1
0
forked from pool/mutt

Update to mutt 2.2.3, also fixes bsc#1198518 for CVE-2022-1328

OBS-URL: https://build.opensuse.org/package/show/server:mail/mutt?expand=0&rev=245
This commit is contained in:
Dr. Werner Fink 2022-04-19 11:34:06 +00:00 committed by Git OBS Bridge
parent 2722e2fd3a
commit 9ab3b99a49
17 changed files with 206 additions and 55 deletions

View File

@ -7,10 +7,10 @@ ask when sending list message replies to author only - Armin Wolfermann (aw)
3 files changed, 25 insertions(+)
--- init.h
+++ init.h 2020-01-14 13:35:13.352604037 +0000
@@ -1960,6 +1960,13 @@ struct option_t MuttVars[] = {
** If \fIset\fP, convert the date in the Date header of sent emails into local
** (sender's) timezone.
+++ init.h 2022-04-19 10:39:30.991318589 +0000
@@ -2004,6 +2004,13 @@ struct option_t MuttVars[] = {
** your local timezone. If unset a UTC date will be used instead to avoid
** leaking information about your current location.
*/
+ { "list_reply", DT_QUAD, R_NONE, {.l=OPT_LISTREPLY}, {.l=MUTT_NO} },
+ /*
@ -23,8 +23,8 @@ ask when sending list message replies to author only - Armin Wolfermann (aw)
/*
** .pp
--- mutt.h
+++ mutt.h 2020-01-14 13:32:27.595685455 +0000
@@ -342,6 +342,7 @@ enum
+++ mutt.h 2022-04-19 10:35:01.556188378 +0000
@@ -343,6 +343,7 @@ enum
#endif
OPT_SUBJECT,
OPT_VERIFYSIG, /* verify PGP signatures */
@ -33,8 +33,8 @@ ask when sending list message replies to author only - Armin Wolfermann (aw)
/* THIS MUST BE THE LAST VALUE. */
OPT_MAX
--- send.c
+++ send.c 2020-01-14 13:32:27.599685379 +0000
@@ -582,6 +582,23 @@ static int default_to (ADDRESS **to, ENV
+++ send.c 2022-04-19 10:35:01.556188378 +0000
@@ -587,6 +587,23 @@ static int default_to (ADDRESS **to, ENV
if (flags & SENDLISTREPLY)
return 0;

View File

@ -4,7 +4,7 @@
--- browser.c
+++ browser.c 2020-01-14 14:51:44.927127369 +0000
@@ -1082,6 +1082,16 @@ void _mutt_buffer_select_file (BUFFER *f
@@ -1089,6 +1089,16 @@ void _mutt_buffer_select_file (BUFFER *f
mutt_buffer_strcpy (f, state.entry[menu->current].full_path);

View File

@ -59,7 +59,7 @@
# note: these macros have been subsumed by the <browse-mailboxes> function.
--- imap/auth.c
+++ imap/auth.c 2020-01-14 13:04:28.102878757 +0000
@@ -74,6 +74,25 @@ int imap_authenticate (IMAP_DATA* idata)
@@ -79,6 +79,25 @@ int imap_authenticate (IMAP_DATA* idata)
dprint (2, (debugfile, "imap_authenticate: Trying method %s\n", method));
authenticator = imap_authenticators;
@ -85,7 +85,7 @@
while (authenticator->authenticate)
{
if (!authenticator->method ||
@@ -88,7 +107,9 @@ int imap_authenticate (IMAP_DATA* idata)
@@ -93,7 +112,9 @@ int imap_authenticate (IMAP_DATA* idata)
authenticator++;
}
}
@ -98,7 +98,7 @@
else
--- mx.c
+++ mx.c 2020-01-14 13:04:28.102878757 +0000
@@ -1485,6 +1485,9 @@ void mx_update_context (CONTEXT *ctx, in
@@ -1501,6 +1501,9 @@ void mx_update_context (CONTEXT *ctx, in
{
h = ctx->hdrs[msgno];

