Merge branch '3.1' into 3.2
This commit is contained in:
commit
dfd566e5c8
@ -1,2 +1,2 @@
|
|||||||
7540a6989be0042429f41770b1cdf215 cups-browsed
|
7540a6989be0042429f41770b1cdf215 cups-browsed
|
||||||
7c8d792eb872be5a5b596409e5f05f40 cups-filters-1.0.73.tar.xz
|
14862048b4a9a87abfeeae07531dd020 cups-filters-1.0.74.tar.xz
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# Depends on: cups ghostscript poppler qpdf
|
# Depends on: cups ghostscript poppler qpdf
|
||||||
|
|
||||||
name=cups-filters
|
name=cups-filters
|
||||||
version=1.0.73
|
version=1.0.74
|
||||||
release=1
|
release=1
|
||||||
source=(http://www.openprinting.org/download/$name/$name-$version.tar.xz
|
source=(http://www.openprinting.org/download/$name/$name-$version.tar.xz
|
||||||
cups-browsed)
|
cups-browsed)
|
||||||
|
@ -1,2 +1 @@
|
|||||||
9aee189b0c8a8755b5a10712e8d45b0b CVE-2014-9116.patch
|
7f25d27f3c7c82285ac07aac35f5f0f2 mutt-1.5.24.tar.gz
|
||||||
11f5b6a3eeba1afa1257fe93c9f26bff mutt-1.5.23.tar.gz
|
|
||||||
|
@ -1,41 +0,0 @@
|
|||||||
# http://dev.mutt.org/trac/ticket/3716
|
|
||||||
|
|
||||||
This patch solves the issue raised by CVE-2014-9116 in bug 771125.
|
|
||||||
|
|
||||||
We correctly redefine what are the whitespace characters as per RFC5322; by
|
|
||||||
doing so we prevent mutt_substrdup from being used in a way that could lead to
|
|
||||||
a segfault.
|
|
||||||
|
|
||||||
The lib.c part was written by Antonio Radici <antonio@debian.org> to prevent
|
|
||||||
crashes due to this kind of bugs from happening again.
|
|
||||||
|
|
||||||
The wheezy version of this patch is slightly different, therefore this patch
|
|
||||||
has -jessie prefixed in its name.
|
|
||||||
|
|
||||||
Index: mutt/lib.c
|
|
||||||
===================================================================
|
|
||||||
--- mutt.orig/lib.c
|
|
||||||
+++ mutt/lib.c
|
|
||||||
@@ -815,6 +815,9 @@ char *mutt_substrdup (const char *begin,
|
|
||||||
size_t len;
|
|
||||||
char *p;
|
|
||||||
|
|
||||||
+ if (end != NULL && end < begin)
|
|
||||||
+ return NULL;
|
|
||||||
+
|
|
||||||
if (end)
|
|
||||||
len = end - begin;
|
|
||||||
else
|
|
||||||
Index: mutt/lib.h
|
|
||||||
===================================================================
|
|
||||||
--- mutt.orig/lib.h
|
|
||||||
+++ mutt/lib.h
|
|
||||||
@@ -98,7 +98,7 @@
|
|
||||||
on some systems */
|
|
||||||
# define SKIPWS(c) while (*(c) && isspace ((unsigned char) *(c))) c++;
|
|
||||||
|
|
||||||
-#define EMAIL_WSP " \t\r\n"
|
|
||||||
+#define EMAIL_WSP " \t\r"
|
|
||||||
|
|
||||||
/* skip over WSP as defined by RFC5322. This is used primarily for parsing
|
|
||||||
* header fields. */
|
|
@ -4,16 +4,13 @@
|
|||||||
# Depends on: gdbm ncurses openssl zlib
|
# Depends on: gdbm ncurses openssl zlib
|
||||||
|
|
||||||
name=mutt
|
name=mutt
|
||||||
version=1.5.23
|
version=1.5.24
|
||||||
release=2
|
release=1
|
||||||
source=(https://bitbucket.org/mutt/mutt/downloads/$name-$version.tar.gz
|
source=(https://bitbucket.org/mutt/mutt/downloads/$name-$version.tar.gz)
|
||||||
CVE-2014-9116.patch)
|
|
||||||
|
|
||||||
build () {
|
build () {
|
||||||
cd $name-$version
|
cd $name-$version
|
||||||
|
|
||||||
patch -p1 -i $SRC/CVE-2014-9116.patch
|
|
||||||
|
|
||||||
./configure --prefix=/usr \
|
./configure --prefix=/usr \
|
||||||
--mandir=/usr/man \
|
--mandir=/usr/man \
|
||||||
--with-docdir=/usr/share/mutt \
|
--with-docdir=/usr/share/mutt \
|
||||||
|
Loading…
Reference in New Issue
Block a user