From 4f791fb8c23b1fb950d3c04d34a85b91c08d383b Mon Sep 17 00:00:00 2001
From: "Dr. Werner Fink" <werner@suse.com>
Date: Fri, 29 Sep 2023 09:50:21 +0000
Subject: [PATCH] Only a change in the changelog required by the internal QA
 team

OBS-URL: https://build.opensuse.org/package/show/server:mail/mutt?expand=0&rev=265
---
 mutt.changes | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/mutt.changes b/mutt.changes
index 0aa1938..d917ed4 100644
--- a/mutt.changes
+++ b/mutt.changes
@@ -1,3 +1,37 @@
+-------------------------------------------------------------------
+Wed Sep 27 13:42:36 UTC 2023 - Dr. Werner Fink <werner@suse.de>
+
+- Submit latest mutt 2.2.12 to SLE-15-SP6 for jira#PED-5580
+  * Drop patches for boo#1172906, boo#1172935, CVE-2020-14093,
+    and CVE-2020-14154 now upstream
+    - 3e88866dc60b5fa6aaba6fd7c1710c12c1c3cd01.patch
+      + Prevent possible IMAP MITM via PREAUTH response.
+    - mutt-1.10.1-backport-mutt_ssl_gnutls-1.14.3.dif
+      to port mutt_ssl_gnutls.c from mutt 1.14.3 back
+      + expired certs not properly rejected with GnuTLS
+      + Side effect is support of TLSv1_3 is supported by gnutls
+  * Drop patch for bsc#1173197 c547433cdf2e79191b15c6932c57f1472bfb5ff4.dif
+    now upstream
+    - Fix CVE-2020-14954: STARTTLS buffering issue allowing man
+      in the middle attack of IMAP, SMTP and POP3
+  * Drop patch for bsc#1179035, CVE-2020-28896.patch now upstream
+    - incomplete connection termination could lead to sending
+      credentials over unencrypted connections 
+  * Drop patch for bsc#1179113 and boo#1179461 nofreeze-c72f740a.patch
+    now upstream
+    - Avoid that message with a million tiny parts can freeze MUA
+      for several minutes
+  * Drop patch for bsc#1181221, CVE-2021-3181 mutt-colon.patch now
+    upstream
+    - recipient parsing memory leak. This patch combines three
+      smaller commits 
+  * Drop patch for bsc#1198518, CVE-2022-1328 uudecode-e5ed080c.patch
+    - fix a buffer overflow in uudecoder
+  * Drop patches now upstream
+    - CVE-2023-4874-part1.patch (bsc#1215189 for CVE-2023-4874)
+    - CVE-2023-4874-part2.patch (bsc#1215189 for CVE-2023-4874)
+    - CVE-2023-4875.patch (bsc#1215191 for CVE-2023-4875)
+
 -------------------------------------------------------------------
 Tue Sep 12 07:15:52 UTC 2023 - Dr. Werner Fink <werner@suse.de>