Accepting request 623631 from server:mail

OBS-URL: https://build.opensuse.org/request/show/623631 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/neomutt?expand=0&rev=7
2018-07-18 20:57:14 +00:00 · 2018-07-18 20:57:14 +00:00 · 716bd5255b
commit 716bd5255b
parent 7d074f8fbe fdb3084c2a
4 changed files with 42 additions and 4 deletions
--- a/neomutt-20180622.tar.gz
+++ b/neomutt-20180622.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9289ef61668c4eee39a85fb593f4afcb520a90d7840609fd922444b05dedf399
-size 2769280
--- a/neomutt-20180716.tar.gz
+++ b/neomutt-20180716.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:bd89826980b493ba312228c9c14ffe2403e268571aea6008c6dc7ed3848de200
+size 2778105
--- a/neomutt.changes
+++ b/neomutt.changes
@ -1,3 +1,41 @@
+-------------------------------------------------------------------
+Tue Jul 17 09:26:21 UTC 2018 - kbabioch@suse.com
+
+- Updated to 20180716
+  * Feature: <check-stats> function
+  * Lots of bug fixes and vulnerability fixes:
+    - CVE-2018-14349: Fixed mishandling of NO response without message in
+      imap/command.c (bnc#1101589)
+    - CVE-2018-14350: Fixed stack-based buffer overflow for FETCH response with
+      long INTERNALDATE field in imap/message.c (bnc#1101588)
+    - CVE-2018-14351: Fixed mishandling of a long IMAP status mailbox literal
+      count size in imap/command.c (bnc#1101583)
+    - CVE-2018-14352: Fixed stack-based buffer overflow in imap_quote_string in
+      imap/util.c (bnc#1101582)
+    - CVE-2018-14353: Fixed integer underflow in imap_quote_string in
+      imap/util.c (bnc#1101581)
+    - CVE-2018-14354: Fixed arbitrary command execution via backquote
+      characters, related to the mailboxes command associated with manual
+      subscription or unsubscription (bnc#1101578)
+    - CVE-2018-14355: Fixed directory traversal in mailbox name in imap/util.c
+      (bnc#1101577)
+    - CVE-2018-14356: Fixed mishandling of zero-length UID in pop.c
+      (bnc#1101576)
+    - CVE-2018-14357: Fixed arbitrary command execution via backquote
+      characters, related to mailboxes command associated with automatic
+      subscription (bnc#1101573)
+    - CVE-2018-14358: Fixed stack-based buffer overflow for FETCH response with
+      long RFC822.SIZE field (bnc#1101571)
+    - CVE-2018-14359: Fixed buffer overflow via base64 data (bnc#1101570)
+    - CVE-2018-14360: Fixed stack-based buffer overflow because of incorrect
+      sscanf usage in nntp_add_group in newsrc.c (bnc#1101569)
+    - CVE-2018-14361: Fixed an code flow issue in nntp.c, which would proceed
+      even if memory allocation failed for messages data (bnc#1101568)
+    - CVE-2018-14362: Fixed unsafe interaction with message-cache pathnames in
+      pop.c (bnc#1101567)
+    - CVE-2018-14363: Fixed unsafe interaction with cache pathnames (containing
+      '/') in newsrc.c (bnc#1101566)
+
 -------------------------------------------------------------------
 Mon Jun 25 00:00:00 CEST 2018 - dsterba@suse.cz

--- a/neomutt.spec
+++ b/neomutt.spec
@ -17,7 +17,7 @@


 Name:           neomutt
-Version:        20180622
+Version:        20180716
 Release:        0
 Summary:        A command line mail reader (or MUA), a fork of Mutt with added features
 License:        GPL-2.0-or-later