From 05225d592305ee56d484d7e2c4f4b44026fe449c Mon Sep 17 00:00:00 2001
From: Martin Wilke <miwi@FreeBSD.org>
Date: Tue, 18 Dec 2007 16:03:29 +0000
Subject: [PATCH] - Update to 1.4.13

PR:		118781
Submitted by:	Simon Dick <simond@irrelevant.org> (maintainer)
Security:	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6348
---
 mail/squirrelmail/Makefile                    |   2 +-
 mail/squirrelmail/distinfo                    |   6 +-
 .../files/patch-1.4.11_compose_attachments    | 215 ------------------
 3 files changed, 4 insertions(+), 219 deletions(-)
 delete mode 100644 mail/squirrelmail/files/patch-1.4.11_compose_attachments

diff --git a/mail/squirrelmail/Makefile b/mail/squirrelmail/Makefile
index 45593d2a0b4e..62bd65be2a5e 100644
--- a/mail/squirrelmail/Makefile
+++ b/mail/squirrelmail/Makefile
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	squirrelmail
-PORTVERSION=	1.4.11
+PORTVERSION=	1.4.13
 CATEGORIES=	mail www
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	${PORTNAME}
diff --git a/mail/squirrelmail/distinfo b/mail/squirrelmail/distinfo
index bcdbe062ba48..593854c526a4 100644
--- a/mail/squirrelmail/distinfo
+++ b/mail/squirrelmail/distinfo
@@ -1,6 +1,6 @@
-MD5 (squirrelmail/squirrelmail-1.4.11.tar.bz2) = 486fb27a6ab306088603163160dbc8ca
-SHA256 (squirrelmail/squirrelmail-1.4.11.tar.bz2) = 7c187933dd76fd0a13544851b17db12a9875f5d5eb2e2d6d16528b442fc20bb6
-SIZE (squirrelmail/squirrelmail-1.4.11.tar.bz2) = 496370
+MD5 (squirrelmail/squirrelmail-1.4.13.tar.bz2) = 1a1bdad6245aaabcdd23d9402acb388e
+SHA256 (squirrelmail/squirrelmail-1.4.13.tar.bz2) = 331ff58933f48f5d772d018c1ba1362867646005b3486d6006b1747e1fbc16d5
+SIZE (squirrelmail/squirrelmail-1.4.13.tar.bz2) = 497103
 MD5 (squirrelmail/all_locales-1.4.9-20070106.tar.bz2) = eaa0e8835b8d7d451500aad907c22e24
 SHA256 (squirrelmail/all_locales-1.4.9-20070106.tar.bz2) = 04ad3e37042deb8c5668946c3364cd53d9c30b2486f24deee4d71c05fa584423
 SIZE (squirrelmail/all_locales-1.4.9-20070106.tar.bz2) = 2699569
diff --git a/mail/squirrelmail/files/patch-1.4.11_compose_attachments b/mail/squirrelmail/files/patch-1.4.11_compose_attachments
deleted file mode 100644
index 770b54d4ae87..000000000000
--- a/mail/squirrelmail/files/patch-1.4.11_compose_attachments
+++ /dev/null
@@ -1,215 +0,0 @@
-Index: src/compose.php
-===================================================================
---- src/compose.php	(revision 12656)
-+++ src/compose.php	(working copy)
-@@ -319,9 +319,6 @@
-         if (!empty($attachments)) 
-             $attachments = unserialize($attachments);
- 
--        // Not used any more, but left for posterity
--        //$compose_messages = unserialize($restoremessages);
--        //sqsession_register($compose_messages,'compose_messages');
-         sqsession_register($composesession,'composesession');
- 
-         if (isset($send)) {
-@@ -357,20 +354,13 @@
-     $composesession = $session;
-     sqsession_register($composesession,'composesession');
- }
--if (!isset($compose_messages)) {
--    $compose_messages = array();
--}
--if (empty($compose_messages[$session])) {
-+if (!empty($compose_messages[$session])) {
-+    $composeMessage = $compose_messages[$session];
-+} else {
-     $composeMessage = new Message();
-     $rfc822_header = new Rfc822Header();
-     $composeMessage->rfc822_header = $rfc822_header;
-     $composeMessage->reply_rfc822_header = '';
--    $compose_messages[$session] = $composeMessage;
--
--    // Not used any more, but left for posterity
--    //sqsession_register($compose_messages,'compose_messages');
--} else {
--    $composeMessage=$compose_messages[$session];
- }
- 
- // re-add attachments that were already in this message
-@@ -392,14 +382,10 @@
-      * of language interface.
