[UPDATE] mail/p5-Email-Address to 1.912

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[UPDATE] mail/p5-Email-Address to 1.912

Andrew Hewus Fresh
This updates p5-Email-Address which fixes a CVE, no other changes and no
apparent fallout in dependent ports.

https://metacpan.org/changes/release/RJBS/Email-Address-1.912

Stuart, you're welcome to commit it if you want.

The docs say:

> Version 1.909 and earlier of this module had vulnerabilies
> (CVE-2015-7686) and (CVE-2015-12558) which allowed specially
> constructed email to cause a denial of service. The reported
> vulnerabilities and some other pathalogical cases (meaning they really
> shouldn't occur in normal email) have been addressed in version 1.910
> and newer. If you're running version 1.909 or older, you should
> update!

OK?  Comments?

Index: Makefile
===================================================================
RCS file: /cvs/ports/mail/p5-Email-Address/Makefile,v
retrieving revision 1.14
diff -u -p -r1.14 Makefile
--- Makefile 20 Jun 2018 16:17:56 -0000 1.14
+++ Makefile 7 Mar 2019 02:26:00 -0000
@@ -4,7 +4,7 @@ COMMENT= RFC 2822 address parsing and cr
 
 MODULES= cpan
 PKG_ARCH= *
-DISTNAME= Email-Address-1.909
+DISTNAME= Email-Address-1.912
 CATEGORIES= mail
 
 MAINTAINER= Stuart Henderson <[hidden email]>
Index: distinfo
===================================================================
RCS file: /cvs/ports/mail/p5-Email-Address/distinfo,v
retrieving revision 1.11
diff -u -p -r1.11 distinfo
--- distinfo 20 Jun 2018 16:17:56 -0000 1.11
+++ distinfo 7 Mar 2019 02:26:00 -0000
@@ -1,2 +1,2 @@
-SHA256 (Email-Address-1.909.tar.gz) = byxTJ1FxjrXjANKV+xhpXZUldH07ufLdcy5JA6g2/VA=
-SIZE (Email-Address-1.909.tar.gz) = 41490
+SHA256 (Email-Address-1.912.tar.gz) = D6N4UpjML2eA5j46X7HKgU3Lw2DOtZ7Y+oTrT/oG+e8=
+SIZE (Email-Address-1.912.tar.gz) = 42390

Reply | Threaded
Open this post in threaded view
|

Re: [UPDATE] mail/p5-Email-Address to 1.912

Alexander Bluhm
On Wed, Mar 06, 2019 at 07:28:20PM -0700, Andrew Hewus Fresh wrote:

> This updates p5-Email-Address which fixes a CVE, no other changes and no
> apparent fallout in dependent ports.
>
> https://metacpan.org/changes/release/RJBS/Email-Address-1.912
>
> Stuart, you're welcome to commit it if you want.
>
> The docs say:
>
> > Version 1.909 and earlier of this module had vulnerabilies
> > (CVE-2015-7686) and (CVE-2015-12558) which allowed specially
> > constructed email to cause a denial of service. The reported
> > vulnerabilities and some other pathalogical cases (meaning they really
> > shouldn't occur in normal email) have been addressed in version 1.910
> > and newer. If you're running version 1.909 or older, you should
> > update!
>
> OK?  Comments?

OK bluhm@

> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/mail/p5-Email-Address/Makefile,v
> retrieving revision 1.14
> diff -u -p -r1.14 Makefile
> --- Makefile 20 Jun 2018 16:17:56 -0000 1.14
> +++ Makefile 7 Mar 2019 02:26:00 -0000
> @@ -4,7 +4,7 @@ COMMENT= RFC 2822 address parsing and cr
>  
>  MODULES= cpan
>  PKG_ARCH= *
> -DISTNAME= Email-Address-1.909
> +DISTNAME= Email-Address-1.912
>  CATEGORIES= mail
>  
>  MAINTAINER= Stuart Henderson <[hidden email]>
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/mail/p5-Email-Address/distinfo,v
> retrieving revision 1.11
> diff -u -p -r1.11 distinfo
> --- distinfo 20 Jun 2018 16:17:56 -0000 1.11
> +++ distinfo 7 Mar 2019 02:26:00 -0000
> @@ -1,2 +1,2 @@
> -SHA256 (Email-Address-1.909.tar.gz) = byxTJ1FxjrXjANKV+xhpXZUldH07ufLdcy5JA6g2/VA=
> -SIZE (Email-Address-1.909.tar.gz) = 41490
> +SHA256 (Email-Address-1.912.tar.gz) = D6N4UpjML2eA5j46X7HKgU3Lw2DOtZ7Y+oTrT/oG+e8=
> +SIZE (Email-Address-1.912.tar.gz) = 42390

Reply | Threaded
Open this post in threaded view
|

Re: [UPDATE] mail/p5-Email-Address to 1.912

Stuart Henderson
In reply to this post by Andrew Hewus Fresh
On 2019/03/06 19:28, Andrew Hewus Fresh wrote:
> This updates p5-Email-Address which fixes a CVE, no other changes and no
> apparent fallout in dependent ports.
>
> https://metacpan.org/changes/release/RJBS/Email-Address-1.912
>
> Stuart, you're welcome to commit it if you want.

I wonder why portroach doesn't see this...

> The docs say:
>
> > Version 1.909 and earlier of this module had vulnerabilies
> > (CVE-2015-7686) and (CVE-2015-12558) which allowed specially
> > constructed email to cause a denial of service. The reported
> > vulnerabilities and some other pathalogical cases (meaning they really
> > shouldn't occur in normal email) have been addressed in version 1.910
> > and newer. If you're running version 1.909 or older, you should
> > update!
>
> OK?  Comments?
>
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/mail/p5-Email-Address/Makefile,v
> retrieving revision 1.14
> diff -u -p -r1.14 Makefile
> --- Makefile 20 Jun 2018 16:17:56 -0000 1.14
> +++ Makefile 7 Mar 2019 02:26:00 -0000
> @@ -4,7 +4,7 @@ COMMENT= RFC 2822 address parsing and cr
>  
>  MODULES= cpan
>  PKG_ARCH= *
> -DISTNAME= Email-Address-1.909
> +DISTNAME= Email-Address-1.912
>  CATEGORIES= mail
>  
>  MAINTAINER= Stuart Henderson <[hidden email]>
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/mail/p5-Email-Address/distinfo,v
> retrieving revision 1.11
> diff -u -p -r1.11 distinfo
> --- distinfo 20 Jun 2018 16:17:56 -0000 1.11
> +++ distinfo 7 Mar 2019 02:26:00 -0000
> @@ -1,2 +1,2 @@
> -SHA256 (Email-Address-1.909.tar.gz) = byxTJ1FxjrXjANKV+xhpXZUldH07ufLdcy5JA6g2/VA=
> -SIZE (Email-Address-1.909.tar.gz) = 41490
> +SHA256 (Email-Address-1.912.tar.gz) = D6N4UpjML2eA5j46X7HKgU3Lw2DOtZ7Y+oTrT/oG+e8=
> +SIZE (Email-Address-1.912.tar.gz) = 42390
>

OK, thanks!