.
OBS-URL: https://build.opensuse.org/package/show/server:mail/mutt?expand=0&rev=103
This commit is contained in:
Dr. Werner Fink
Git OBS Bridge
parent
3d0238d873
commit
aaea026ecb
43
bsc907453-CVE-2014-9116-jessie.patch
Normal file
43
bsc907453-CVE-2014-9116-jessie.patch
Normal file
@ -0,0 +1,43 @@
|
||||
This patch solves the issue raised by CVE-2014-9116 in bug 771125.
|
||||
|
||||
We correctly redefine what are the whitespace characters as per RFC5322; by
|
||||
doing so we prevent mutt_substrdup from being used in a way that could lead to
|
||||
a segfault.
|
||||
|
||||
The lib.c part was written by Antonio Radici <antonio@debian.org> to prevent
|
||||
crashes due to this kind of bugs from happening again.
|
||||
|
||||
The wheezy version of this patch is slightly different, therefore this patch
|
||||
has -jessie prefixed in its name.
|
||||
|
||||
Index: mutt/lib.c
|
||||
===================================================================
|
||||
--- mutt/lib.c
|
||||
+++ mutt/lib.c
|
||||
@@ -819,6 +819,9 @@ char *mutt_substrdup (const char *begin,
|
||||
size_t len;
|
||||
char *p;
|
||||
|
||||
+ if (end != NULL && end < begin)
|
||||
+ return NULL;
|
||||
+
|
||||
if (end)
|
||||
len = end - begin;
|
||||
else
|
||||
Index: mutt/sendlib.c
|
||||
===================================================================
|
||||
--- mutt/sendlib.c
|
||||
+++ mutt/sendlib.c
|
||||
@@ -1814,7 +1814,11 @@ static int write_one_header (FILE *fp, i
|
||||
{
|
||||
tagbuf = mutt_substrdup (start, t);
|
||||
++t; /* skip over the colon separating the header field name and value */
|
||||
- SKIPWS(t); /* skip over any leading whitespace */
|
||||
+
|
||||
+ /* skip over any leading whitespace (WSP, as defined in RFC5322) */
|
||||
+ while (*t == ' ' || *t == '\t')
|
||||
+ t++;
|
||||
+
|
||||
valbuf = mutt_substrdup (t, end);
|
||||
}
|
||||
dprint(4,(debugfile,"mwoh: buf[%s%s] too long, "
|
||||
@ -1,3 +1,9 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 4 12:03:10 UTC 2014 - werner@suse.de
|
||||
|
||||
- Add patch bsc907453-CVE-2014-9116-jessie.patch to fix bsc#907453
|
||||
CVE-2014-9116: heap-based buffer overflow in mutt_substrdup()
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 18 08:15:09 UTC 2014 - lnussel@suse.de
|
||||
|
||||
|
||||
@ -107,6 +107,8 @@ Patch16: mutt-1.5.21-cariage-return.path
|
||||
Patch17: mutt-CVE-2014-0467.patch
|
||||
# PATCH-FIX-OPENSUSE bnc#899712 - fallback mailcap for e.g text/html
|
||||
Patch18: mutt-1.5.21-mailcap.diff
|
||||
# PATCH-FIX-SUSE: bsc#907453 - CVE-2014-9116: mutt: heap-based buffer overflow in mutt_substrdup()
|
||||
Patch19: bsc907453-CVE-2014-9116-jessie.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
%global _sysconfdir %{_sysconfdir}
|
||||
|
||||
@ -141,6 +143,7 @@ done
|
||||
%patch16 -p0 -b .crlf
|
||||
%patch17 -p1 -b .cve.2014.0467
|
||||
%patch18 -p1 -b .mailcap
|
||||
%patch19 -p1 -b .cvw2014.9116
|
||||
|
||||
cp doc/Muttrc Muttrc.SuSE
|
||||
cp %{S:2} .
|
||||
|
||||
Loading…
Reference in New Issue
Block a user