-      */
-     set_my_charset();
--    $composeMessage = $compose_messages[$session];
-     if (! deliverMessage($composeMessage, true)) {
-         showInputForm($session);
-         exit();
-     } else {
--        // Not used any more, but left for posterity
--        //unset($compose_messages[$session]);
--        //sqsession_register($compose_messages,'compose_messages');
-         $draft_message = _("Draft Email Saved");
-         /* If this is a resumed draft, then delete the original */
-         if(isset($delete_draft)) {
-@@ -490,17 +476,12 @@
-         }
-         $body = $newBody;
- 
--        $composeMessage=$compose_messages[$session];
--
-         $Result = deliverMessage($composeMessage);
-         do_hook('compose_send_after', $Result, $composeMessage);
-         if (! $Result) {
-             showInputForm($session);
-             exit();
-         }
--        // Not used any more, but left for posterity
--        //unset($compose_messages[$session]);
--        //sqsession_register($compose_messages,'compose_messages');
- 
-         /* if it is resumed draft, delete draft message */
-         if ( isset($delete_draft)) {
-@@ -604,7 +585,6 @@
-     }
- 
-     if (isset($delete) && is_array($delete)) {
--        $composeMessage = $compose_messages[$session];
-         foreach($delete as $index) {
-             if (!empty($composeMessage->entities) && isset($composeMessage->entities[$index])) {
-                 $composeMessage->entities[$index]->purgeAttachments();
-@@ -616,9 +596,6 @@
-             $new_entities[] = $entity;
-         }
-         $composeMessage->entities = $new_entities;
--        $compose_messages[$session] = $composeMessage;
--        // Not used any more, but left for posterity
--        //sqsession_register($compose_messages, 'compose_messages');
-     }
-     showInputForm($session);
- } else {
-@@ -675,7 +652,7 @@
- function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $session='') {
-     global $editor_size, $default_use_priority, $body, $idents,
-         $use_signature, $composesession, $data_dir, $username,
--        $username, $key, $imapServerAddress, $imapPort, $compose_messages,
-+        $username, $key, $imapServerAddress, $imapPort, 
-         $composeMessage, $body_quote;
-     global $languages, $squirrelmail_language, $default_charset;
- 
-@@ -896,9 +873,6 @@
-             default:
-                 break;
-         }
--        $compose_messages[$session] = $composeMessage;
--        // Not used any more, but left for posterity
--        //sqsession_register($compose_messages, 'compose_messages');
-         session_write_close();
-         sqimap_logout($imapConnection);
-     }
-@@ -1016,7 +990,7 @@
-         $username, $data_dir, $identity, $idents, $draft_id, $delete_draft,
-         $mailprio, $default_use_mdn, $mdn_user_support, $compose_new_win,
-         $saved_draft, $mail_sent, $sig_first, $edit_as_new, $action,
--        $username, $compose_messages, $composesession, $default_charset,
-+        $username, $composesession, $default_charset, $composeMessage,
-         $javascript_on;
- 
-     if ($javascript_on)
-@@ -1024,7 +998,6 @@
-     else
-         $onfocus = '';
-     
--    $composeMessage = $compose_messages[$session];
-     if ($values) {
-         $send_to = $values['send_to'];
-         $send_to_cc = $values['send_to_cc'];
-@@ -1294,8 +1267,6 @@
-        store the complete ComposeMessages array in a hidden input value
-        so we can restore them in case of a session timeout.
-      */
--    // Not used any more, but left for posterity
--    //echo addHidden('restoremessages', serialize($compose_messages)).
-     echo addHidden('composesession', $composesession).
-         addHidden('querystring', $queryString).
-         (!empty($attach_array) ?
-@@ -1397,7 +1368,7 @@
- /* True if FAILURE */
- function saveAttachedFiles($session) {
-     global $_FILES, $attachment_dir, $username,
--        $data_dir, $compose_messages;
-+        $data_dir, $composeMessage;
- 
-     /* get out of here if no file was attached at all */
-     if (! is_uploaded_file($_FILES['attachfile']['tmp_name']) ) {
-@@ -1419,13 +1390,9 @@
-             return true;
-         }
-     }
--    $message = $compose_messages[$session];
-     $type = strtolower($_FILES['attachfile']['type']);
-     $name = $_FILES['attachfile']['name'];
--    $message->initAttachment($type, $name, $localfilename);
--    $compose_messages[$session] = $message;
--    // Not used any more, but left for posterity
--    //sqsession_register($compose_messages , 'compose_messages');
-+    $composeMessage->initAttachment($type, $name, $localfilename);
- }
- 
- /* parse values like 8M and 2k into bytes */
-Index: src/addrbook_search_html.php
-===================================================================
---- src/addrbook_search_html.php	(revision 12705)
-+++ src/addrbook_search_html.php	(working copy)
-@@ -48,7 +48,7 @@
-  */
- function addr_insert_hidden() {
-     global $body, $subject, $send_to, $send_to_cc, $send_to_bcc, $mailbox,
--           $mailprio, $request_mdn, $request_dr, $identity, $session;
-+           $mailprio, $request_mdn, $request_dr, $identity, $session, $composeMessage;
- 
-    if (substr($body, 0, 1) == "\r") {
-        echo addHidden('body', "\n".$body);
-@@ -56,6 +56,9 @@
-        echo addHidden('body', $body);
-    }
- 
-+   if (is_object($composeMessage) && $composeMessage->entities)
-+       echo addHidden('attachments', serialize($composeMessage->entities));
-+
-    echo addHidden('session', $session).
-         addHidden('subject', $subject).
-         addHidden('send_to', $send_to).
-@@ -198,11 +201,11 @@
- 
- 
- /* Search form */
--echo '<center>' .
-+echo addForm($PHP_SELF.'?html_addr_search=true', 'post', 'f').
-+    '<center>' .
-     html_tag( 'table', '', 'center', '', 'border="0"' ) .
-     html_tag( 'tr' ) .
-     html_tag( 'td', '', 'left', '', 'nowrap valign="middle"' ) . "\n" .
--    addForm($PHP_SELF.'?html_addr_search=true', 'post', 'f').
-     "\n<center>\n" .
-     '  <nobr><strong>' . _("Search for") . "</strong>\n";
- addr_insert_hidden();
-@@ -232,9 +235,8 @@
- echo '<input type="submit" value="' . _("Search") . '" />' .
-      '&nbsp;|&nbsp;<input type="submit" value="' . _("List all") .
-      '" name="listall" />' . "\n" .
--     '</form></center></td></tr></table>' . "\n";
--addr_insert_hidden();
--echo '</center>';
-+     '</center></td></tr></table>' . "\n";
-+echo '</center></form>';
- do_hook('addrbook_html_search_below');
- /* End search form */
- 
-@@ -270,6 +272,7 @@
-         usort($res,'alistcmp');
-         addr_display_result($res, true);
-     }
-+    echo '</body></html>';
-     exit;
- }
- else {