From 6aa9656a124c05e95eaa3ff8db35cf21812ae4fc Mon Sep 17 00:00:00 2001 From: "Dr. Werner Fink" Date: Tue, 17 Jul 2018 09:51:04 +0000 Subject: [PATCH 1/4] Update to mutt 1.10.1 OBS-URL: https://build.opensuse.org/package/show/server:mail/mutt?expand=0&rev=188 --- bug-676388-largefile.patch | 2 +- mutt-1.10.0.tar.gz | 3 - mutt-1.10.1.tar.gz | 3 + mutt-1.5.15-wrapcolumn.diff | 2 +- mutt-1.5.20-sendgroupreplyto.diff | 2 +- mutt-1.5.23-carriage-return.path | 26 +-- mutt-1.6.1-opennfs.dif | 2 +- mutt.changes | 15 ++ mutt.spec | 8 +- patch-1.5.24.vk.pgp_verbose_mime | 4 +- truncate.patch | 258 +++++++++++++++--------------- 11 files changed, 170 insertions(+), 155 deletions(-) delete mode 100644 mutt-1.10.0.tar.gz create mode 100644 mutt-1.10.1.tar.gz diff --git a/bug-676388-largefile.patch b/bug-676388-largefile.patch index ac5be5d..14e1066 100644 --- a/bug-676388-largefile.patch +++ b/bug-676388-largefile.patch @@ -20,7 +20,7 @@ return -1; --- mutt.h +++ mutt.h 2018-07-04 12:54:40.604418656 +0000 -@@ -689,7 +689,7 @@ typedef struct body +@@ -690,7 +690,7 @@ typedef struct body PARAMETER *parameter; /* parameters of the content-type */ char *description; /* content-description */ char *form_name; /* Content-Disposition form-data name param */ diff --git a/mutt-1.10.0.tar.gz b/mutt-1.10.0.tar.gz deleted file mode 100644 index 7fc6fd9..0000000 --- a/mutt-1.10.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:0215b5f90ef9cc33441a6ca842379b64412ed7f8da83ed68bfaa319179f5535b -size 4249980 diff --git a/mutt-1.10.1.tar.gz b/mutt-1.10.1.tar.gz new file mode 100644 index 0000000..4e6b29d --- /dev/null +++ b/mutt-1.10.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:734a3883158ec3d180cf6538d8bd7f685ce641d2cdef657aa0038f76e79a54a0 +size 4255890 diff --git a/mutt-1.5.15-wrapcolumn.diff b/mutt-1.5.15-wrapcolumn.diff index a3048b6..2b72fab 100644 --- a/mutt-1.5.15-wrapcolumn.diff +++ b/mutt-1.5.15-wrapcolumn.diff @@ -6,7 +6,7 @@ Index: init.h --- init.h +++ init.h 2018-07-04 12:19:10.323191976 +0000 -@@ -3954,6 +3954,7 @@ struct option_t MuttVars[] = { +@@ -3968,6 +3968,7 @@ struct option_t MuttVars[] = { ** printing, or replying to messages. */ { "wrap", DT_NUM, R_PAGER, UL &Wrap, 0 }, diff --git a/mutt-1.5.20-sendgroupreplyto.diff b/mutt-1.5.20-sendgroupreplyto.diff index f691526..1870aeb 100644 --- a/mutt-1.5.20-sendgroupreplyto.diff +++ b/mutt-1.5.20-sendgroupreplyto.diff @@ -6,7 +6,7 @@ --- init.h +++ init.h 2018-07-04 12:14:37.508148148 +0000 -@@ -2792,6 +2792,13 @@ struct option_t MuttVars[] = { +@@ -2809,6 +2792,13 @@ struct option_t MuttVars[] = { ** .pp ** Also see the $$force_name variable. */ diff --git a/mutt-1.5.23-carriage-return.path b/mutt-1.5.23-carriage-return.path index 1a5d551..1698dcf 100644 --- a/mutt-1.5.23-carriage-return.path +++ b/mutt-1.5.23-carriage-return.path @@ -7,8 +7,8 @@ 5 files changed, 26 insertions(+), 14 deletions(-) --- crypt-gpgme.c -+++ crypt-gpgme.c 2018-07-05 08:04:39.576930067 +0000 -@@ -2331,7 +2331,7 @@ static void copy_clearsigned (gpgme_data ++++ crypt-gpgme.c 2018-07-17 