mutt: patch for CVE-2014-9116
This commit is contained in:
parent
34dddd6ac6
commit
5b65f9618a
2 changed files with 35 additions and 3 deletions
32
srcpkgs/mutt/patches/CVE-2014-9116.patch
Normal file
32
srcpkgs/mutt/patches/CVE-2014-9116.patch
Normal file
|
@ -0,0 +1,32 @@
|
|||
This patch solves the issue raised by CVE-2014-9116.
|
||||
|
||||
We correctly redefine what are the whitespace characters as per RFC5322; by
|
||||
doing so we prevent mutt_substrdup from being used in a way that could lead to
|
||||
a segfault.
|
||||
|
||||
The lib.c part was written by Antonio Radici <antonio@debian.org> to prevent
|
||||
crashes due to this kind of bugs from happening again.
|
||||
|
||||
--- lib.c.orig
|
||||
+++ lib.c
|
||||
@@ -815,6 +815,9 @@ char *mutt_substrdup (const char *begin,
|
||||
size_t len;
|
||||
char *p;
|
||||
|
||||
+ if (end != NULL && end < begin)
|
||||
+ return NULL;
|
||||
+
|
||||
if (end)
|
||||
len = end - begin;
|
||||
else
|
||||
--- lib.h.orig
|
||||
+++ lib.h
|
||||
@@ -98,7 +98,7 @@
|
||||
on some systems */
|
||||
# define SKIPWS(c) while (*(c) && isspace ((unsigned char) *(c))) c++;
|
||||
|
||||
-#define EMAIL_WSP " \t\r\n"
|
||||
+#define EMAIL_WSP " \t\r"
|
||||
|
||||
/* skip over WSP as defined by RFC5322. This is used primarily for parsing
|
||||
* header fields. */
|
|
@ -1,14 +1,15 @@
|
|||
# Template file for 'mutt'
|
||||
pkgname=mutt
|
||||
version=1.5.23
|
||||
revision=5
|
||||
revision=6
|
||||
build_style=gnu-configure
|
||||
configure_args="--enable-pop --enable-imap --enable-smtp
|
||||
--enable-gpgme --with-regex --with-idn --with-ssl --with-sasl
|
||||
--with-gpgme-prefix=${XBPS_CROSS_BASE}/usr
|
||||
--with-gdbm=${XBPS_CROSS_BASE}/usr mutt_cv_regex_broken=no"
|
||||
hostmakedepends="perl pkg-config libidn-devel automake"
|
||||
makedepends="ncurses-devel libressl-devel libidn-devel gpgme-devel libsasl-devel"
|
||||
makedepends="ncurses-devel libressl-devel libidn-devel gpgme-devel gdbm-devel
|
||||
libsasl-devel"
|
||||
depends="mime-types"
|
||||
conf_files="/etc/Muttrc"
|
||||
short_desc="The Mutt Mail Client"
|
||||
|
@ -26,7 +27,6 @@ desc_option_sidebar="apply sidebar patch"
|
|||
# Disable hcache for cross builds
|
||||
if [ -z "$CROSS_BUILD" ]; then
|
||||
configure_args+=" --enable-hcache"
|
||||
makedepends+=" gdbm-devel"
|
||||
fi
|
||||
|
||||
pre_configure() {
|
||||
|
|
Loading…
Reference in a new issue