./mail/libytnef, Yerases TNEF Stream Reader library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.9.3, Package name: libytnef-1.9.3, Maintainer: pkgsrc-users

libytnef is a set of libraries to parse Microsoft TNEF attachments.


Required to build:
[pkgtools/cwrappers]

Master sites:


Version history: (Expand)


CVS history: (Expand)


   2021-10-26 12:54:34 by Nia Alarie | Files touched by this commit (356)
Log message:
mail: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

The following distfiles were unfetchable (possibly fetched
conditionally?):

./mail/qmail/distinfo netqmail-1.05-TAI-leapsecs.patch
   2021-10-07 16:25:52 by Nia Alarie | Files touched by this commit (357)
Log message:
mail: Remove SHA1 hashes for distfiles
   2019-09-30 17:27:05 by Makoto Fujiwara | Files touched by this commit (2)
Log message:
set DIST_SUBDIR, and regen distinfo
   2019-09-16 02:05:20 by Nia Alarie | Files touched by this commit (1)
Log message:
libytnef: Change spaces to tabs to please pkglint.
   2019-09-15 21:24:55 by Niclas Rosenvik | Files touched by this commit (2)
Log message:
Update ytnef and libytnef to version 1.9.3 .

From release notes:

This version resolves the following CVEs:

* CVE-2017-9470
* CVE-2017-9471
* CVE-2017-9474
* CVE-2017-9058
* CVE-2017-12142
* CVE-2017-12141
* CVE-2017-12144
   2018-01-07 14:04:44 by Roland Illig | Files touched by this commit (583)
Log message:
Fix indentation in buildlink3.mk files.

The actual fix as been done by "pkglint -F */*/buildlink3.mk", and was
reviewed manually.

There are some .include lines that still are indented with zero spaces
although the surrounding .if is indented. This is existing practice.
   2017-09-03 10:53:18 by Thomas Klausner | Files touched by this commit (165)
Log message:
Follow some redirects.
   2017-08-17 11:49:48 by Niclas Rosenvik | Files touched by this commit (8)
Log message:
Update libytnef to version 1.9.2.

The changes in patch-ytnef.c has been applied upstream.
patch-ytnef.c has now been removed.

Changes from Changelog:

v1.9.2 - February 23, 2017

Thanks to @hannob for finding some Out-of-bound exceptions in memory handline.
* [SECURITY] An invalid memory access (heap overrun) in handling LONG datatypes \ 
(CVE-2017-6800)
* [SECURITY] Missing a check for fields of size 0 (CVE-2017-6801)
* [SECURITY] Potential buffer overrun on incoming Compressed RTF Streams \ 
(CVE-2017-6802)

This version  & the previous 1.9.1 resolves the following CVEs:
* CVE-2017-6306
* CVE-2017-6305
* CVE-2017-6304
* CVE-2017-6303
* CVE-2017-6302
* CVE-2017-6301
* CVE-2017-6300
* CVE-2017-6299
* CVE-2017-6298

v1.9.1 - Feb 14, 2017
* BugFix for path handling- label both / and \ as invalid characters inattachments
* Remove lots of exit(-1)'s from the code that would crash calling programs
* [SECURITY] Thanks to EricSesterhennX41 for a patch to fix lots of invalid
memory allocation around corrupted files.

v1.9 - January 2, 2017
* Unify libytnef and ytnef tools into a single build & package (Thanks @jmallach)
* Fix applied for CVE-2010-5109
* Various fixes for errors found via Static Analysis (cppcheck)
* Various memory leaks plugged (Thanks @slonik-v-domene)
* Bugfix for a broken "uniqueness" checker
* Lots of formatting & documentation cleanups

Now that the two packages are unified into a single install & build, I've had
to choose a unifier of Version Numbers.  I chose 1.9 .