diff options
author | Sam James <sam@gentoo.org> | 2020-07-27 02:35:55 +0000 |
---|---|---|
committer | Sam James <sam@gentoo.org> | 2020-07-27 03:15:19 +0000 |
commit | a60bfe761b3f5eb9cf5551f753d9447a5d080593 (patch) | |
tree | cd0bec238c608f064535186d2391f4b5562a33e3 /net-mail | |
parent | media-gfx/jhead: security cleanup (diff) | |
download | gentoo-a60bfe761b3f5eb9cf5551f753d9447a5d080593.tar.gz gentoo-a60bfe761b3f5eb9cf5551f753d9447a5d080593.tar.bz2 gentoo-a60bfe761b3f5eb9cf5551f753d9447a5d080593.zip |
net-mail/mailman: security cleanup
Closes: https://bugs.gentoo.org/729468
Package-Manager: Portage-3.0.0, Repoman-2.3.23
Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'net-mail')
-rw-r--r-- | net-mail/mailman/Manifest | 1 | ||||
-rw-r--r-- | net-mail/mailman/files/mailman-2.1.29-fix-libdir.diff | 20 | ||||
-rw-r--r-- | net-mail/mailman/mailman-2.1.29-r3.ebuild | 169 | ||||
-rw-r--r-- | net-mail/mailman/mailman-2.1.29-r4.ebuild | 172 |
4 files changed, 0 insertions, 362 deletions
diff --git a/net-mail/mailman/Manifest b/net-mail/mailman/Manifest index 6f1552315f65..6078fefac27d 100644 --- a/net-mail/mailman/Manifest +++ b/net-mail/mailman/Manifest @@ -1,4 +1,3 @@ -DIST mailman-2.1.29.tgz 9376258 BLAKE2B 63ae740abed79d2887eef35ddfd8b51f22ee984a0eaacddeb34afb8147c0d239e5eaf93579face987b3c604653fed4c13233de78298914b4eacf5a33f769a997 SHA512 ed25179a4580092629890664c5502908b20e326c2ed06ad4e597fb4e8de84076c369ecd7a272be5ed8a1cb4479413d0e004d87804de763ee850e4d04d9a83376 DIST mailman-2.1.33.tgz 9412979 BLAKE2B 1018ee5b2993658117ac5a1d76e1742c5e27cef69ba2892e8f56897f6c00394b1b479b3fa00855f78211844bd531a5ac1e5ac8c9d16763dd49303ab3690edc0c SHA512 1e7bb58a9d38e5171f682563abb0b23fcb0a7423e0e7fa883326815ada37ffa8074845ea70fad4ea29fa098a6e7203e259caf57532e09a0f7c05120f89dd83a9 DIST mailman-3.3.0-importlib_resources-fix.diff.xz 2120 BLAKE2B d455a88a922fe715cb3e3faf6d7f94115ab0e762b85a3195988c9bcb0d01b37d4495e4c30c566f10f65f47c55f18c8af46e21037fca042503167238c88e1ff77 SHA512 31e6f71ff700a3e648b78b75808ac40b333ed58f3d51819b959f48ef4598f0e5d07d3b4fc178745702c02fb3137941c9887a6bd1cdd9ea7d18cd50d32da6c57f DIST mailman-3.3.0.tar.gz 839241 BLAKE2B a9f972a5cd09be6e971b568066cf67980c050fc619bc0bba7956d65b9601613f2dd87bbf243072be2478367e2fecfd48b184dada6fc525dae8cf1414dc64cec0 SHA512 63cf30c102751c1cae086f4c046767c2d817ad57097bd60bc838ead19c4e29ed1bc5d4cc2c1eef40f41787daf60d8b98033f64064d6ad4567a9552b5fb2cabd8 diff --git a/net-mail/mailman/files/mailman-2.1.29-fix-libdir.diff b/net-mail/mailman/files/mailman-2.1.29-fix-libdir.diff deleted file mode 100644 index f095938ff42a..000000000000 --- a/net-mail/mailman/files/mailman-2.1.29-fix-libdir.diff +++ /dev/null @@ -1,20 +0,0 @@ ---- misc/paths.py.in 2018-06-17 23:47:34 +0000 -+++ misc/paths.py.in 2019-08-16 15:18:03 +0000 -@@ -67,6 +67,16 @@ - 'dist-packages') - sys.path.append(distdir) - -+# Some distros may have the python library in a directory other than lib/ -+# such as Lib/ or lib64/. Hopefully they will have hacked -+# site.getsitepackages() to return the right thing. -+try: -+ import site -+ sys.path.extend(site.getsitepackages()) -+ del site -+except (ImportError, AttributeError): -+ pass -+ - - # In a normal interactive Python environment, the japanese.pth and korean.pth - # files would be imported automatically. But because we inhibit the importing - diff --git a/net-mail/mailman/mailman-2.1.29-r3.ebuild b/net-mail/mailman/mailman-2.1.29-r3.ebuild deleted file mode 100644 index f4b289046d8c..000000000000 --- a/net-mail/mailman/mailman-2.1.29-r3.ebuild +++ /dev/null @@ -1,169 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 - -PYTHON_COMPAT=( python2_7 ) - -inherit eutils python-single-r1 multilib systemd user - -DESCRIPTION="A python-based mailing list server with an extensive web interface" -SRC_URI="mirror://sourceforge/${PN}/${P/_p/-}.tgz" -HOMEPAGE="http://www.list.org/" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 ppc x86" -IUSE="selinux" -REQUIRED_USE="${PYTHON_REQUIRED_USE}" - -DEPEND=" - ${PYTHON_DEPS} - $(python_gen_cond_dep ' - dev-python/dnspython[${PYTHON_MULTI_USEDEP}] - ') - virtual/mta - virtual/cron - virtual/httpd-cgi" -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-mailman ) -" - -S="${WORKDIR}/${P/_p/-}" - -pkg_setup() { - python-single-r1_pkg_setup - INSTALLDIR=${MAILMAN_PREFIX:-"/usr/$(get_libdir)/mailman"} - VAR_PREFIX=${MAILMAN_VAR_PREFIX:-"/var/lib/mailman"} - CGIUID=${MAILMAN_CGIUID:-apache} - CGIGID=${MAILMAN_CGIGID:-apache} - MAILUSR=${MAILMAN_MAILUSR:-mailman} - MAILUID=${MAILMAN_MAILUID:-280} - MAILGRP=${MAILMAN_MAILGRP:-mailman} - MAILGID=${MAILMAN_MAILGID:-280} - - # Bug #58526: switch to enew{group,user}. - # need to add mailman here for compile process. - # Duplicated at pkg_postinst() for binary install. - enewgroup ${MAILGRP} ${MAILGID} - enewuser ${MAILUSR} ${MAILUID} /bin/bash ${INSTALLDIR} mailman,cron -} - -src_prepare() { - epatch "${FILESDIR}/${PN}-2.1.14_rc1-directory-check.patch" - epatch "${FILESDIR}/${PN}-2.1.9-icons.patch" -} - -src_configure() { - econf \ - --without-permcheck \ - --prefix="${INSTALLDIR}" \ - --with-mail-gid=${MAILGID} \ - --with-cgi-gid=${CGIGID} \ - --with-cgi-ext="${MAILMAN_CGIEXT}" \ - --with-var-prefix="${VAR_PREFIX}" \ - --with-username=${MAILUSR} \ - --with-groupname=${MAILGRP} \ - --with-python="${PYTHON}" -} - -src_install() { - emake "DESTDIR=${D}" doinstall - - insinto /etc/apache2/modules.d - newins "${FILESDIR}/50_mailman.conf-r2" 50_mailman.conf - sed \ - -e "s:/usr/local/mailman/cgi-bin:${INSTALLDIR}/cgi-bin:g" \ - -e "s:/usr/local/mailman/icons:${INSTALLDIR}/icons:g" \ - -e "s:/usr/local/mailman/archives:${VAR_PREFIX}/archives:g" \ - -i "${D}/etc/apache2/modules.d/50_mailman.conf" || die - - newdoc "${FILESDIR}/README.gentoo-r3" README.gentoo - - dodoc ACK* BUGS FAQ NEWS README* TODO UPGRADING INSTALL contrib/mailman.mc \ - contrib/README.check_perms_grsecurity contrib/virtusertable - - exeinto ${INSTALLDIR}/bin - doexe build/contrib/*.py contrib/majordomo2mailman.pl contrib/auto \ - contrib/mm-handler* - - dodir /etc/mailman - mv "${D}/${INSTALLDIR}/Mailman/mm_cfg.py" "${D}/etc/mailman" - dosym /etc/mailman/mm_cfg.py ${INSTALLDIR}/Mailman/mm_cfg.py - - # Save the old config for updates from pre-2.1.9-r2 - # To be removed some distant day - for i in /var/mailman /home/mailman /usr/local/mailman ${INSTALLDIR}; do - if [ -f ${i}/Mailman/mm_cfg.py ] && ! [ -L ${i}/Mailman/mm_cfg.py ]; then - cp ${i}/Mailman/mm_cfg.py "${D}/etc/mailman/mm_cfg.py" || die - fi - done - - newinitd "${FILESDIR}/mailman.rc" mailman - cp "${FILESDIR}/mailman.service" "${T}/mailman.service" || die - sed -i "s/^User=.