View File

@ -6,7 +6,7 @@ Index: init.h
--- init.h
+++ init.h 2020-01-14 13:28:27.408149074 +0000
@@ -4691,6 +4691,7 @@ struct option_t MuttVars[] = {
@@ -4830,6 +4830,7 @@ struct option_t MuttVars[] = {
** Also see $$copy_decode_weed, $$pipe_decode_weed, $$print_decode_weed.
*/
{ "wrap", DT_NUM, R_PAGER_FLOW, {.p=&Wrap}, {.l=0} },

View File

@ -6,7 +6,7 @@
--- init.h
+++ init.h 2020-01-14 13:12:26.725982952 +0000
@@ -3366,6 +3366,13 @@ struct option_t MuttVars[] = {
@@ -3474,6 +3474,13 @@ struct option_t MuttVars[] = {
** .pp
** Also see the $$force_name variable.
*/
@ -22,7 +22,7 @@
** .pp
--- mutt.h
+++ mutt.h 2020-01-14 13:07:33.727426389 +0000
@@ -527,6 +527,7 @@ enum
@@ -535,6 +535,7 @@ enum
OPTSAVEADDRESS,
OPTSAVEEMPTY,
OPTSAVENAME,
@ -32,7 +32,7 @@
OPTSIDEBAR,
--- send.c
+++ send.c 2020-01-14 13:07:33.727426389 +0000
@@ -695,9 +695,12 @@ int mutt_fetch_recips (ENVELOPE *out, EN
@@ -700,9 +700,12 @@ int mutt_fetch_recips (ENVELOPE *out, EN
(!in->mail_followup_to || hmfupto != MUTT_YES))
{
/* if (!mutt_addr_is_user(in->to)) */

View File

@ -9,7 +9,7 @@ Index: mutt-1.5.21/init.c
--- init.c
+++ init.c 2019-01-02 13:25:20.795634552 +0000
@@ -3750,7 +3750,7 @@ void mutt_init (int skip_sys_rc, LIST *c
@@ -3854,7 +3854,7 @@ void mutt_init (int skip_sys_rc, LIST *c
else
{
/* Default search path from RFC1524 */

View File

@ -8,7 +8,7 @@
--- crypt-gpgme.c
+++ crypt-gpgme.c 2019-11-13 13:46:16.512388398 +0000
@@ -2731,7 +2731,7 @@ static void copy_clearsigned (gpgme_data
@@ -2723,7 +2723,7 @@ static void copy_clearsigned (gpgme_data
if (armor_header)
{
@ -39,7 +39,7 @@
return strcasecmp(NONULL(a), NONULL(b));
--- lib.h
+++ lib.h 2019-11-13 13:47:17.399247662 +0000
@@ -215,6 +200,7 @@ int mutt_copy_stream (FILE *, FILE *);
@@ -225,6 +225,7 @@ int mutt_copy_stream (FILE *, FILE *);
int mutt_copy_bytes (FILE *, FILE *, size_t);
int mutt_strcasecmp (const char *, const char *);
int mutt_strcmp (const char *, const char *);
@ -113,7 +113,7 @@
key = 1;
}
}
@@ -1299,9 +1299,9 @@ BODY *pgp_sign_message (BODY *a)
@@ -1296,9 +1296,9 @@ BODY *pgp_sign_message (BODY *a)
*/
while (fgets (buffer, sizeof (buffer) - 1, pgpout) != NULL)
{

