Fix CVE-2012-3482

patch from http://gitorious.org/fetchmail/fetchmail/commit/3fbc7cd331602c76f882d1b507cd05c1d824ba8b/diffs

mail/fetchmail/Makefile

@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.177 2011/08/26 07:19:25 tron Exp $
+# $NetBSD: Makefile,v 1.178 2012/08/21 15:49:54 tez Exp $
 
 # Note to updaters: mail/fetchmailconf reaches over here, make sure it builds.
 DISTNAME=	fetchmail-6.3.21
+PKGREVISION=	1
 CATEGORIES=	mail
 MASTER_SITES=	http://download.berlios.de/fetchmail/
 EXTRACT_SUFX=	.tar.bz2

mail/fetchmail/distinfo

@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.45 2011/08/26 07:19:25 tron Exp $
+$NetBSD: distinfo,v 1.46 2012/08/21 15:49:54 tez Exp $
 
 SHA1 (fetchmail-6.3.21.tar.bz2) = e32a0d40ec133d651782543ecd7bc9bbee52dff7
 RMD160 (fetchmail-6.3.21.tar.bz2) = 981084b384eb8f6f424af64ceb5922a030271519
 Size (fetchmail-6.3.21.tar.bz2) = 1724445 bytes
+SHA1 (patch-ntlmsubr.c) = 0f84d835f0bd49365706290b5bc1f27177ae6c5a

mail/fetchmail/patches/patch-ntlmsubr.c

@@ -0,0 +1,22 @@
+$NetBSD: patch-ntlmsubr.c,v 1.1 2012/08/21 15:49:54 tez Exp $
+
+Fix CVE-2012-3482
+patch from http://gitorious.org/fetchmail/fetchmail/commit/3fbc7cd331602c76f882d1b507cd05c1d824ba8b/diffs
+
+--- ntlmsubr.c.orig	2012-08-21 15:19:44.585694400 +0000
++++ ntlmsubr.c
+@@ -55,7 +55,13 @@ int ntlm_helper(int sock, struct query *
+     if ((result = gen_recv(sock, msgbuf, sizeof msgbuf)))
+ 	goto cancelfail;
+
+-    (void)from64tobits (&challenge, msgbuf, sizeof(challenge));
++    if ((result = from64tobits (&challenge, msgbuf, sizeof(challenge))) < 0) {
++	report (stderr, GT_("could not decode BASE64 challenge\n"));
++	/* We do not goto cancelfail; the server has already sent the
++	* tagged reply, so the protocol exchange has ended, no need
++	* for us to send the asterisk. */
++	return PS_AUTHFAIL;
++    }
+
+     if (outlevel >= O_DEBUG)
+ 	dumpSmbNtlmAuthChallenge(stdout, &challenge);