Accepting request 1178323 from server:mail

- Update to mutt 2.2.13 (Bug fix release)
  * Fix smtp client to respect $use_envelope_from option. The code
    was only looking to see if $envelope_from_address had a value,
    not if $use_envelope_from was set.
    Add extra safety checks to make sure the mailbox value isn't NULL.
  * Fix smtp client $envelope_from_address possible dangling pointer.
    If the account-hook invoked by mutt_conn_find() modifies
    $envelope_from_address, envfrom could point no longer point to the
    address.
    Move the mutt_conn_find() before the code that determines the envelope
    from address.

OBS-URL: https://build.opensuse.org/request/show/1178323
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mutt?expand=0&rev=118

mutt-1.13.3.dif

@@ -7,7 +7,7 @@
 
 --- configure.ac
 +++ configure.ac	2020-01-14 13:04:28.102878757 +0000
-@@ -297,7 +297,7 @@ main ()
+@@ -299,7 +299,7 @@ main ()
                          mutt_cv_slang=$withval
                          if test -d $withval/include/slang; then
                                  CPPFLAGS="$CPPFLAGS -I${withval}/include/slang"
@@ -16,7 +16,7 @@
                                  CPPFLAGS="$CPPFLAGS -I${withval}/include"
                          fi
                          LDFLAGS="$LDFLAGS -L${withval}/lib"
-@@ -746,8 +746,12 @@ AC_ARG_WITH(ssl, AS_HELP_STRING([--with-
+@@ -748,8 +748,12 @@ AC_ARG_WITH(ssl, AS_HELP_STRING([--with-
  	  else
              if test "$with_ssl" != "yes"
              then
@@ -31,7 +31,7 @@
              fi
              saved_LIBS="$LIBS"
  
-@@ -834,8 +838,12 @@ AC_ARG_WITH(sasl, AS_HELP_STRING([--with
+@@ -836,8 +840,12 @@ AC_ARG_WITH(sasl, AS_HELP_STRING([--with
  
            if test "$with_sasl" != "yes"
            then

mutt-1.5.15-wrapcolumn.diff

@@ -6,7 +6,7 @@ Index: init.h
 
 --- init.h
 +++ init.h	2020-01-14 13:28:27.408149074 +0000
-@@ -4845,6 +4845,7 @@ struct option_t MuttVars[] = {
+@@ -4843,6 +4843,7 @@ struct option_t MuttVars[] = {
    ** Also see $$copy_decode_weed, $$pipe_decode_weed, $$print_decode_weed.
    */
    { "wrap",             DT_NUM,  R_PAGER_FLOW, {.p=&Wrap}, {.l=0} },

mutt-1.5.20-sendgroupreplyto.diff

@@ -6,7 +6,7 @@
 
 --- init.h
 +++ init.h	2020-01-14 13:12:26.725982952 +0000
-@@ -3482,6 +3482,13 @@ struct option_t MuttVars[] = {
+@@ -3479,6 +3479,13 @@ struct option_t MuttVars[] = {
    ** .pp
    ** Also see the $$force_name variable.
    */
@@ -22,7 +22,7 @@
    ** .pp
 --- mutt.h
 +++ mutt.h	2020-01-14 13:07:33.727426389 +0000
-@@ -540,6 +540,7 @@ enum
+@@ -539,6 +539,7 @@ enum
    OPTSAVEADDRESS,
    OPTSAVEEMPTY,
    OPTSAVENAME,

mutt-1.5.23-carriage-return.path

@@ -8,7 +8,7 @@
 
 --- crypt-gpgme.c
 +++ crypt-gpgme.c	2019-11-13 13:46:16.512388398 +0000
-@@ -2723,7 +2723,7 @@ static void copy_clearsigned (gpgme_data
+@@ -2733,7 +2733,7 @@ static void copy_clearsigned (gpgme_data
  
      if (armor_header)
      {

mutt-1.6.1-opennfs.dif

@@ -73,7 +73,7 @@
        {
 --- mutt.h
 +++ mutt.h	2020-01-14 13:28:45.787807571 +0000
-@@ -1222,4 +1222,7 @@ typedef struct
+@@ -1221,4 +1221,7 @@ typedef struct
  #include "lib.h"
  #include "globals.h"
  