View File

@ -19,7 +19,7 @@
postpone.c query.c recvattach.c recvcmd.c \
rfc822.c rfc1524.c rfc2047.c rfc2231.c rfc3676.c \
score.c send.c sendlib.c signal.c sort.c \
@@ -97,7 +97,7 @@ mutt_dotlock_SOURCES = mutt_dotlock.c
@@ -99,7 +99,7 @@ mutt_dotlock_SOURCES = mutt_dotlock.c
mutt_dotlock_LDADD = $(LIBOBJS)
mutt_dotlock_DEPENDENCIES = $(LIBOBJS)
@ -58,7 +58,7 @@
{
if (errno != EEXIST)
{
@@ -1553,8 +1557,11 @@ static int maildir_open_new_message (MES
@@ -1559,8 +1563,11 @@ static int maildir_open_new_message (MES
dprint (2, (debugfile, "maildir_open_new_message (): Trying %s.\n",
mutt_b2s (path)));
@ -73,7 +73,7 @@
{
--- mutt.h
+++ mutt.h 2020-01-14 13:28:45.787807571 +0000
@@ -1202,4 +1202,7 @@ typedef struct
@@ -1217,4 +1217,7 @@ typedef struct
#include "lib.h"
#include "globals.h"
@ -83,7 +83,7 @@
#endif /*MUTT_H*/
--- muttlib.c
+++ muttlib.c 2020-01-14 13:28:45.787807571 +0000
@@ -2534,6 +2534,10 @@ int safe_open (const char *path, int fla
@@ -2542,6 +2542,10 @@ int safe_open (const char *path, int fla
BUFFER *safe_file = NULL;
BUFFER *safe_dir = NULL;
@ -94,7 +94,7 @@
if (flags & O_EXCL)
{
safe_file = mutt_buffer_pool_get ();
@@ -2562,7 +2566,7 @@ int safe_open (const char *path, int fla
@@ -2570,7 +2574,7 @@ int safe_open (const char *path, int fla
if ((fd = open (path, flags & ~O_EXCL, 0600)) < 0)
goto cleanup;
@ -230,7 +230,7 @@
+}
--- sendlib.c
+++ sendlib.c 2020-01-14 13:28:45.787807571 +0000
@@ -2557,7 +2557,11 @@ send_msg (const char *path, char **args,
@@ -2565,7 +2565,11 @@ send_msg (const char *path, char **args,
if (SendmailWait >= 0 && tempfile && *tempfile)
{
/* *tempfile will be opened as stdout */

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:92a309e47e363a97d62425bcb71adceae5ab5c4c413dbcac37fa98ed70c12be0
size 5414049

View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEiXWpszqjeRA4XFMIre92hIAxa9oFAmHOHKwACgkQre92hIAx
a9q0DhAA2Z99sJwfoQSZcaRab6AXavZ14H6MLh32Aw+zThG+lUd/X2UZmXtD9FuQ
93+EojHRhIcthuATlzF7889glmuab/tQiXrktloGi8poSMcEwEErbSdTmV4Wkq7u
Hb6O15qHicmDO/mEH9E2pkbv4AtXNxT3w6940x/HyZT871Qk+4OHYADDS7cNwrKb
Sfg8fFSidfN6hBg3NiMiGvzg7/ucr0c4A9hPsKGu84ukXjwAlUUmrTAvPgSp0s2Z
uALvwVgVf+Deskq+bRq7NjATvfec7042y9eaUBl1AO1RwWrUZaTrbRPOM2xOTJaA
rmLdvu2LFbBvCv66r9hvgyN1Axx1ExMrB9zxmuDJBnTVd9VtfrlbfkOs/WH1QtGV
e+O5cx8PzGj1m9sujJc8mxaAjaT4L6s6HDP8Cu64ly/4YLFWOq5iEj5WlBqYtwUw
B7cLUCFBVeLbrEOyUFBylfKKNoR4X9ap4jXb+l7x7JYFGBkDocgGjePFpVKxb/If
UNtSVhE3nzTcWhCszQOljYgAMVfkwp7+qSGqkZYmyvq90qmSzMUQ0ZfC/5tGuxKK
Bf1CpU/O4iSntt+3SM5qIlaR6xMctEUws0xtrtT8eKe6bkaqIv7GQLzah2HMbscb
ZPvG7xPUSBC+0xxBc8Zre6dZLH03nWprJrVDWMi5bhj04if6Bwc=
=lz6+
-----END PGP SIGNATURE-----

3
mutt-2.2.3.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:978addcdab454f447ed7d1de84b5767e714c30714285bf82e4a1745071d18d89
size 5509344

