mutt.patch mutt.spe...

Ralf S. Engelschall Sat, 15 Jul 2006 09:24:13 -0700

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________


  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /v/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src                      Date:   15-Jul-2006 18:24:21
  Branch: OPENPKG_2_STABLE                 Handle: 2006071517242100

  Modified files:           (Branch: OPENPKG_2_STABLE)
    openpkg-src/mutt        mutt.patch mutt.spec

  Log:
    Security Fix (CVE-2006-3242)

  Summary:
    Revision    Changes     Path
    1.5.2.1     +34 -0      openpkg-src/mutt/mutt.patch
    1.71.2.2    +1  -1      openpkg-src/mutt/mutt.spec
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/mutt/mutt.patch
  ============================================================================
  $ cvs diff -u -r1.5 -r1.5.2.1 mutt.patch
  --- openpkg-src/mutt/mutt.patch       19 Feb 2006 08:14:28 -0000      1.5
  +++ openpkg-src/mutt/mutt.patch       15 Jul 2006 16:24:21 -0000      1.5.2.1
  @@ -9,3 +9,37 @@
          mutt_str_replace (&SmimeDefaultKey, p);
        
          msg->security |= SIGN;
  +
  +-----------------------------------------------------------------------------
  +
  +Security Fix (CVE-2006-3242)
  
+http://dev.mutt.org/cgi-bin/viewcvs.cgi/mutt/imap/browse.c?r1=1.34.2.2&r2=1.34.2.3&makepatch=1&diff_format=u
  +
  +Index: imap/browse.c
  +--- imap/browse.c    2002/02/26 10:38:56     1.34.2.2
  ++++ imap/browse.c    2006/06/19 18:20:00     1.34.2.3
  +@@ -452,7 +452,7 @@
  +         if (*s == '\"')
  +         {
  +           s++;
  +-          while (*s && *s != '\"') 
  ++          while (*s && *s != '\"' && n < sizeof (ns) - 1) 
  +           {
  +             if (*s == '\\')
  +               s++;
  +@@ -463,12 +463,14 @@
  +             s++;
  +         }
  +         else
  +-          while (*s && !ISSPACE (*s)) 
  ++          while (*s && !ISSPACE (*s) && n < sizeof (ns) - 1)
  +           {
  +             ns[n++] = *s;
  +             s++;
  +           }
  +         ns[n] = '\0';
  ++        if (n == sizeof (ns) - 1)
  ++          dprint (1, (debugfile, "browse_get_namespace: too long: [%s]\n", 
ns));
  +         /* delim? */
  +         s = imap_next_word (s);
  +         /* delimiter is meaningless if namespace is "". Why does
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/mutt/mutt.spec
  ============================================================================
  $ cvs diff -u -r1.71.2.1 -r1.71.2.2 mutt.spec
  --- openpkg-src/mutt/mutt.spec        20 Jun 2006 15:21:51 -0000      1.71.2.1
  +++ openpkg-src/mutt/mutt.spec        15 Jul 2006 16:24:21 -0000      1.71.2.2
  @@ -38,7 +38,7 @@
   Group:        Mail
   License:      BSD
   Version:      %{V_mutt}i
  -Release:      2.20060622
  +Release:      2.20060715
   
   #   build options
   %option       with_comp      no
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [email protected]

[CVS] OpenPKG: OPENPKG_2_STABLE: openpkg-src/mutt/ mutt.patch mutt.spe...

Reply via email to