commit 4ab76cd28b12ab0eeba4931268b0b933b38f58cd Author: Juergen Daubert <jue@jue.li> Date: Thu Sep 3 17:28:59 2015 +0200 mutt: update to 1.5.24 diff --git a/mutt/.md5sum b/mutt/.md5sum index de15fff..ff43ff6 100644 --- a/mutt/.md5sum +++ b/mutt/.md5sum @@ -1,2 +1 @@ -9aee189b0c8a8755b5a10712e8d45b0b CVE-2014-9116.patch -11f5b6a3eeba1afa1257fe93c9f26bff mutt-1.5.23.tar.gz +7f25d27f3c7c82285ac07aac35f5f0f2 mutt-1.5.24.tar.gz diff --git a/mutt/CVE-2014-9116.patch b/mutt/CVE-2014-9116.patch deleted file mode 100644 index 9da334a..0000000 --- a/mutt/CVE-2014-9116.patch +++ /dev/null @@ -1,41 +0,0 @@ -# http://dev.mutt.org/trac/ticket/3716 - -This patch solves the issue raised by CVE-2014-9116 in bug 771125. - -We correctly redefine what are the whitespace characters as per RFC5322; by -doing so we prevent mutt_substrdup from being used in a way that could lead to -a segfault. - -The lib.c part was written by Antonio Radici <antonio@debian.org> to prevent -crashes due to this kind of bugs from happening again. - -The wheezy version of this patch is slightly different, therefore this patch -has -jessie prefixed in its name. - -Index: mutt/lib.c -=================================================================== ---- mutt.orig/lib.c -+++ mutt/lib.c -@@ -815,6 +815,9 @@ char *mutt_substrdup (const char *begin, - size_t len; - char *p; - -+ if (end != NULL && end < begin) -+ return NULL; -+ - if (end) - len = end - begin; - else -Index: mutt/lib.h -=================================================================== ---- mutt.orig/lib.h -+++ mutt/lib.h -@@ -98,7 +98,7 @@ - on some systems */ - # define SKIPWS(c) while (*(c) && isspace ((unsigned char) *(c))) c++; - --#define EMAIL_WSP " \t\r\n" -+#define EMAIL_WSP " \t\r" - - /* skip over WSP as defined by RFC5322. This is used primarily for parsing - * header fields. */ diff --git a/mutt/Pkgfile b/mutt/Pkgfile index bc0b8d6..255f329 100644 --- a/mutt/Pkgfile +++ b/mutt/Pkgfile @@ -4,16 +4,13 @@ # Depends on: gdbm ncurses openssl zlib name=mutt -version=1.5.23 -release=2 -source=(https://bitbucket.org/mutt/mutt/downloads/$name-$version.tar.gz - CVE-2014-9116.patch) +version=1.5.24 +release=1 +source=(https://bitbucket.org/mutt/mutt/downloads/$name-$version.tar.gz) build () { cd $name-$version - patch -p1 -i $SRC/CVE-2014-9116.patch - ./configure --prefix=/usr \ --mandir=/usr/man \ --with-docdir=/usr/share/mutt \