@@ -230,7 +230,7 @@
 +}
 --- sendlib.c
 +++ sendlib.c	2020-01-14 13:28:45.787807571 +0000
-@@ -2580,7 +2580,11 @@ send_msg (const char *path, char **args,
+@@ -2589,7 +2589,11 @@ send_msg (const char *path, char **args,
        if (SendmailWait >= 0 && tempfile && *tempfile)
        {
  	/* *tempfile will be opened as stdout */

mutt-2.2.13.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:eb23faddc1cc97d867693f3a4a9f30949ad93765ad5b6fdae2797a4001c58efb
+size 5539130

mutt-2.2.13.tar.gz.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEiXWpszqjeRA4XFMIre92hIAxa9oFAmXsOmQACgkQre92hIAx
+a9qIgRAAx7qmqdcvjqHRnvkzvA2QFZ7secrn9f9bxBTjbmzLiQ3w/LFDLJjulZ46
+9Qxes13ZO8K446zqqx+Wkr8n0kCDOOSwhbQzZFoFjQAu/NRbmoO6KyJ6jIPdGD+h
+x9OXnRKsQqFYkzJi6wRqomGzHda5fo5EF5J+wf+NNoxnAg/FO/9AfPnY9OucsVDL
+FtGGtt+Zk9ViqOiVflbRS3WSdA7sXcnCFikwMg3w20KSD+V3yD9TSkExuvm+mAYU
+b6aRgzJSP3tOldEnSoTBIOr7seuIZk3G9E9/ZG/8fa1o0I/qFg6n0anlBCnP00sO
+w+0NFaAHgoXrnXS67sKF0E7Ry19nxM9CEiD6LxrCj1MybLkOnE3/jtuE98Sur9Rn
+qtR5frQ3y1KCFHL/GT8cohhn7tcNQH8D6moTMB3pHvoKdFj777u/WeOgU6mtly11
+WVmws+GCeXOf/DuvwzbDmLGl/gz/njpoGgY6oD0NPjL6IJMIsxUO2wOmZ0/RgOuP
+iDYZTeBBnKRitx4j3Z33Ak8aNJgq//qzXX1ZSd/Y3jDcv7auGc8BMpd7QuYfQbIg
+BDA/Im0Nji9lFeQHw7F8DPZjK4Q1faYDPaIexfxDLpdpTxEqLs+bf2iGkKlIOioa
+kDoAHywyuOiOf7dSqC3D8icib7WgJlyYe4a/8P5QQJJKtIUal+k=
+=e91b
+-----END PGP SIGNATURE-----

mutt-2.2.7.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:eb13858f58bb369f477bf652d90e9b6aaddd0d610acbea3455049e5efad36df1
-size 5522342

mutt-2.2.7.tar.gz.asc

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEiXWpszqjeRA4XFMIre92hIAxa9oFAmLv9QkACgkQre92hIAx
-a9oBnhAAl+cstlmJMpTwQb/6hWv72F5ocRpR6OqhqzD5ZPMNdn+pp929/KpVCcfF
-SfX/M7ZiLO65Sz04FpfbcSlRWAcdVGOdlFJdG7HvP7DTY4EHEIJlIUnWJy/uKBs/
-8TU4jIbTnhNMm/QPWHobwRlT6iCPYCtSGF/ZRulAV8D+rOv5XMTi87BEQ5459Tbm
-hIVFAHVBoVgnRgtDggxziyUtwXxiKRgB7kI4sC7/zq0qGMVlmWeeIUF5T3uLS2Of
-nnaSPmfjiIOsqwSCgI+RgwhZ7A5LAYCCzOiChyQxTXjIdQQhuKODGEPRxNwBcLUa
-W8oyfe5ZBmwbgAxLdto6cA3HT2dxJqi2Pzy0rtKrTCELaqJ5wxbVlTDrh6yMbnqW
-KoPAtVCKWLsoiH011aX21abdz3H87a9DWO9INi9LyXYqfxHogDTWYYgGlzB6ovQ0
-jz1GOEA7vEqeq3/y808Ey5Mciv1zi+DOWpWBojRpDMaMNjbknheEX28+HGfCBs2C
-ljCunRcj88huCQa8+Vv+BSjlwfMsm+nOapD1pTyKVp8xhwJiwrSOk/lZLg/SY9N6
-u9mIL6i3c5ggIthdKBCppNZ9GitPi6fQo1Ihicl/CKnSjIpOQVFSUrohPK7PA+nx
-bGmycJN+xdsIgkbmL0pOQVlUglSZANtppi7gscv8VtAQ7edNcHw=
-=j0ZS
------END PGP SIGNATURE-----