*/User=${MAILUSR}/" "${T}/mailman.service" || die - systemd_dounit "${T}/mailman.service" - - keepdir ${VAR_PREFIX}/logs - keepdir ${VAR_PREFIX}/locks - keepdir ${VAR_PREFIX}/spam - keepdir ${VAR_PREFIX}/archives/public - keepdir ${VAR_PREFIX}/archives/private - keepdir ${VAR_PREFIX}/lists - keepdir ${VAR_PREFIX}/qfiles - - chown -R ${MAILUSR}:${MAILGRP} "${D}/${VAR_PREFIX}" "${D}/${INSTALLDIR}" "${D}"/etc/mailman/* || die - chown ${CGIUID}:${MAILGRP} "${D}/${VAR_PREFIX}/archives/private" || die - chmod 2775 "${D}/${INSTALLDIR}" "${D}/${INSTALLDIR}"/templates/* \ - "${D}/${INSTALLDIR}"/messages/* "${D}/${VAR_PREFIX}" "${D}/${VAR_PREFIX}"/{logs,lists,spam,locks,archives/public} || die - chmod 2770 "${D}/${VAR_PREFIX}/archives/private" || die - chmod 2770 "${D}/${VAR_PREFIX}/qfiles" || die - chmod 2755 "${D}/${INSTALLDIR}"/cgi-bin/* "${D}/${INSTALLDIR}/mail/mailman" || die - - python_optimize "${D}/${INSTALLDIR}/bin/" \ - "${D}/${INSTALLDIR}/Mailman/" \ - "${D}/${INSTALLDIR}/Mailman/*" -} - -pkg_postinst() { - enewgroup ${MAILGRP} ${MAILGID} - enewuser ${MAILUSR} ${MAILUID} -1 ${INSTALLDIR} mailman,cron - echo - elog "Please read /usr/share/doc/${PF}/README.gentoo.bz2 for additional" - elog "Setup information, mailman will NOT run unless you follow" - elog "those instructions!" - echo - - elog "An example Mailman configuration file for Apache has been installed into:" - elog " ${APACHE2_MODULES_CONFDIR}/50_mailman.conf" - echo - elog "To enable, you will need to add \"-D MAILMAN\" to" - elog "/etc/conf.d/apache2." - echo - - ewarn "Default-Configuration has changed deeply in 2.1.9-r2. You can configure" - ewarn "mailman with the following variables:" - ewarn "MAILMAN_PREFIX (default: /usr/$(get_libdir)/mailman)" - ewarn "MAILMAN_VAR_PREFIX (default: /var/lib/mailman)" - ewarn "MAILMAN_CGIUID (default: apache)" - ewarn "MAILMAN_CGIGID (default: apache)" - ewarn "MAILMAN_CGIEXT (default: empty)" - ewarn "MAILMAN_MAILUSR (default: mailman)" - ewarn "MAILMAN_MAILUID (default: 280)" - ewarn "MAILMAN_MAILGRP (default: mailman)" - ewarn "MAILMAN_MAILGID (default: 280)" - ewarn - ewarn "Config file is now symlinked in /etc/mailman, so etc-update works." - ewarn - ewarn "If you're upgrading from below 2.1.9-r2 or changed MAILMAN_PREFIX, you" - ewarn "NEED to make a few manual updates to your system:" - ewarn - ewarn "1. Update your mailman users's home directory: usermod -d ${INSTALLDIR} mailman" - ewarn "2. Re-import the crontab: su - mailman -c 'crontab cron/crontab.in'" - ewarn "3. Copy your old mm_cfg.py file to /etc/mailman/mm_cfg.py" - ewarn - ewarn "Additionally if you've modified MAILMAN_VAR_PREFIX (or upgraded from" - ewarn "a pre 2.1.9-r2 installation), you should move your old lists/ and" - ewarn "archives/ directory to the new location, ensuring that the" - ewarn "permissions is correct. See bug #208789 for a