mutt: fix for CVE-2014-9116, see http://dev.mutt.org/trac/ticket/3716

mutt/.md5sum

@@ -1 +1,2 @@
+9aee189b0c8a8755b5a10712e8d45b0b  CVE-2014-9116.patch
 11f5b6a3eeba1afa1257fe93c9f26bff  mutt-1.5.23.tar.gz

mutt/CVE-2014-9116.patch

@@ -0,0 +1,41 @@
+# http://dev.mutt.org/trac/ticket/3716
+
+This patch solves the issue raised by CVE-2014-9116 in bug 771125.
+
+We correctly redefine what are the whitespace characters as per RFC5322; by
+doing so we prevent mutt_substrdup from being used in a way that could lead to
+a segfault.
+
+The lib.c part was written by Antonio Radici <antonio@debian.org> to prevent
+crashes due to this kind of bugs from happening again.
+
+The wheezy version of this patch is slightly different, therefore this patch
+has -jessie prefixed in its name.
+
+Index: mutt/lib.c
+===================================================================
+--- mutt.orig/lib.c
++++ mutt/lib.c
+@@ -815,6 +815,9 @@ char *mutt_substrdup (const char *begin,
+   size_t len;
+   char *p;
+ 
++  if (end != NULL && end < begin)
++    return NULL;
++
+   if (end)
+     len = end - begin;
+   else
+Index: mutt/lib.h
+===================================================================
+--- mutt.orig/lib.h
++++ mutt/lib.h
+@@ -98,7 +98,7 @@
+    on some systems */
+ # define SKIPWS(c) while (*(c) && isspace ((unsigned char) *(c))) c++;
+ 
+-#define EMAIL_WSP " \t\r\n"
++#define EMAIL_WSP " \t\r"
+ 
+ /* skip over WSP as defined by RFC5322.  This is used primarily for parsing
+  * header fields. */

mutt/Pkgfile

@@ -5,12 +5,15 @@
 
 name=mutt
 version=1.5.23
-release=1
-source=(https://bitbucket.org/mutt/mutt/downloads/$name-$version.tar.gz)
+release=2
+source=(https://bitbucket.org/mutt/mutt/downloads/$name-$version.tar.gz
+        CVE-2014-9116.patch)
 
 build () {
     cd $name-$version
 
+    patch -p1 -i $SRC/CVE-2014-9116.patch
+
     ./configure --prefix=/usr \
                 --mandir=/usr/man \
                 --with-docdir=/usr/share/mutt \