09:39:04.969728233 +0000 +@@ -2335,7 +2335,7 @@ static void copy_clearsigned (gpgme_data if (armor_header) { @@ -18,7 +18,7 @@ continue; } --- lib.c -+++ lib.c 2018-07-05 08:14:39.346030258 +0000 ++++ lib.c 2018-07-17 09:39:04.969728233 +0000 @@ -875,6 +875,17 @@ int mutt_strcmp(const char *a, const cha return strcmp(NONULL(a), NONULL(b)); } @@ -38,7 +38,7 @@ { return strcasecmp(NONULL(a), NONULL(b)); --- lib.h -+++ lib.h 2018-07-05 07:54:51.679598142 +0000 ++++ lib.h 2018-07-17 09:39:04.969728233 +0000 @@ -203,6 +203,7 @@ int mutt_copy_bytes (FILE *, FILE *, siz int mutt_rx_sanitize_string (char *, size_t, const char *); int mutt_strcasecmp (const char *, const char *); @@ -48,7 +48,7 @@ int mutt_strncmp (const char *, const char *, size_t); int mutt_strcoll (const char *, const char *); --- pager.c -+++ pager.c 2018-07-05 08:08:31.328720187 +0000 ++++ pager.c 2018-07-17 09:39:04.969728233 +0000 @@ -785,7 +785,7 @@ resolve_types (char *buf, char *raw, str else if (check_attachment_marker ((char *) raw) == 0) lineInfo[n].type = MT_COLOR_ATTACHMENT; @@ -59,8 +59,8 @@ i = n + 1; --- pgp.c -+++ pgp.c 2018-07-05 08:07:03.658313041 +0000 -@@ -305,7 +305,7 @@ static void pgp_copy_clearsigned (FILE * ++++ pgp.c 2018-07-17 09:41:08.907482460 +0000 +@@ -373,7 +373,7 @@ static void pgp_copy_clearsigned (FILE * continue; } @@ -69,9 +69,9 @@ break; if (armor_header) -@@ -371,14 +371,14 @@ int pgp_application_pgp_handler (BODY *m - { - clearsign = 0; +@@ -442,14 +442,14 @@ int pgp_application_pgp_handler (BODY *m + could_not_decrypt = 0; + decrypt_okay_rc = 0; - if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0) + if (mutt_strxcmp ("MESSAGE-----\n", buf + 15) == 0) @@ -87,7 +87,7 @@ { needpass = 0; pgp_keyblock = 1; -@@ -411,10 +411,10 @@ int pgp_application_pgp_handler (BODY *m +@@ -482,10 +482,10 @@ int pgp_application_pgp_handler (BODY *m fputs (buf, tmpfp); @@ -101,7 +101,7 @@ break; /* remember optional Charset: armor header as defined by RfC4880 */ if (mutt_strncmp ("Charset: ", buf, 9) == 0) -@@ -645,11 +645,11 @@ static int pgp_check_traditional_one_bod +@@ -736,11 +736,11 @@ static int pgp_check_traditional_one_bod { if (mutt_strncmp ("-----BEGIN PGP ", buf, 15) == 0) { @@ -116,7 +116,7 @@ key = 1; } } -@@ -1137,9 +1137,9 @@ BODY *pgp_sign_message (BODY *a) +@@ -1228,9 +1228,9 @@ BODY *pgp_sign_message (BODY *a) */ while (fgets (buffer, sizeof (buffer) - 1, pgpout) != NULL) { diff --git a/mutt-1.6.1-opennfs.dif b/mutt-1.6.1-opennfs.dif index 48b5c53..82cb1c1 100644 --- a/mutt-1.6.1-opennfs.dif +++ b/mutt-1.6.1-opennfs.dif @@ -105,7 +105,7 @@ { --- mutt.h +++ mutt.h 2018-07-04 12:50:36.504867472 +0000 -@@ -1086,4 +1086,7 @@ typedef struct +@@ -1087,4 +1087,7 @@ typedef struct #include "lib.h" #include "globals.h" diff --git a/mutt.changes b/mutt.changes index ea52f31..09b4595 100644 --- a/mutt.changes +++ b/mutt.