discussion." -} diff --git a/net-mail/mailman/mailman-2.1.29-r4.ebuild b/net-mail/mailman/mailman-2.1.29-r4.ebuild deleted file mode 100644 index 82228bd9d94c..000000000000 --- a/net-mail/mailman/mailman-2.1.29-r4.ebuild +++ /dev/null @@ -1,172 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 - -PYTHON_COMPAT=( python2_7 ) - -inherit eutils python-single-r1 multilib systemd user - -DESCRIPTION="A python-based mailing list server with an extensive web interface" -SRC_URI="mirror://sourceforge/${PN}/${P/_p/-}.tgz" -HOMEPAGE="http://www.list.org/" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~ppc ~x86" -IUSE="selinux" -REQUIRED_USE="${PYTHON_REQUIRED_USE}" - -DEPEND=" - ${PYTHON_DEPS} - $(python_gen_cond_dep ' - dev-python/dnspython[${PYTHON_MULTI_USEDEP}] - ') - virtual/mta - virtual/cron - virtual/httpd-cgi" -RDEPEND="${DEPEND} - selinux? ( sec-policy/selinux-mailman ) -" - -S="${WORKDIR}/${P/_p/-}" - -pkg_setup() { - python-single-r1_pkg_setup - INSTALLDIR=${MAILMAN_PREFIX:-"/usr/$(get_libdir)/mailman"} - VAR_PREFIX=${MAILMAN_VAR_PREFIX:-"/var/lib/mailman"} - CGIUID=${MAILMAN_CGIUID:-apache} - CGIGID=${MAILMAN_CGIGID:-apache} - MAILUSR=${MAILMAN_MAILUSR:-mailman} - MAILUID=${MAILMAN_MAILUID:-280} - MAILGRP=${MAILMAN_MAILGRP:-mailman} - MAILGID=${MAILMAN_MAILGID:-280} - - # Bug #58526: switch to enew{group,user}. - # need to add mailman here for compile process. - # Duplicated at pkg_postinst() for binary install. - enewgroup ${MAILGRP} ${MAILGID} - enewuser ${MAILUSR} ${MAILUID} /bin/bash ${INSTALLDIR} mailman,cron -} - -src_prepare() { - epatch "${FILESDIR}/${PN}-2.1.14_rc1-directory-check.patch" - epatch "${FILESDIR}/${PN}-2.1.9-icons.patch" - # Needed for new no-symlink profiles, - # see https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1819 - epatch "${FILESDIR}/mailman-2.1.29-fix-libdir.diff" -} - -src_configure() { - econf \ - --without-permcheck \ - --prefix="${INSTALLDIR}" \ - --with-mail-gid=${MAILGID} \ - --with-cgi-gid=${CGIGID} \ - --with-cgi-ext="${MAILMAN_CGIEXT}" \ - --with-var-prefix="${VAR_PREFIX}" \ - --with-username=${MAILUSR} \ - --with-groupname=${MAILGRP} \ - --with-python="${PYTHON}" -} - -src_install() { - emake "DESTDIR=${D}" doinstall - - insinto /etc/apache2/modules.d - newins "${FILESDIR}/50_mailman.conf-r2" 50_mailman.conf - sed \ - -e "s:/usr/local/mailman/cgi-bin:${INSTALLDIR}/cgi-bin:g" \ - -e "s:/usr/local/mailman/icons:${INSTALLDIR}/icons:g" \ - -e "s:/usr/local/mailman/archives:${VAR_PREFIX}/archives:g" \ - -i "${D}/etc/apache2/modules.d/50_mailman.conf" || die - - newdoc "${FILESDIR}/README.gentoo-r3" README.gentoo - - dodoc ACK* BUGS FAQ NEWS README* TODO UPGRADING INSTALL contrib/mailman.mc \ - contrib/README.check_perms_grsecurity contrib/virtusertable - - exeinto ${INSTALLDIR}/bin - doexe build/contrib/*.py contrib/majordomo2mailman.pl contrib/auto \ - contrib/mm-handler* - - dodir /etc/mailman - mv "${D}/${INSTALLDIR}/Mailman/mm_cfg.py" "${D}/etc/mailman" - dosym /etc/mailman/mm_cfg.py ${INSTALLDIR}/Mailman/mm_cfg.py - - # Save the old config for updates from pre-2.1.9-r2 - # To be removed some distant day - for i in /var/mailman /home/mailman /usr/local/mailman ${INSTALLDIR}; do - if [ -f ${i}/Mailman/mm_cfg.py ] && ! [ -L ${i}/Mailman/mm_cfg.py ]; then - cp ${i}/Mailman/mm_cfg.py "${D}/etc/mailman/mm_cfg.py" || die - fi - done - - newinitd "${FILESDIR}/mailman.rc" mailman - cp "${FILESDIR}/mailman.service" "${T}/mailman.service" || die - sed -i "s/^User=.