X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from mail-pa0-f53.google.com (mail-pa0-f53.google.com [209.85.220.53]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id CE6ABDC012C for ; Fri, 30 Jan 2015 22:48:14 +0000 (UTC) Received: by mail-pa0-f53.google.com with SMTP id kx10so57550190pab.12 for ; Fri, 30 Jan 2015 14:48:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=/OYNcIpyTlRLX8jKUzrjy7TqCtfl9rf+FCQ6RL2RLrU=; b=ArK6pf1HrfFLiwkrSK/ibZp5fIbAGws9+GXExhYGzT+wQ/1FrN9dkMQjueqGccHnme EYvFIy/P56TgdWfNdiQhRIxNqAXQJ4/jXGfzvwLunupfUsE9a9wGWpQTLapXvxOOK+OO LmnYDeTJwnN+ma7FH4s5tqaphTq17G1mGpiqYczbxc5OzPxrY8BOfyP0VLMTI0BzoHQT epkHvwX0WLLAKU6USWjYiDayESCaTs3QUhq0aRCiMexPh+zmjJW25ZnwzB3mLKUG4rKb 8OwQfg1GPoCcWD5py5Tq1CgGPjPMFqBrkAaU87gxU9f8Jco9KRPJcOAXcakAPSMDaErn h5OQ== X-Received: by 10.70.16.35 with SMTP id c3mr11679447pdd.137.1422658093659; Fri, 30 Jan 2015 14:48:13 -0800 (PST) Received: from newbook ([50.0.229.221]) by mx.google.com with ESMTPSA id ck11sm1064568pac.5.2015.01.30.14.48.11 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 30 Jan 2015 14:48:13 -0800 (PST) Date: Fri, 30 Jan 2015 14:48:19 -0800 From: Isaac Dunham To: Natanael Copa Cc: alpine-devel@lists.alpinelinux.org Subject: Re: [alpine-devel] considering packaging another mailx Message-ID: <20150130224818.GA1798@newbook> References: <20140913203317.GA5578@newbook> <20140915104643.25dea7f5@ncopa-desktop.alpinelinux.org> <20140915143728.GA514@muslin> <20150127161535.698aa7dd@ncopa-desktop.alpinelinux.org> <20150128013455.GB1798@newbook> <20150130134601.6e9f928b@ncopa-desktop.alpinelinux.org> X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20150130134601.6e9f928b@ncopa-desktop.alpinelinux.org> User-Agent: Mutt/1.5.23 (2014-03-12) On Fri, Jan 30, 2015 at 01:46:01PM +0100, Natanael Copa wrote: > On Tue, 27 Jan 2015 17:35:36 -0800 > Isaac Dunham wrote: > > > On Tue, Jan 27, 2015 at 04:15:35PM +0100, Natanael Copa wrote: > > > I'm bringing up this old issue because there are a couple of CVE issues: > > > http://seclists.org/oss-sec/2014/q4/1066 > > > > > > Do you think it would be possible to completely replace main/mailx with > > > heirloom-mailx without breaking too much? More specifically, does > > > heirloom/mailx' mail implementation support all the args in current > > > mail/mailx? > > > > > > -nc > > > > Yes. > > heirloom-mailx does not mention -v in its help, but seems to accept it. > > Other options/arguments seem to be compatible. > > I'm thinking how to do this for stable to fix the CVE issues. I looked > at backporting the patches to our version but that seems like alot of > work so I don't think that is a good option. > > It seems that heirloom-mailx also introduces krb5 dependency. I think > we don't want that for stable, but it also looks like its optional. krb5 is for IMAP authentication over GSSAPI; it is optional, and there are 4 GSS libraries that can be used in theory. The makefile probes for these, so it's simply a matter of whether the library is in makedepends. Our "mailx" (actually "mail") does not support IMAP at all, so dropping krb5 from makedepends for stable should be fine. I'm not aware of a particular need for IMAP authentication over GSSAPI, but thought that it would be better to support it since we have Kerberos in main/ (in other words, feel free to drop it completely if you see fit). > The /etc/mail.rc has been renamed to /etc/nail.rc but I suppose we can > add a pre-upgrade script that will rename existing /etc/mail.rc > to /etc/nail.rc and add a symlink /etc/mail.rc. Sounds good. > There is also a heirloom-mailx fork named s-nail. I don't know if that > is a better alternative. If you look back over the thread, I mentioned s-nail but chose not to package it yet because the development plans involve(d) a bunch of code cleanup down the road, including dropping IMAP support for a release or two and then rewriting it from scratch. It's probably a good idea in the long term, but I doubt that starting to support IMAP, turning it off, and turning it on again with a complete rewrite of the backend is going to make things easy for users or for tidy upgrades. Once the s-nail developers have the new IMAP support finished, it would probably be a good choice. Thanks, Isaac Dunham --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---