2021-36386 caused truncation of messages logged to buffered outputs, predominantly --logfile. This also caused lines in the logfile to run into one another because the fragment containing the '\n' line-end character was usually lost. Reason is that on all modern systems (with header and vsnprintf() interface), the length of log message fragments was added up twice, so that these ended too deep into a freshly allocated buffer, after the '\0' byte. Unbuffered outputs flushed the fragments right away, which masked the bug. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj --- .../fetchmail/{fetchmail_6.4.20.bb => fetchmail_6.4.21.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-support/fetchmail/{fetchmail_6.4.20.bb => fetchmail_6.4.21.bb} (91%) diff --git a/meta-networking/recipes-support/fetchmail/fetchmail_6.4.20.bb b/meta-networking/recipes-support/fetchmail/fetchmail_6.4.21.bb similarity index 91% rename from meta-networking/recipes-support/fetchmail/fetchmail_6.4.20.bb rename to meta-networking/recipes-support/fetchmail/fetchmail_6.4.21.bb index 13d91b4d52..33a05ed61a 100644 --- a/meta-networking/recipes-support/fetchmail/fetchmail_6.4.20.bb +++ b/meta-networking/recipes-support/fetchmail/fetchmail_6.4.21.bb @@ -12,7 +12,7 @@ DEPENDS = "openssl" SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.xz \ " -SRC_URI[sha256sum] = "c82141ae2e8f0039ceb0c5c2eda43c5e93ad0bf7f9c6bb628092b3be74386176" +SRC_URI[sha256sum] = "6a459c1cafd7a1daa5cd137140da60c18c84b5699cd8e7249a79c33342c99d1d" inherit autotools gettext python3-dir python3native