Use the official upstream fix for CVE-2014-9116. The proposed patch that

we were previously using has unwanted side-effects, such as appending ","
to To/Cc/Mail-Followup-To, and other spacing issues.

Bump PKGREVISION.

4 files changed, 29 insertions, 18 deletions

diff --git a/mail/mutt-devel/Makefile b/mail/mutt-devel/Makefile
index 62b472387d5..ee607f9fdbc 100644
--- a/mail/mutt-devel/Makefile
+++ b/mail/mutt-devel/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.101 2015/02/19 10:00:26 jperkin Exp $
+# $NetBSD: Makefile,v 1.102 2015/02/19 10:50:44 jperkin Exp $
 
 DISTNAME=		mutt-1.5.23
-PKGREVISION=		3
+PKGREVISION=		4
 CATEGORIES=		mail
 MUTT_SITES=		ftp://ftp.mutt.org/mutt/ \
 			ftp://ftp.stealth.net/pub/mirrors/ftp.mutt.org/pub/mutt/ \
diff --git a/mail/mutt-devel/distinfo b/mail/mutt-devel/distinfo
index f6782c75e72..4f852f9005a 100644
--- a/mail/mutt-devel/distinfo
+++ b/mail/mutt-devel/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.81 2014/12/19 20:45:52 tron Exp $
+$NetBSD: distinfo,v 1.82 2015/02/19 10:50:44 jperkin Exp $
 
 SHA1 (mutt-1.5.23.tar.gz) = 8ac821d8b1e25504a31bf5fda9c08d93a4acc862
 RMD160 (mutt-1.5.23.tar.gz) = 2476a9e202ab1cd20a512253246e37538e0aad5a
@@ -8,7 +8,7 @@ SHA1 (patch-ab) = 857799206db0784672ad9042799eb12703711a31
 SHA1 (patch-ac) = 40d119b7efed1a4622c42badc9ee97349b504044
 SHA1 (patch-ad) = ecfa994c7c5e494b6eb7356327b96de6559146fc
 SHA1 (patch-ae) = 6534848a4c27d4a3830edd8d4e19d1181fe396d6
-SHA1 (patch-af) = 97b02bba89eed5c9b148664d96b6d665b3e6cb48
+SHA1 (patch-af) = edc107c535789919ba2cda5f81a4b640b6100b91
 SHA1 (patch-ag) = 6633e7485c948433f9122a649fdf3a548197eced
 SHA1 (patch-ah) = dfe747c30a44bb309cccaca1bd5174fccc3c2bed
 SHA1 (patch-al) = 49542905cde263b8d4c79f71cce3759024c804a3
@@ -17,3 +17,4 @@ SHA1 (patch-an) = b9cc3e957bb1650c8e22c0edf0ce112f769664a1
 SHA1 (patch-ao) = a5dddb01d30f28337ca825c6461139c2d9f288d5
 SHA1 (patch-ap) = c6f79d5c4e19efdc15e9d5a59934da52b16b7a62
 SHA1 (patch-aq) = e363d8929ced9731a31af1137b111d3476a3d05d
+SHA1 (patch-sendlib.c) = 0c14236d28f55eae88aea409acc5b8cdcb241556
diff --git a/mail/mutt-devel/patches/patch-af b/mail/mutt-devel/patches/patch-af
index 10ec383adc8..5e3daa798a1 100644
--- a/mail/mutt-devel/patches/patch-af
+++ b/mail/mutt-devel/patches/patch-af
@@ -1,12 +1,8 @@
-$NetBSD: patch-af,v 1.2 2014/12/19 20:45:53 tron Exp $
+$NetBSD: patch-af,v 1.3 2015/02/19 10:50:44 jperkin Exp $
 
 1.) On some systems, curses.h defines TRUE and FALSE, so conditionalise
     them here to avoid compiler complaints about duplicate definitions.
 
-2.) Fix CVE-2014-9116, patch take from here:
-
-    http://dev.mutt.org/trac/attachment/ticket/3716/ticket-3716-dev.patch
-
 --- lib.h.orig	2014-03-12 16:03:45.000000000 +0000
 +++ lib.h	2014-12-19 20:41:07.000000000 +0000
 @@ -54,8 +54,12 @@
@@ -24,12 +20,3 @@ $NetBSD: patch-af,v 1.2 2014/12/19 20:45:53 tron Exp $
  
  # define HUGE_STRING	5120
  # define LONG_STRING     1024
-@@ -98,7 +102,7 @@
-    on some systems */
- # define SKIPWS(c) while (*(c) && isspace ((unsigned char) *(c))) c++;
- 
--#define EMAIL_WSP " \t\r\n"
-+#define EMAIL_WSP " \t"
- 
- /* skip over WSP as defined by RFC5322.  This is used primarily for parsing
-  * header fields. */
diff --git a/mail/mutt-devel/patches/patch-sendlib.c b/mail/mutt-devel/patches/patch-sendlib.c
new file mode 100644
index 00000000000..78c0bb5c648
--- /dev/null
+++ b/mail/mutt-devel/patches/patch-sendlib.c
@@ -0,0 +1,23 @@
+$NetBSD: patch-sendlib.c,v 1.3 2015/02/19 10:50:44 jperkin Exp $
+
+Fix CVE-2014-9116 using the upstream patch from
+http://dev.mutt.org/trac/changeset/0aebf1df43598b442ac75ae4fe17875351854db0
+
+--- sendlib.c.orig	2014-03-12 16:03:45.000000000 +0000
++++ sendlib.c
+@@ -1814,7 +1814,14 @@ static int write_one_header (FILE *fp, i
+     {
+       tagbuf = mutt_substrdup (start, t);
+       /* skip over the colon separating the header field name and value */
+-      t = skip_email_wsp(t + 1);
++      ++t; 
++
++      /* skip over any leading whitespace (WSP, as defined in RFC5322) 
++       * NOTE: skip_email_wsp() does the wrong thing here. 
++       *       See tickets 3609 and 3716. */ 
++      while (*t == ' ' || *t == '\t') 
++        t++; 
++
+       valbuf = mutt_substrdup (t, end);
+     }
+     dprint(4,(debugfile,"mwoh: buf[%s%s] too long, "