1
0
forked from pool/mutt
Dr. Werner Fink 2014-03-25 08:49:31 +00:00 committed by Git OBS Bridge
parent a3f9dcf27d
commit 2db5340d92
3 changed files with 20 additions and 1 deletions

10
mutt-CVE-2014-0467.patch Normal file
View File

@ -0,0 +1,10 @@
--- mutt-1.5.21/copy.c
+++ mutt-1.5.21/copy.c 2014-03-25 08:42:27.466839319 +0000
@@ -254,6 +254,7 @@ mutt_copy_hdr (FILE *in, FILE *out, LOFF
{
if (!address_header_decode (&this_one))
rfc2047_decode (&this_one);
+ this_one_len = mutt_strlen (this_one);
}
if (!headers[x])

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Mon Mar 17 13:24:35 UTC 2014 - meissner@suse.com
- mutt-CVE-2014-0467.patch: fixed a buffer overflow during header display.
CVE-2014-0467 / bnc#868115
-------------------------------------------------------------------
Mon Aug 5 18:06:01 CEST 2013 - ro@suse.de

View File

@ -1,7 +1,7 @@
#
# spec file for package mutt
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -101,6 +101,8 @@ Patch14: nion.sidebar-color.diff
Patch15: widechar.sidebar.dif
# PATCH-FIX-OPENSUSE: Be able to read signed/encrypted messsages even with CRLF
Patch16: mutt-1.5.21-cariage-return.path
# PATCH-FIX-SUSE: bnc#868115 - CVE-2014-0467: mutt: crash due to malicious email
Patch17: mutt-CVE-2014-0467.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%global _sysconfdir %{_sysconfdir}
@ -133,6 +135,7 @@ done
%patch14 -p1 -b .sidebar.color
%patch15 -p0 -b .widechar.sidebar
%patch16 -p0 -b .crlf
%patch17 -p1 -b .cve.2014.0467
cp doc/Muttrc Muttrc.SuSE
cp %{S:2} .