mutt.changes

@@ -1,3 +1,104 @@
+-------------------------------------------------------------------
+Mon Jun  3 12:11:28 UTC 2024 - Dr. Werner Fink <werner@suse.de>
+
+- Update to mutt 2.2.13 (Bug fix release)
+  * Fix smtp client to respect $use_envelope_from option. The code
+    was only looking to see if $envelope_from_address had a value,
+    not if $use_envelope_from was set.
+    Add extra safety checks to make sure the mailbox value isn't NULL.
+  * Fix smtp client $envelope_from_address possible dangling pointer.
+    If the account-hook invoked by mutt_conn_find() modifies
+    $envelope_from_address, envfrom could point no longer point to the
+    address.
+    Move the mutt_conn_find() before the code that determines the envelope
+    from address.
+
+-------------------------------------------------------------------
+Fri Feb 23 09:10:55 UTC 2024 - pgajdos@suse.com
+
+- Use %patch -P N instead of deprecated %patchN.
+
+-------------------------------------------------------------------
+Tue Feb 20 09:53:45 UTC 2024 - Dr. Werner Fink <werner@suse.de>
+
+- Only suggest smtp daemon at runtime.  Nevertheless if not
+  installed user will face a a warning.
+- Move /etc/Muttrc to /usr/share/mutt/Muttrc
+
+-------------------------------------------------------------------
+Mon Oct  9 07:41:57 UTC 2023 - Dr. Werner Fink <werner@suse.de>
+
+- Require a smtp daemon at build and runtime to work around
+  missing system /var/mail/ directory (boo#1216035)
+
+-------------------------------------------------------------------
+Wed Sep 27 13:42:36 UTC 2023 - Dr. Werner Fink <werner@suse.de>
+
+- Submit latest mutt 2.2.12 to SLE-15-SP6 for jira#PED-5580
+  * Drop patches for boo#1172906, boo#1172935, CVE-2020-14093,
+    and CVE-2020-14154 now upstream
+    - 3e88866dc60b5fa6aaba6fd7c1710c12c1c3cd01.patch
+      + Prevent possible IMAP MITM via PREAUTH response.
+    - mutt-1.10.1-backport-mutt_ssl_gnutls-1.14.3.dif
+      to port mutt_ssl_gnutls.c from mutt 1.14.3 back
+      + expired certs not properly rejected with GnuTLS
+      + Side effect is support of TLSv1_3 is supported by gnutls
+  * Drop patch for bsc#1173197 c547433cdf2e79191b15c6932c57f1472bfb5ff4.dif
+    now upstream
+    - Fix CVE-2020-14954: STARTTLS buffering issue allowing man
+      in the middle attack of IMAP, SMTP and POP3
+  * Drop patch for bsc#1179035, CVE-2020-28896.patch now upstream
+    - incomplete connection termination could lead to sending
+      credentials over unencrypted connections 
+  * Drop patch for bsc#1179113 and boo#1179461 nofreeze-c72f740a.patch
+    now upstream
+    - Avoid that message with a million tiny parts can freeze MUA
+      for several minutes
+  * Drop patch for bsc#1181221, CVE-2021-3181 mutt-colon.patch now
+    upstream
+    - recipient parsing memory leak. This patch combines three
+      smaller commits 
+  * Drop patch for bsc#1198518, CVE-2022-1328 uudecode-e5ed080c.patch
+    - fix a buffer overflow in uudecoder
+  * Drop patches now upstream
+    - CVE-2023-4874-part1.patch (bsc#1215189 for CVE-2023-4874)
+    - CVE-2023-4874-part2.patch (bsc#1215189 for CVE-2023-4874)
+    - CVE-2023-4875.patch (bsc#1215191 for CVE-2023-4875)
+
+-------------------------------------------------------------------
+Tue Sep 12 07:15:52 UTC 2023 - Dr. Werner Fink <werner@suse.de>
+
+- Update to mutt 2.2.12 (bsc#1215189 for CVE-2023-4874,
+  bsc#1215191 for CVE-2023-4875)
+  * 2.2.12 (2023-09-09):
+    Bug fix release.
+  * 2.2.11 (2023-08-18):
+    Bug fix release.
+
+-------------------------------------------------------------------
+Mon Apr 17 06:49:36 UTC 2023 - Dr. Werner Fink <werner@suse.de>
+
+- Use astrix instead of german u umlaut as point 
+
+-------------------------------------------------------------------
+Mon Apr  3 19:43:11 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update to 2.2.10:
+  *  Bug fix release.
+  *  $message_id_format %r and %z expandos use a URL-safe Base64 encoding:
+     '-' and '_' instead of '+' and '/'.
+
+-------------------------------------------------------------------
+Sun Dec  4 14:27:41 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 2.2.9:
+  * Document the <1234> key syntax for bind.
+  * Fix non-printable keyname printing to use <octal> syntax.
+  * Move AM_PATH_GPG_ERROR before AM_PATH_GPGME.
+  * Update gpgme autoconf files to the latest versions.
+  * Adjust manual concerning IMAP Fcc in batch mode.
+  * Add explicit void to 0-parameter function definitions.
+
 -------------------------------------------------------------------
 Mon Sep 12 08:50:33 UTC 2022 - Dr. Werner Fink <werner@suse.de>
 

