diff options
author | Andreas Enge <andreas@enge.fr> | 2015-10-16 22:56:39 +0200 |
---|---|---|
committer | Andreas Enge <andreas@enge.fr> | 2015-10-16 22:58:07 +0200 |
commit | d82633d06a0b7f24e98f12a2686c1ffdf12f5cd3 (patch) | |
tree | 0717b7a7ea29119fa92889697f944e1632f0b088 /gnu/packages/patches | |
parent | 1268e52d5de05f16396e2fa9e266f74b786131dc (diff) | |
download | gnu-guix-d82633d06a0b7f24e98f12a2686c1ffdf12f5cd3.tar gnu-guix-d82633d06a0b7f24e98f12a2686c1ffdf12f5cd3.tar.gz |
gnu: mutt: Update to 1.5.24.
* gnu/packages/patches/mutt-CVE-2014-9116.patch: Delete file.
* gnu/packages/mail.scm (mutt): Update to 1.5.24.
[source]: Update and remove patch.
* gnu-system.am (dist_patch_DATA): Unregister removed patch.
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r-- | gnu/packages/patches/mutt-CVE-2014-9116.patch | 46 |
1 files changed, 0 insertions, 46 deletions
diff --git a/gnu/packages/patches/mutt-CVE-2014-9116.patch b/gnu/packages/patches/mutt-CVE-2014-9116.patch deleted file mode 100644 index 91e17ecbe0..0000000000 --- a/gnu/packages/patches/mutt-CVE-2014-9116.patch +++ /dev/null @@ -1,46 +0,0 @@ -Fix CVE-2014-9116. Copied from Debian: - -This patch solves the issue raised by CVE-2014-9116 in bug 771125. - -We correctly redefine what are the whitespace characters as per RFC5322; by -doing so we prevent mutt_substrdup from being used in a way that could lead to -a segfault. - -The lib.c part was written by Antonio Radici <antonio@debian.org> to prevent -crashes due to this kind of bugs from happening again. - -The wheezy version of this patch is slightly different, therefore this patch -has -jessie prefixed in its name. - -The sendlib.c part was provided by Salvatore Bonaccorso and it is the same as -the upstream patch reported here: -http://dev.mutt.org/trac/attachment/ticket/3716/ticket-3716-stable.patch - ---- a/lib.c -+++ b/lib.c -@@ -815,6 +815,9 @@ char *mutt_substrdup (const char *begin, - size_t len; - char *p; - -+ if (end != NULL && end < begin) -+ return NULL; -+ - if (end) - len = end - begin; - else ---- a/sendlib.c -+++ b/sendlib.c -@@ -1814,7 +1814,12 @@ static int write_one_header (FILE *fp, i - { - tagbuf = mutt_substrdup (start, t); - /* skip over the colon separating the header field name and value */ -- t = skip_email_wsp(t + 1); -+ ++t; -+ -+ /* skip over any leading whitespace (WSP, as defined in RFC5322) */ -+ while (*t == ' ' || *t == '\t') -+ t++; -+ - valbuf = mutt_substrdup (t, end); - } - dprint(4,(debugfile,"mwoh: buf[%s%s] too long, " |