16
mutt-2.2.3.tar.gz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEiXWpszqjeRA4XFMIre92hIAxa9oFAmJVxJ0ACgkQre92hIAx
a9pMeg//UqjPI4sTtlVxQtvbt8U7tGRhqIHs6q+QP2srvug3XgN7jw40EOyuT1aF
UJmnNtoxGV/K+qGVL+H/LmCOlOUEFC0KCfybay7u9goK7Z3jYU7vw788EdzDgt7b
0AojpC1p5ADYTZHvey3Ms805T8BQVHyRoZQLfWbqF/Aqyy1+HI4WczUhlqCbClZe
HzZJDiPSHUaPe3Ol4j1WtJidhqVfMk5iKdTaf1zFnAf4OG/nlSEDPET/XcBt5QK3
0RKPk7+sj4UvKKJYtWy8RHhAQFAwLY0ZkkZg5IsOmxZ10NVoJiz9Tzfm2zkRukOv
C1A98ZAG3/Y64MqhxH9oHnP0c9BsZu1xBNJXwo5I3rbse9sZ1kGKagid6e6wurVP
x9Y2bHboOgXK5vtWy9hviIZiJoqOWRNc79DJYLlPnLzT0eBp0Joi8E17uw5MbVVc
9Vrrrr+Y3YlvnWr7q/7iYlCB+Amc59W0V/gXu/ZMCefxrS6pEW8b37oi3UdizISP
QXA7WDU0sc70FA29NEVe12j8pRM62kqezSyf9wrKqCmrHzH575ZqaNxyha61wUMr
eEQbOloi86/XLBSlF79V3m7Dg5wq+wvWqsm2Ly9hxWFB3bOwHWxri6TgKxhhkWpe
mM09qiRucv2rZgjOYwB1Acyf4YURKlytd//PViLy6QdvySIhBlI=
=n+yA
-----END PGP SIGNATURE-----

View File

@ -48,7 +48,7 @@ Signed-off-by: Michal Suchanek <msuchanek@suse.de>
sigaddset (&Sigset, SIGINT);
#if defined (USE_SLANG_CURSES) || defined (HAVE_RESIZETERM)
sigaddset (&Sigset, SIGWINCH);
@@ -332,5 +334,6 @@ void mutt_allow_interrupt (int dispositi
@@ -358,5 +360,6 @@ void mutt_allow_interrupt (int dispositi
if (disposition == 0)
sa.sa_flags |= SA_RESTART;
#endif