mutt.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package mutt
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
 %bcond_with    mutt_openssl
 %bcond_without mutt_gnutls
 Name:           mutt
-Version:        2.2.7
+Version:        2.2.13
 Release:        0
 Summary:        Mail Program
 # ftp://ftp.mutt.org/mutt/devel/
@@ -79,8 +79,10 @@ BuildRequires:  pkgconfig(libsasl2)
 BuildRequires:  python3-base
 BuildRequires:  python3-devel
 BuildRequires:  python3-setuptools
+BuildRequires:  smtp_daemon
 %endif
 Requires:       glibc-locale
+Suggests:       smtp_daemon
 Requires(post): %{_bindir}/cat
 Requires(post): %{_bindir}/mkdir
 Requires(postun):%{_bindir}/rm
@@ -157,19 +159,19 @@ Provides translations to the package mutt.
 
 %prep
 %setup -q -n mutt-%{version}
-%patch0  -b .p0
-%patch2  -b .pgpewrap
-%patch3  -b .sendgroupreplyto
-%patch4  -b .wrapcolumn
-%patch7  -b .opennfs
-%patch11  -b .listreply
-%patch12  -b .pgp_verbose_mtime
-%patch15  -b .widechar.sidebar
-%patch16  -b .crlf
-%patch18  -b .mailcap
-%patch19  -b .cvw2014.9116
-%patch20  -b .imap
-%patch21  -b .quit
+%patch -P 0  -b .p0
+%patch -P 2  -b .pgpewrap
+%patch -P 3  -b .sendgroupreplyto
+%patch -P 4  -b .wrapcolumn
+%patch -P 7  -b .opennfs
+%patch -P 11  -b .listreply
+%patch -P 12  -b .pgp_verbose_mtime
+%patch -P 15  -b .widechar.sidebar
+%patch -P 16  -b .crlf
+%patch -P 18  -b .mailcap
+%patch -P 19  -b .cvw2014.9116
+%patch -P 20  -b .imap
+%patch -P 21  -b .quit
 
 cp %{SOURCE2} .
 
@@ -285,7 +287,8 @@ install -D -m 644 %{SOURCE9} %{buildroot}%{_datadir}/%{name}/mailcap
 rm -vf %{buildroot}%{_docdir}/%{name}/manual.txt
 install -D -m 644 doc/manual.txt.gz %{buildroot}%{_docdir}/%{name}/
 
-sed -rn '/Command formats for gpg/,$p' %{SOURCE5} >> %{buildroot}%{_sysconfdir}/Muttrc
+mv  %{buildroot}%{_sysconfdir}/Muttrc %{buildroot}%{_datadir}/%{name}/Muttrc
+sed -rn '/Command formats for gpg/,$p' %{SOURCE5} >> %{buildroot}%{_datadir}/%{name}/Muttrc
 
 %if 0%{?suse_version}
 %suse_update_desktop_file mutt
@@ -333,7 +336,6 @@ rm -f %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}-notify
 
 %files
 %config(noreplace) %{_sysconfdir}/skel/.muttrc
-%config(noreplace) %{_sysconfdir}/Muttrc
 %{_bindir}/mutt
 %{_bindir}/pgpewrap
 %{_bindir}/mutt_pgpring
@@ -351,6 +353,7 @@ rm -f %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}-notify
 %{_datadir}/mutt/mailcap
 %dir %doc %{_docdir}/%{name}/
 %doc %{_docdir}/%{name}/manual.txt.gz
+%{_datadir}/%{name}/Muttrc
 %if 0%{suse_version} >= 1500
 %{_docdir}/%{name}/mutt_oauth2.py
 %{_docdir}/%{name}/mutt_oauth2.py.README

patch-1.5.24.vk.pgp_verbose_mime

@@ -17,7 +17,7 @@
  WHERE char *PgpVerifyCommand;
 --- init.h
 +++ init.h	2020-01-14 13:41:15.145875625 +0000
-@@ -3872,9 +3872,18 @@ struct option_t MuttVars[] = {
+@@ -3869,9 +3869,18 @@ struct option_t MuttVars[] = {
    ** a line quoted text if it also matches $$smileys. This mostly
    ** happens at the beginning of a line.
    */