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Tue Jul 17 09:46:59 UTC 2018 - werner@suse.de + +- Update to mutt 1.10.1 + This is an important bug-fix release, fixing a code injection + and a couple path traversal vulnerabilities. +- Modified patches + * bug-676388-largefile.patch + * mutt-1.5.15-wrapcolumn.diff + * mutt-1.5.20-sendgroupreplyto.diff + * mutt-1.5.23-carriage-return.path + * mutt-1.6.1-opennfs.dif + * patch-1.5.24.vk.pgp_verbose_mime + * truncate.patch + ------------------------------------------------------------------- Thu Jul 5 11:41:44 UTC 2018 - werner@suse.de diff --git a/mutt.spec b/mutt.spec index 25fe48f..37e8b03 100644 --- a/mutt.spec +++ b/mutt.spec @@ -73,21 +73,21 @@ Recommends: w3m Requires(post): shared-mime-info Requires(postun): shared-mime-info %endif -Version: 1.10.0 +Version: 1.10.1 Release: 0 Summary: Mail Program # ftp://ftp.mutt.org/mutt/devel/ -# https/bitbucket.org/mutt/mutt/downloads/%%name-%%version.tar.gz +# https:///bitbucket.org/mutt/mutt/downloads/%%name-%%version.tar.gz License: GPL-2.0-or-later Group: Productivity/Networking/Email/Clients -Source0: https/bitbucket.org/mutt/mutt/downloads/mutt-%version.tar.gz +Source0: https:///bitbucket.org/mutt/mutt/downloads/mutt-%version.tar.gz Source1: Signature_conversion Source2: README.alternates Source3: mutt.png Source4: mutt.desktop Source5: skel.muttrc Source9: mutt.mailcap -Patch: %name-%version.dif +Patch: %name-1.10.0.dif # http://www.spinnaker.de/mutt/compressed/ Patch2: %name-1.5.9i-pgpewrap.diff Patch3: %name-1.5.20-sendgroupreplyto.diff diff --git a/patch-1.5.24.vk.pgp_verbose_mime b/patch-1.5.24.vk.pgp_verbose_mime index 495f382..c6e08b1 100644 --- a/patch-1.5.24.vk.pgp_verbose_mime +++ b/patch-1.5.24.vk.pgp_verbose_mime @@ -17,7 +17,7 @@ WHERE char *PgpVerifyCommand; --- init.h +++ init.h 2018-07-04 13:34:46.696603852 +0000 -@@ -3090,9 +3090,18 @@ struct option_t MuttVars[] = { +@@ -3107,9 +3107,18 @@ struct option_t MuttVars[] = { ** a line quoted text if it also matches $$smileys. This mostly ** happens at the beginning of a line. */ @@ -41,7 +41,7 @@ ** .pp --- pgp.c +++ pgp.c 2018-07-04 13:37:32.013594333 +0000 -@@ -1201,7 +1201,8 @@ BODY *pgp_sign_message (BODY *a) +@@ -1292,7 +1292,8 @@ BODY *pgp_sign_message (BODY *a) t->disposition = DISPNONE; t->encoding = ENC7BIT; t->unlink = 1; /* ok to remove this file after sending. */ diff --git a/truncate.patch b/truncate.patch index adb6e93..6e53285 100644 --- a/truncate.patch +++ b/truncate.patch @@ -19,7 +19,7 @@ 17 files changed, 48 insertions(+), 45 deletions(-) --- bcache.c -+++ bcache.c 2018-07-05 09:40:49.868105180 +0000 ++++ bcache.c 2018-07-17 09:42:34.633928921 +0000 @@ -128,7 +128,7 @@ FILE* mutt_bcache_get(body_cache_t *bcac FILE* mutt_bcache_put(body_cache_t *bcache, const char *id, int tmp) @@ -30,7 +30,7 @@ char* s; struct stat sb; --- browser.c -+++ browser.c 2018-07-05 09:56:19.671284149 +0000 ++++ browser.c 2018-07-17 09:42:34.633928921 +0000 @@ -502,7 +502,7 @@ static int examine_directory (MUTTMENU * static int examine_mailboxes (MUTTMENU *menu, struct browser_state *state) { @@ -59,7 +59,7 @@ char helpstr[LONG_STRING]; char title[STRING]; --- buffy.c -+++ buffy.c 2018-07-05 09:57:26.138080458 +0000 ++++ buffy.c 2018-07-17 09:42:34.637928849 +0000 @@ -313,8 +313,8 @@ int mutt_parse_mailboxes (BUFFER *path, static int buffy_maildir_check_dir (BUFFY* mailbox, const char *dir_name, int check_new, int check_stats) @@ -72,7 +72,7 @@ struct dirent *de; char *p; --- commands.c -+++ commands.c 2018-07-05 09:58:25.501005161 +0000 ++++ commands.c 2018-07-17 09:42:34.637928849 +0000 @@ -241,7 +241,7 @@ int mutt_display_message (HEADER *cur) void ci_bounce_message (HEADER *h) @@ -82,8 +82,124 @@ char scratch[SHORT_STRING]; char buf[HUGE_STRING] = { 0 }; ADDRESS *adr = NULL; +--- imap/browse.c ++++ imap/browse.c 2018-07-17 09:42:34.637928849 +0000 +@@ -43,7 +43,7 @@ int imap_browse (char* path, struct brow + { + IMAP_DATA* idata; + IMAP_LIST list; +- char buf[LONG_STRING]; ++ char buf[LONG_STRING+64]; + char mbox[LONG_STRING]; + char munged_mbox[LONG_STRING]; + char list_cmd[5]; +--- imap/imap.c ++++ imap/imap.c 2018-07-17 09:44:01.836348503 +0000 +@@ -59,7 +59,7 @@ int imap_access (const char* path) + { + IMAP_DATA* idata; + IMAP_MBOX mx; +- char buf[LONG_STRING]; ++ char buf[LONG_STRING+64]; + char mailbox[LONG_STRING]; + char mbox[LONG_STRING]; + int rc; +@@ -115,7 +115,7 @@ int imap_access (const char* path) + + int imap_create_mailbox (IMAP_DATA* idata, char* mailbox) + { +- char buf[LONG_STRING], mbox[LONG_STRING]; ++ char buf[LONG_STRING+16], mbox[LONG_STRING]; + + imap_munge_mbox_name (idata, mbox, sizeof (mbox), mailbox); + snprintf (buf, sizeof (buf), "CREATE %s", mbox); +@@ -133,7 +133,7 @@ int imap_rename_mailbox (IMAP_DATA* idat + { + char oldmbox[LONG_STRING]; + char newmbox[LONG_STRING]; +- char buf[LONG_STRING]; ++ char buf[2*LONG_STRING+64]; + + imap_munge_mbox_name (idata, oldmbox, sizeof (oldmbox), mx->mbox); + imap_munge_mbox_name (idata, newmbox, sizeof (newmbox), newname); +@@ -148,7 +148,7 @@ int imap_rename_mailbox (IMAP_DATA* idat + + int imap_delete_mailbox (CONTEXT* ctx, IMAP_MBOX mx) + { +- char buf[LONG_STRING], mbox[LONG_STRING]; ++ char buf[LONG_STRING+16], mbox[LONG_STRING]; + IMAP_DATA *idata; + + if (!ctx || !ctx->data) { +@@ -588,7 +588,7 @@ static int imap_open_mailbox (CONTEXT* c + IMAP_DATA *idata; + IMAP_STATUS* status; + char buf[LONG_STRING]; +- char bufout[LONG_STRING]; ++ char bufout[LONG_STRING+64]; + int count = 0; + IMAP_MBOX mx, pmx; + int rc; +@@ -1572,7 +1572,7 @@ int imap_buffy_check (int force, int che + IMAP_DATA* lastdata = NULL; + BUFFY* mailbox; + char name[LONG_STRING]; +- char command[LONG_STRING]; ++ char command[LONG_STRING+64]; + char munged[LONG_STRING]; + int buffies = 0; + +@@ -1663,7 +1663,7 @@ int imap_status (char* path, int queue) + static int queued = 0; + + IMAP_DATA *idata; +- char buf[LONG_STRING]; ++ char buf[LONG_STRING+64]; + char mbox[LONG_STRING]; + IMAP_STATUS* status; + +@@ -1927,7 +1927,7 @@ int imap_search (CONTEXT* ctx, const pat + int imap_subscribe (char *path, int subscribe) + { + IMAP_DATA *idata; +- char buf[LONG_STRING]; ++ char buf[LONG_STRING+64]; + char mbox[LONG_STRING]; + char errstr[STRING]; + int mblen; +@@ -2057,7 +2057,7 @@ imap_complete_hosts (char *dest, size_t + int