View File

@ -1,3 +1,154 @@
-------------------------------------------------------------------
Tue Apr 19 10:50:23 UTC 2022 - Dr. Werner Fink <werner@suse.de>
- Update to mutt 2.2.3 (bsc#1198518 for CVE-2022-1328)
* Fix read past end of buf in is_mmnoask().
* Fix strlen() assigns to be of type size_t where obvious.
* Flush iconv() in mutt_convert_string().
* Add convert_string() size check.
* Fix integer overflow in mutt_convert_string().
* Fix uudecode cleanup on unexpected eof.
* Fix uudecode buffer overflow.
* automatic post-release commit for mutt-2.2.2
* Protect prompt completion memcpy() calls with a NULL check.
* Fix mutt.man formatting.
* Fix query menu tagging behavior.
* Fix some mailbox prompts to use mailbox history ring.
* automatic post-release commit for mutt-2.2.1
* Fix ambiguity in translation
* Update the Polish translation for Mutt 2.2.0
* Improve Turkish translations
* Fix mutt_paddstr() to properly filter unprintable chars.
* Change mailto_allow to be exact match only.
* Filter headers passed via the command line.
* Fix mbox.man asctime(3) reference.
* Clarify description of $local_date_header
* Don't queue IMAP close commands.
* Update Finnish translation.
* Updated Catalan translation.
* Updated Russian translation.
* Updated Ukrainian translation.
* Fix argc==0 handling.
* Update de.po.
* Update Turkish translations.
* Update Czech translation for mutt-2.2.0
* Update translation files copyright string.
* Updated French translation.
* Fix $status_format documentation of $sort_thread_groups expando.
* Update source file copyright lines based on commit history.
* Update manual and program copyright notices.
* Updated French translation.
* Add very basic cd path completion.
* Simplify the mutt_select_file() call for MUTT_CMD completion.
* Add memcpy on MUTT_CMD completion to invoke the file selector.
* Enable $rfc2047_parameters by default.
* Set environ for sendmail execvp() call.
* Updated French translation.
* Convert SMTP cyrus sasl to use buffers.
* Move hard_redraw() after sendmail invocation.
* Revert "Add $reply_prefix."
* Add config.h dependency for keymap_defs.h generation.
* Force resort_init if $reply_regexp changes.
* Add $reply_prefix.
* Localize $reply_regexp.
* Fix $reply_regexp default value.
* Fix manual generation string_unescape() of backslash values.
* Improve Turkish translations
* Add pager REDRAW_FLOW redraw flag when popping a menu.
* Merge branch 'stable'
* Add new gsasl files to POTFILES.in.
* Add GNU SASL support for authentication.
* Add mutt_socket_buffer_readln().
* Merge branch 'stable'
* simplify envelope subject handling code a little
* Update de.po
* Fix sidebar counters with $maildir_trash.
* Improve the statusbar modified flag for $maildir_trash.
* Ignore $delete when sync'ing with $maildir_trash set.
* Fix unused variable warning.
* Allow an empty To: address prompt.
* Convert COLOR_DEFAULT constant to -1.
* [Fix] poll to use PollFdsCount and no PollFdsLen
* Add a few mutt variable configure dependency comments.
* Fix color object case insensitive comparisons.
* Correct multipart/alternative manual section slightly.
* Add internal mutt_ctime() implementation.
* Improve pattern compiler whitespace skipping.
* Updated French translation.
* Remove trailing slashes when opening maildir/mh mailboxes.
* Note that IMAP mailboxes polling doesn't support flag counts.
* Add $attach_save_charset_convert quadoption.
* Remove unneeded type save/restores around mutt_decode_attachment().
* Improve smime_verify_one() error handling and general flow.
* Assert mutt_decode_attachment() doesn't modify body fields.
* Don't use subtraction for qsort numeric value comparisons.
* Fix alias menu multi-select documentation.
* Implement <select-entry> as <display-message> in index menu.
* Use km_error_key() in index only for OP_NULL.
* Generate URLs with user/password as parsed.
* Ensure embedded IMAP passwords are stored in context->path.
* Updated French translation.
* Fix yesorno help prompt printing of choice.
* Add $compose_confirm_detach_first, default set.
* Add a comment about msn_seqset generation and header cache holes.
* Use cms utility for SMIME encryption/decryption.
* Improve conststrings.c generation, mainly for GNU Autoconf 2.71.
* Updated French translation.
* Merge branch 'stable'
* Update Esperanto translation.
* Add robustness checks to file attach functions.
* Prompt for password when using encrypted client certificate
* Lazily update header colors after a thread-flag update.
* Add $sort_thread_groups for top-level thread sorting.
* Make index sort compare functions independent from config variables.
* Improve generic menu type handling.
* Break the menu OPS/funcs and keybindings into separate tables.
* Enable nonl() mode for ncurses. closes #362.
* Revert "Silence strfcpy() warning in dotlock_deference_symlink()."
* Use memccpy() in the strfcpy macro if it's available.
* Fix typo in comment and function name: deference -> dereference.
* Silence strfcpy() warning in dotlock_deference_symlink().
* Add dprint for a backtick expansion with non-0 exit code.
* Use SEEK_SET and SEEK_END for fseek/fseeko whence parameter.
* Rewrite mutt_apply_replace() to use buffers.
* Increase scratch buf size in mutt_canonical_charset().
* Change hdrline make_from(_addr) to use snprintf for from.
* Silence compiler warning in _mutt_buffer_select_file().
* Use memcpy in fseek_last_message() instead of strncpy.
* Fix mutt_sasl buffer size to hold ip_port strings.
* Silence imap_make_date() warning by switching to a BUFFER.
* Silence compiler "may be uninitialized" warnings.
* Updated French translation.
* Add a help choice '?' to the yes or no prompt for quadoptions.
* Filter out group delimiters for encrypt keylist generation.
* contrib/markdown2html: properly deal with lead-ins
* contrib/markdown2html: properly deal with missing context
* contrib/markdown: fix bug when dealing with quotelead classes
* Exit with a failure for any usage or version write error.
* Really fix usage and version write error checking.
* Fix usage and version write error checking.
* Add usage and version write error checking.
* Check stdout is a terminal in curses mode.
* Add a hard redraw after oauth authentication.
* Fix classic pgp decrypt_part() hard redraw on error.
* Reset SIGPIPE signal handler in child process before exec().
* Add $pager_skip_quoted_context option.
* Updated French translation.
* Suggested translation changes.
* Directly add full mailbox to GPG search hints.
- Port patches mainly hunk offsets
* aw.listreply.diff
* mutt-1.10.1-imap.patch
* mutt-1.13.3.dif
* mutt-1.5.15-wrapcolumn.diff
* mutt-1.5.20-sendgroupreplyto.diff
* mutt-1.5.21-mailcap.diff
* mutt-1.5.23-carriage-return.path
* mutt-1.6.1-opennfs.dif
* mutt-Fix-SIGQUIT-handling.patch
* patch-1.5.24.vk.pgp_verbose_mime
* widechar.sidebar.dif
-------------------------------------------------------------------
Mon Feb 7 10:22:43 UTC 2022 - Dr. Werner Fink <werner@suse.de>

