mirror of
https://git.FreeBSD.org/ports.git
synced 2025-01-25 09:34:11 +00:00
Update for mail/mutt: Fix security vulnerability CVE-2014-9116
PR: ports/195550 Submitted by: Udo.Schweigert@siemens.com (maintainer) Obtained from: mutt MFH: 2014Q4
This commit is contained in:
parent
b3fc172a8e
commit
f951023d0e
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=374445
@ -3,7 +3,7 @@
|
|||||||
|
|
||||||
PORTNAME= mutt
|
PORTNAME= mutt
|
||||||
PORTVERSION= 1.5.23
|
PORTVERSION= 1.5.23
|
||||||
PORTREVISION?= 6
|
PORTREVISION?= 7
|
||||||
CATEGORIES+= mail ipv6
|
CATEGORIES+= mail ipv6
|
||||||
MASTER_SITES= ftp://ftp.mutt.org/mutt/ \
|
MASTER_SITES= ftp://ftp.mutt.org/mutt/ \
|
||||||
ftp://ftp.mutt.org/mutt/devel/ \
|
ftp://ftp.mutt.org/mutt/devel/ \
|
||||||
|
43
mail/mutt/files/patch-CVE-2014-9116
Normal file
43
mail/mutt/files/patch-CVE-2014-9116
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
# HG changeset patch
|
||||||
|
# User Kevin McCarthy <kevin@8t8.us>
|
||||||
|
# Date 1417472364 28800
|
||||||
|
# Mon Dec 01 14:19:24 2014 -0800
|
||||||
|
# Branch stable
|
||||||
|
# Node ID 54c59aaf88b9f6b50f1078fc6f7551fa9315ac3e
|
||||||
|
# Parent 1b583341d5ad677c8a1935eb4110eba27606878a
|
||||||
|
Revert write_one_header() to skip space and tab. (closes #3716)
|
||||||
|
|
||||||
|
This patch fixes CVE-2014-9116 in the stable branch. It reverts
|
||||||
|
write_one_header() to the pre [f251d523ca5a] code for skipping
|
||||||
|
whitespace.
|
||||||
|
|
||||||
|
Thanks to Antonio Radici and Tomas Hoger for their analysis and patches
|
||||||
|
to mutt, which this patch is based off of.
|
||||||
|
|
||||||
|
diff --git a/sendlib.c b/sendlib.c
|
||||||
|
--- sendlib.c
|
||||||
|
+++ sendlib.c
|
||||||
|
@@ -1809,17 +1809,22 @@
|
||||||
|
{
|
||||||
|
tagbuf = NULL;
|
||||||
|
valbuf = mutt_substrdup (start, end);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
tagbuf = mutt_substrdup (start, t);
|
||||||
|
/* skip over the colon separating the header field name and value */
|
||||||
|
- t = skip_email_wsp(t + 1);
|
||||||
|
+ ++t;
|
||||||
|
+
|
||||||
|
+ /* skip over any leading whitespace (WSP, as defined in RFC5322) */
|
||||||
|
+ while (*t == ' ' || *t == '\t')
|
||||||
|
+ t++;
|
||||||
|
+
|
||||||
|
valbuf = mutt_substrdup (t, end);
|
||||||
|
}
|
||||||
|
dprint(4,(debugfile,"mwoh: buf[%s%s] too long, "
|
||||||
|
"max width = %d > %d\n",
|
||||||
|
NONULL(pfx), valbuf, max, wraplen));
|
||||||
|
if (fold_one_header (fp, tagbuf, valbuf, pfx, wraplen, flags) < 0)
|
||||||
|
return -1;
|
||||||
|
FREE (&tagbuf);
|
Loading…
Reference in New Issue
Block a user