*/User=${MAILUSR}/" "${T}/mailman.service" || die - systemd_dounit "${T}/mailman.service" - - keepdir ${VAR_PREFIX}/logs - keepdir ${VAR_PREFIX}/locks - keepdir ${VAR_PREFIX}/spam - keepdir ${VAR_PREFIX}/archives/public - keepdir ${VAR_PREFIX}/archives/private - keepdir ${VAR_PREFIX}/lists - keepdir ${VAR_PREFIX}/qfiles - - chown -R ${MAILUSR}:${MAILGRP} "${D}/${VAR_PREFIX}" "${D}/${INSTALLDIR}" "${D}"/etc/mailman/* || die - chown ${CGIUID}:${MAILGRP} "${D}/${VAR_PREFIX}/archives/private" || die - chmod 2775 "${D}/${INSTALLDIR}" "${D}/${INSTALLDIR}"/templates/* \ - "${D}/${INSTALLDIR}"/messages/* "${D}/${VAR_PREFIX}" "${D}/${VAR_PREFIX}"/{logs,lists,spam,locks,archives/public} || die - chmod 2770 "${D}/${VAR_PREFIX}/archives/private" || die - chmod 2770 "${D}/${VAR_PREFIX}/qfiles" || die - chmod 2755 "${D}/${INSTALLDIR}"/cgi-bin/* "${D}/${INSTALLDIR}/mail/mailman" || die - - python_optimize "${D}/${INSTALLDIR}/bin/" \ - "${D}/${INSTALLDIR}/Mailman/" \ - "${D}/${INSTALLDIR}/Mailman/*" -} - -pkg_postinst() { - enewgroup ${MAILGRP} ${MAILGID} - enewuser ${MAILUSR} ${MAILUID} -1 ${INSTALLDIR} mailman,cron - echo - elog "Please read /usr/share/doc/${PF}/README.gentoo.bz2 for additional" - elog "Setup information, mailman will NOT run unless you follow" - elog "those instructions!" - echo - - elog "An example Mailman configuration file for Apache has been installed into:" - elog " ${APACHE2_MODULES_CONFDIR}/50_mailman.conf" - echo - elog "To enable, you will need to add \"-D MAILMAN\" to" - elog "/etc/conf.d/apache2." - echo - - ewarn "Default-Configuration has changed deeply in 2.1.9-r2. You can configure" - ewarn "mailman with the following variables:" - ewarn "MAILMAN_PREFIX (default: /usr/$(get_libdir)/mailman)" - ewarn "MAILMAN_VAR_PREFIX (default: /var/lib/mailman)" - ewarn "MAILMAN_CGIUID (default: apache)" - ewarn "MAILMAN_CGIGID (default: apache)" - ewarn "MAILMAN_CGIEXT (default: empty)" - ewarn "MAILMAN_MAILUSR (default: mailman)" - ewarn "MAILMAN_MAILUID (default: 280)" - ewarn "MAILMAN_MAILGRP (default: mailman)" - ewarn "MAILMAN_MAILGID (default: 280)" - ewarn - ewarn "Config file is now symlinked in /etc/mailman, so etc-update works." - ewarn - ewarn "If you're upgrading from below 2.1.9-r2 or changed MAILMAN_PREFIX, you" - ewarn "NEED to make a few manual updates to your system:" - ewarn - ewarn "1. Update your mailman users's home directory: usermod -d ${INSTALLDIR} mailman" - ewarn "2. Re-import the crontab: su - mailman -c 'crontab cron/crontab.in'" - ewarn "3. Copy your old mm_cfg.py file to /etc/mailman/mm_cfg.py" - ewarn - ewarn "Additionally if you've modified MAILMAN_VAR_PREFIX (or upgraded from" - ewarn "a pre 2.1.9-r2 installation), you should move your old lists/ and" - ewarn "archives/ directory to the new location, ensuring that the" - ewarn "permissions is correct. See bug #208789 for a discussion." -} |