View File

@ -20,7 +20,7 @@
%bcond_with mutt_openssl
%bcond_without mutt_gnutls
Name: mutt
Version: 2.1.5
Version: 2.2.3
Release: 0
Summary: Mail Program
# ftp://ftp.mutt.org/mutt/devel/

View File

@ -6,7 +6,7 @@
--- globals.h
+++ globals.h 2020-01-14 13:37:00.770606718 +0000
@@ -279,6 +279,8 @@ WHERE char *PgpDefaultKey;
@@ -280,6 +280,8 @@ WHERE char *PgpDefaultKey;
WHERE char *PgpSignAs;
WHERE long PgpTimeout;
WHERE char *PgpEntryFormat;
@ -17,7 +17,7 @@
WHERE char *PgpVerifyCommand;
--- init.h
+++ init.h 2020-01-14 13:41:15.145875625 +0000
@@ -3749,9 +3749,18 @@ struct option_t MuttVars[] = {
@@ -3857,9 +3857,18 @@ struct option_t MuttVars[] = {
** a line quoted text if it also matches $$smileys. This mostly
** happens at the beginning of a line.
*/
@ -41,7 +41,7 @@
** .pp
--- pgp.c
+++ pgp.c 2020-01-14 13:42:29.880485319 +0000
@@ -1362,7 +1362,8 @@ BODY *pgp_sign_message (BODY *a)
@@ -1359,7 +1359,8 @@ BODY *pgp_sign_message (BODY *a)
t->disposition = DISPNONE;
t->encoding = ENC7BIT;
t->unlink = 1; /* ok to remove this file after sending. */

View File

@ -4,7 +4,7 @@
--- handler.c
+++ handler.c 2022-01-11 10:41:03.491446992 +0000
@@ -781,7 +781,7 @@ static void enriched_set_flags (const wc
@@ -782,7 +782,7 @@ static void enriched_set_flags (const wc
static int text_enriched_handler (BODY *a, STATE *s)
{
enum {
@ -13,7 +13,7 @@
} state = TEXT;
LOFF_T bytes = a->length;
@@ -811,7 +811,7 @@ static int text_enriched_handler (BODY *
@@ -812,7 +812,7 @@ static int text_enriched_handler (BODY *
{
if (state != ST_EOF)
{
@ -22,7 +22,7 @@
state = ST_EOF;
else
bytes--;
@@ -819,6 +819,8 @@ static int text_enriched_handler (BODY *
@@ -820,6 +820,8 @@ static int text_enriched_handler (BODY *
switch (state)
{
@ -31,7 +31,7 @@
case TEXT :
switch (wc)
{
@@ -880,9 +882,8 @@ static int text_enriched_handler (BODY *
@@ -881,9 +883,8 @@ static int text_enriched_handler (BODY *
enriched_flush (&stte, 1);
else
{
@ -42,7 +42,7 @@
}
break;
@@ -1586,7 +1587,7 @@ void mutt_decode_attachment (BODY *b, ST
@@ -1588,7 +1589,7 @@ void mutt_decode_attachment (BODY *b, ST
* strip all trailing spaces to improve interoperability;
* if $text_flowed is unset, simply verbatim copy input
*/