From b5c0c6e596cea9c83dd12330e4cede379b159791 Mon Sep 17 00:00:00 2001 From: is Date: Sat, 9 Mar 2013 22:15:08 +0000 Subject: Patch for potential buffer overflows from upstream flea #3635 / changeset 6297:14596ac2b323 --- mail/mutt-devel/Makefile | 4 ++-- mail/mutt-devel/distinfo | 4 +++- mail/mutt-devel/patches/patch-rfc1524.c | 13 +++++++++++++ mail/mutt-devel/patches/patch-sendlib.c | 13 +++++++++++++ 4 files changed, 31 insertions(+), 3 deletions(-) create mode 100644 mail/mutt-devel/patches/patch-rfc1524.c create mode 100644 mail/mutt-devel/patches/patch-sendlib.c (limited to 'mail') diff --git a/mail/mutt-devel/Makefile b/mail/mutt-devel/Makefile index 1b54000ecd0..ae61cceb121 100644 --- a/mail/mutt-devel/Makefile +++ b/mail/mutt-devel/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.92 2013/03/06 20:53:39 is Exp $ +# $NetBSD: Makefile,v 1.93 2013/03/09 22:15:08 is Exp $ DISTNAME= mutt-1.5.21 -PKGREVISION= 10 +PKGREVISION= 11 CATEGORIES= mail MUTT_SITES= ftp://ftp.mutt.org/mutt/ \ ftp://ftp.stealth.net/pub/mirrors/ftp.mutt.org/pub/mutt/ \ diff --git a/mail/mutt-devel/distinfo b/mail/mutt-devel/distinfo index 1e6e059a55a..42f34c3af37 100644 --- a/mail/mutt-devel/distinfo +++ b/mail/mutt-devel/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.75 2013/03/06 20:53:39 is Exp $ +$NetBSD: distinfo,v 1.76 2013/03/09 22:15:08 is Exp $ SHA1 (mutt-1.5.21.tar.gz) = a8475f2618ce5d5d33bff85c0affdf21ab1d76b9 RMD160 (mutt-1.5.21.tar.gz) = b235a42972ae410592253cdc117a90baf279f47a @@ -26,4 +26,6 @@ SHA1 (patch-aq) = e363d8929ced9731a31af1137b111d3476a3d05d SHA1 (patch-lib.c) = 7a0dc485ac8351b4c41279e22cf74134462c6432 SHA1 (patch-pop.c) = 943fec58724f4ea305fe2e4d1c48fa1c2945f087 SHA1 (patch-pop__lib.c) = b183a9c75804189a14cdffbe2a19e52d29aa536a +SHA1 (patch-rfc1524.c) = 78f5fb9ef54dd3c5e1ffdc9dcf0516eb7c4bd3a8 +SHA1 (patch-sendlib.c) = 627ca73a3fff118a886c665a56b22d0c3b1a6165 SHA1 (patch-smime.c) = 5ed07d69700992767572216844e44d655f5eec7d diff --git a/mail/mutt-devel/patches/patch-rfc1524.c b/mail/mutt-devel/patches/patch-rfc1524.c new file mode 100644 index 00000000000..6a9fbc09aa5 --- /dev/null +++ b/mail/mutt-devel/patches/patch-rfc1524.c @@ -0,0 +1,13 @@ +$NetBSD: patch-rfc1524.c,v 1.1 2013/03/09 22:15:08 is Exp $ + +Index: rfc1524.c +=================================================================== +--- rfc1524.c (revision 6235) ++++ rfc1524.c (revision 6297) +@@ -69,5 +69,5 @@ + mutt_sanitize_filename (type, 0); + +- while (x < clen && command[x] && y < sizeof (buf) - 1) ++ while (x < clen - 1 && command[x] && y < sizeof (buf) - 1) + { + if (command[x] == '\\') diff --git a/mail/mutt-devel/patches/patch-sendlib.c b/mail/mutt-devel/patches/patch-sendlib.c new file mode 100644 index 00000000000..1734050c6d4 --- /dev/null +++ b/mail/mutt-devel/patches/patch-sendlib.c @@ -0,0 +1,13 @@ +$NetBSD: patch-sendlib.c,v 1.1 2013/03/09 22:15:08 is Exp $ + +Index: sendlib.c +=================================================================== +--- sendlib.c (revision 6255) ++++ sendlib.c (revision 6297) +@@ -1665,5 +1665,5 @@ + * whitespace we can fold before */ + next = find_word (p); +- l = MIN(sizeof (buf), next - p); ++ l = MIN(sizeof (buf) - 1, next - p); + memcpy (buf, p, l); + buf[l] = 0; -- cgit v1.2.3