imap_complete(char* dest, size_t dlen, char* path) { + IMAP_DATA* idata; + char list[LONG_STRING]; +- char buf[LONG_STRING]; ++ char buf[LONG_STRING+64]; + IMAP_LIST listresp; + char completion[LONG_STRING]; + int clen; +--- imap/imap_private.h ++++ imap/imap_private.h 2018-07-17 09:42:34.641928776 +0000 +@@ -73,7 +73,7 @@ + #define IMAP_CMD_POLL (1<<3) + + /* length of "DD-MMM-YYYY HH:MM:SS +ZZzz" (null-terminated) */ +-#define IMAP_DATELEN 27 ++#define IMAP_DATELEN 37 + + enum + { +--- imap/message.c ++++ imap/message.c 2018-07-17 09:42:34.641928776 +0000 +@@ -753,7 +753,7 @@ int imap_append_message (CONTEXT *ctx, M + { + IMAP_DATA* idata; + FILE *fp; +- char buf[LONG_STRING]; ++ char buf[LONG_STRING+IMAP_DATELEN+SHORT_STRING+64]; + char mbox[LONG_STRING]; + char mailbox[LONG_STRING]; + char internaldate[IMAP_DATELEN]; --- lib.c -+++ lib.c 2018-07-05 09:39:44.941278448 +0000 ++++ lib.c 2018-07-17 09:42:34.637928849 +0000 @@ -583,7 +583,7 @@ int mutt_rmtree (const char* path) { DIR* dirp; @@ -94,7 +210,7 @@ int rc = 0; --- lib.h -+++ lib.h 2018-07-05 09:45:16.751280528 +0000 ++++ lib.h 2018-07-17 09:42:34.637928849 +0000 @@ -59,7 +59,7 @@ # define HUGE_STRING 8192 @@ -105,7 +221,7 @@ /* --- mh.c -+++ mh.c 2018-07-05 09:59:27.119888461 +0000 ++++ mh.c 2018-07-17 09:42:34.637928849 +0000 @@ -852,7 +852,7 @@ static int maildir_parse_dir (CONTEXT * if (subdir) @@ -180,7 +296,7 @@ DIR *dp; struct dirent *de; --- mutt_sasl.c -+++ mutt_sasl.c 2018-07-05 10:12:19.509881363 +0000 ++++ mutt_sasl.c 2018-07-17 09:42:34.637928849 +0000 @@ -80,7 +80,7 @@ static int getnameinfo_err(int ret) * a protection buffer. */ #define MUTT_SASL_MAXBUF 65536 @@ -191,7 +307,7 @@ static sasl_callback_t mutt_sasl_callbacks[5]; --- mutt_ssl_gnutls.c -+++ mutt_ssl_gnutls.c 2018-07-05 09:46:09.406328292 +0000 ++++ mutt_ssl_gnutls.c 2018-07-17 09:42:34.637928849 +0000 @@ -862,7 +862,7 @@ static int tls_check_one_certificate (co menu->max = 25; menu->dialog = (char **) safe_calloc (1, menu->max * sizeof (char *)); @@ -232,7 +348,7 @@ row++; --- pager.c -+++ pager.c 2018-07-05 09:39:09.533918201 +0000 ++++ pager.c 2018-07-17 09:42:34.637928849 +0000 @@ -1911,7 +1911,7 @@ mutt_pager (const char *banner, const ch { static char searchbuf[STRING] = ""; @@ -243,7 +359,7 @@ int i, ch = 0, rc = -1; int err, first = 1; --- pgppubring.c -+++ pgppubring.c 2018-07-05 09:46:56.341479401 +0000 ++++ pgppubring.c 2018-07-17 09:42:34.637928849 +0000 @@ -86,7 +86,7 @@ int main (int argc, char * const argv[]) char *env_pgppath, *env_home; @@ -254,7 +370,7 @@ while ((c = getopt (argc, argv, "f25sk:S")) != EOF) { --- smime.c -+++ smime.c 2018-07-05 10:05:15.813567054 +0000 ++++ smime.c 2018-07-17 09:42:34.637928849 +0000 @@ -179,7 +179,7 @@ static const char *_mutt_fmt_smime_comma if (!optional) { @@ -265,7 +381,7 @@ strfcpy (path, NONULL (SmimeCALocation), sizeof (path)); --- sort.c -+++ sort.c 2018-07-05 10:17:55.819779642 +0000 ++++ sort.c 2018-07-17 09:42:34.637928849 +0000 @@ -40,7 +40,7 @@ static sort_t *AuxSort = NULL; unset_option(OPTAUXSORT); \ } \ @@ -275,119 +391,3 @@ static int compare_score (const void *a, const void *b) { ---- imap/browse.c -+++ imap/browse.c 2018-07-05 09:01:55.262536511 +0000 -@@ -43,7 +43,7 @@ int imap_browse (char* path, struct brow - { - IMAP_DATA* idata; - IMAP_LIST list; -- char buf[LONG_STRING]; -+ char buf[LONG_STRING+64]; - char mbox[LONG_STRING]; - char munged_mbox[LONG_STRING]; - char list_cmd[5]; ---- imap/imap.c -+++ imap/imap.c 2018-07-05 09:55:39.184017284 +0000 -@@ -59,7 +59,7 @@ int imap_access (const char* path) - { - IMAP_DATA* idata; - IMAP_MBOX mx; -- char buf[LONG_STRING]; -+ char buf[LONG_STRING+64]; - char mailbox[LONG_STRING]; - char mbox[LONG_STRING]; - int rc; -@@ -115,7 +115,7 @@ int imap_access (const char* path) - - int imap_create_mailbox (IMAP_DATA* idata, char* mailbox) - { -- char buf[LONG_STRING], mbox[LONG_STRING]; -+ char buf[LONG_STRING+16], mbox[LONG_STRING]; - - imap_munge_mbox_name (idata, mbox, sizeof (mbox), mailbox); - snprintf (buf, sizeof (buf), "CREATE %s", mbox); -@@ -133,7 +133,7 @@ int imap_rename_mailbox (IMAP_DATA* idat - { - char oldmbox[LONG_STRING]; - char newmbox[LONG_STRING]; -- char buf[LONG_STRING]; -+ char buf[2*LONG_STRING+64]; - - imap_munge_mbox_name (idata, oldmbox, sizeof (oldmbox), mx->mbox); - imap_munge_mbox_name (idata, newmbox, sizeof (newmbox), newname); -@@ -148,7 +148,7 @@ int imap_rename_mailbox (IMAP_DATA* idat - - int imap_delete_mailbox (CONTEXT* ctx, IMAP_MBOX mx) - { -- char buf[LONG_STRING], mbox[LONG_STRING]; -+ char buf[LONG_STRING+16], mbox[LONG_STRING]; - IMAP_DATA *idata; - - if (!ctx || !ctx->data) { -@@ -588,7 +588,7 @@ static int imap_open_mailbox (CONTEXT* c - IMAP_DATA *idata; - IMAP_STATUS* status; - char buf[LONG_STRING]; -- char bufout[LONG_STRING]; -+ char bufout[LONG_STRING+64]; - int count = 0; - IMAP_MBOX mx, pmx; - int rc; -@@ -1572,7 +1572,7 @@ int imap_buffy_check (int force, int che - IMAP_DATA* lastdata = NULL; - BUFFY* mailbox; - char name[LONG_STRING]; -- char command[LONG_STRING]; -+ char command[LONG_STRING+64]; - char munged[LONG_STRING]; - int buffies = 0; - -@@ -1663,7 +1663,7 @@ int imap_status (char* path, int queue) - static int queued = 0; - - IMAP_DATA *idata; -- char buf[LONG_STRING]; -+ char buf[LONG_STRING+64]; - char mbox[LONG_STRING]; - IMAP_STATUS* status; - -@@ -1927,7 +1927,7 @@ int imap_search (CONTEXT* ctx, const pat - int imap_subscribe (char *path, int subscribe) - { - IMAP_DATA *idata; -- char buf[LONG_STRING]; -+ char buf[LONG_STRING+64]; - char mbox[LONG_STRING]; - char errstr[STRING]; - BUFFER err, token; -@@ -2054,7 +2054,7 @@ imap_complete_hosts (char *dest, size_t - int imap_complete(char* dest, size_t dlen, char* path) { - IMAP_DATA* idata; - char list[LONG_STRING]; -- char buf[LONG_STRING]; -+ char buf[LONG_STRING+64]; - IMAP_LIST listresp; - char completion[LONG_STRING]; - int clen; ---- imap/imap_private.h -+++ imap/imap_private.h 2018-07-05 09:15:32.671687730 +0000 -@@ -73,7 +73,7 @@ - #define IMAP_CMD_POLL (1<<3) - - /* length of "DD-MMM-YYYY HH:MM:SS +ZZzz" (null-terminated) */ --#define IMAP_DATELEN 27 -+#define IMAP_DATELEN 37 - - enum - { ---- imap/message.c -+++ imap/message.c 2018-07-05 09:11:45.191822795 +0000 -@@ -753,7 +753,7 @@ int imap_append_message (CONTEXT *ctx, M - { - IMAP_DATA* idata; - FILE *fp; -- char buf[LONG_STRING]; -+ char buf[LONG_STRING+IMAP_DATELEN+SHORT_STRING+64]; - char mbox[LONG_STRING]; - char mailbox[LONG_STRING]; - char internaldate[IMAP_DATELEN]; From 0d8df92c3cefe32eab67493ec64499b23fb281ee Mon Sep 17 00:00:00 2001 From: "Dr. Werner Fink" Date: Tue, 17 Jul 2018 10:53:04 +0000 Subject: [PATCH 2/4] . OBS-URL: https://build.opensuse.org/package/show/server:mail/mutt?expand=0&rev=189 --- mutt.changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mutt.changes b/mutt.changes index 09b4595..337659e 100644 --- a/mutt.changes +++ b/mutt.changes @@ -1,7 +1,7 @@ ------------------------------------------------------------------- Tue Jul 17 09:46:59 UTC 2018 - werner@suse.de -- Update to mutt 1.10.1 +- Update to mutt 1.10.1 (boo#1101428) This is an important bug-fix release, fixing a code injection and a couple path traversal vulnerabilities. - Modified patches From 81615e4e7b205b4ed6227b8fa98cac78486f10f2 Mon Sep 17 00:00:00 2001 From: "Dr. Werner Fink" Date: Tue, 17 Jul 2018 11:10:38 +0000 Subject: [PATCH 3/4] . OBS-URL: https://build.opensuse.org/package/show/server:mail/mutt?expand=0&rev=190 --- mutt.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mutt.spec b/mutt.spec index 37e8b03..4c03910 100644 --- a/mutt.spec +++ b/mutt.spec @@ -80,7 +80,7 @@ Summary: Mail Program # https:///bitbucket.org/mutt/mutt/downloads/%%name-%%version.tar.gz License: GPL-2.0-or-later Group: Productivity/Networking/Email/Clients -Source0: https:///bitbucket.org/mutt/mutt/downloads/mutt-%version.tar.gz +Source0: https://bitbucket.org/mutt/mutt/downloads/mutt-%version.tar.gz Source1: Signature_conversion Source2: README.alternates Source3: mutt.png From e0289d2b6a7c8b1e2a03504d0428ce5c5c40ccab Mon Sep 17 00:00:00 2001 From: "Dr. Werner Fink" Date: Wed, 18 Jul 2018 08:18:43 +0000 Subject: [PATCH 4/4] . OBS-URL: https://build.opensuse.org/package/show/server:mail/mutt?expand=0&rev=191 --- mutt.changes | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/mutt.changes b/mutt.changes index 337659e..dcd8ab9 100644 --- a/mutt.changes +++ b/mutt.changes @@ -4,6 +4,22 @@ Tue Jul 17 09:46:59 UTC 2018 - werner@suse.de - Update to mutt 1.10.1 (boo#1101428) This is an important bug-fix release, fixing a code injection and a couple path traversal vulnerabilities. + This also covers + * CVE-2018-14363 bnc#1101566 + * CVE-2018-14362 bnc#1101567 + * CVE-2018-14361 bnc#1101568 + * CVE-2018-14360 bnc#1101569 + * CVE-2018-14359 bnc#1101570 + * CVE-2018-14358 bnc#1101571 + * CVE-2018-14357 bnc#1101573 + * CVE-2018-14356 bnc#1101576 + * CVE-2018-14355 bnc#1101577 + * CVE-2018-14354 bnc#1101578 + * CVE-2018-14353 bnc#1101581 + * CVE-2018-14352 bnc#1101582 + * CVE-2018-14351 bnc#1101583 + * CVE-2018-14350 bnc#1101588 + * CVE-2018-14349 bnc#1101589 - Modified patches * bug-676388-largefile.patch * mutt-1.5.15-wrapcolumn.diff