commit claws-mail for openSUSE:Factory

Tue, 16 Oct 2012 02:23:34 -0700 

Hello community,

here is the log from the commit of package claws-mail for openSUSE:Factory 
checked in at 2012-10-16 11:23:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/claws-mail (Old)
 and      /work/SRC/openSUSE:Factory/.claws-mail.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "claws-mail", Maintainer is "nadvor...@suse.com"

Changes:
--------
--- /work/SRC/openSUSE:Factory/claws-mail/claws-mail.changes    2012-08-13 
19:53:12.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.claws-mail.new/claws-mail.changes       
2012-10-16 11:23:27.000000000 +0200
@@ -1,0 +2,7 @@
+Fri Oct 12 14:52:50 UTC 2012 - zai...@opensuse.org
+
+- Add claws-mail-3.8.1-procmime-vuln.patch: Fixes NULL pointer
+  derefence while processing email content. (bnc#784463),
+  (CVE-2012-4507).
+
+-------------------------------------------------------------------

New:
----
  claws-mail-3.8.1-procmime-vuln.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ claws-mail.spec ++++++
--- /var/tmp/diff_new_pack.HfQnru/_old  2012-10-16 11:23:28.000000000 +0200
+++ /var/tmp/diff_new_pack.HfQnru/_new  2012-10-16 11:23:28.000000000 +0200
@@ -34,6 +34,8 @@
 Patch1:         claws-mail-bnc770014.patch
 # PATCH-FIX-UPSTREAM claws-mail-verify-hostname.patch bnc#761503 -- Verify 
peer names when negotiating certificates.
 Patch3:         claws-mail-verify-hostname.patch
+# PATCH-FIX-UPSTREAM claws-mail-3.8.1-procmime-vuln.patch bnc#784463 -- NULL 
pointer derefence while processing email content. 
+Patch4:         claws-mail-3.8.1-procmime-vuln.patch
 BuildRequires:  NetworkManager-devel
 BuildRequires:  compface
 BuildRequires:  db-devel
@@ -111,6 +113,7 @@
 %patch0
 %patch1 -p1
 %patch3 -p0
+%patch4 -p1
 
 %build
 %configure \

++++++ claws-mail-3.8.1-procmime-vuln.patch ++++++
diff -Nurb --strip-trailing-cr claws-mail-3.8.1-orig/src/procmime.c 
claws-mail-3.8.1/src/procmime.c
--- claws-mail-3.8.1-orig/src/procmime.c        2012-06-27 11:05:22.000000000 
+0200
+++ claws-mail-3.8.1/src/procmime.c     2012-10-03 18:00:09.438577924 +0200
@@ -1753,6 +1753,8 @@
                        continue;
 
                charset = value;
+        if (charset == NULL)
+            continue;
                lang = strchr(charset, '\'');
                if (lang == NULL)
                        continue;
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

Reply via email to