[arch-commits] Commit in mutt/trunk (PKGBUILD cve-2014-9116.patch)

Gaetan Bisson bisson at archlinux.org
Tue Sep 1 01:16:35 UTC 2015 

    Date: Tuesday, September 1, 2015 @ 03:16:35
  Author: bisson
Revision: 245124

upstream update

Modified:
  mutt/trunk/PKGBUILD
Deleted:
  mutt/trunk/cve-2014-9116.patch

---------------------+
 PKGBUILD            |   30 ++++++++----------------------
 cve-2014-9116.patch |   35 -----------------------------------
 2 files changed, 8 insertions(+), 57 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2015-08-31 20:25:08 UTC (rev 245123)
+++ PKGBUILD	2015-09-01 01:16:35 UTC (rev 245124)
@@ -3,8 +3,8 @@
 # Maintainer: Gaetan Bisson <bisson at archlinux.org>
 
 pkgname=mutt
-pkgver=1.5.23
-pkgrel=2
+pkgver=1.5.24
+pkgrel=1
 pkgdesc='Small but very powerful text-based mail client'
 url='http://www.mutt.org/'
 license=('GPL')
@@ -12,26 +12,13 @@
 arch=('i686' 'x86_64')
 optdepends=('smtp-forwarder: to send mail')
 depends=('gpgme' 'ncurses' 'openssl' 'libsasl' 'gdbm' 'libidn' 'mime-types' 'krb5')
-source=("ftp://ftp.mutt.org/mutt/${pkgname}-${pkgver}.tar.gz"
-        'cve-2014-9116.patch')
-sha1sums=('8ac821d8b1e25504a31bf5fda9c08d93a4acc862'
-          '776e3e00fcf8a325e7b9c2bb456d3e9ba2c82307')
+source=("http://ftp.mutt.org/pub/mutt/${pkgname}-${pkgver}.tar.gz"{,.asc})
+sha1sums=('38a2da5eb01ff83a90a2caee28fa2e95dbfe6898' 'SKIP')
+validpgpkeys=('8975A9B33AA37910385C5308ADEF768480316BDA')
 
-makedepends=('mercurial')
-source=('hg+http://dev.mutt.org/hg/mutt#revision=2ca89bed64480780d0a435e89c13dba06c748094')
-sha1sums=('SKIP')
-pkgver=1.5.23.hg.20150711
-
-#prepare() {
-#	cd "${srcdir}/${pkgname}-${pkgver}"
-#	patch -p1 -i ../cve-2014-9116.patch
-#}
-
 build() {
-#	cd "${srcdir}/${pkgname}-${pkgver}"
-	cd "${srcdir}/${pkgname}"
-#	./configure \
-	./prepare \
+	cd "${srcdir}/${pkgname}-${pkgver}"
+	./configure \
 		--prefix=/usr \
 		--sysconfdir=/etc \
 		--enable-gpgme \
@@ -50,8 +37,7 @@
 }
 
 package() {
-#	cd "${srcdir}/${pkgname}-${pkgver}"
-	cd "${srcdir}/${pkgname}"
+	cd "${srcdir}/${pkgname}-${pkgver}"
 	make DESTDIR="${pkgdir}" install
 
 	rm "${pkgdir}"/etc/mime.types{,.dist}

Deleted: cve-2014-9116.patch
===================================================================
--- cve-2014-9116.patch	2015-08-31 20:25:08 UTC (rev 245123)
+++ cve-2014-9116.patch	2015-09-01 01:16:35 UTC (rev 245124)
@@ -1,35 +0,0 @@
-
-# HG changeset patch
-# User Kevin McCarthy <kevin at 8t8.us>
-# Date 1417472364 28800
-# Node ID 0aebf1df43598b442ac75ae4fe17875351854db0
-# Parent  5a86319adad0d17e4acaf8a580bfc9eb247547d0
-Revert write_one_header() to skip space and tab.  (closes #3716)
-
-This patch fixes CVE-2014-9116 in the stable branch.  It reverts
-write_one_header() to the pre [f251d523ca5a] code for skipping
-whitespace.
-
-Thanks to Antonio Radici and Tomas Hoger for their analysis and patches
-to mutt, which this patch is based off of.
-
-diff -r 5a86319adad0 -r 0aebf1df4359 sendlib.c
---- a/sendlib.c	Mon Jan 05 18:28:59 2015 -0800
-+++ b/sendlib.c	Mon Dec 01 14:19:24 2014 -0800
-@@ -1814,7 +1814,14 @@
-     {
-       tagbuf = mutt_substrdup (start, t);
-       /* skip over the colon separating the header field name and value */
--      t = skip_email_wsp(t + 1);
-+      ++t;
-+
-+      /* skip over any leading whitespace (WSP, as defined in RFC5322)
-+       * NOTE: skip_email_wsp() does the wrong thing here.
-+       *       See tickets 3609 and 3716. */
-+      while (*t == ' ' || *t == '\t')
-+        t++;
-+
-       valbuf = mutt_substrdup (t, end);
-     }
-     dprint(4,(debugfile,"mwoh: buf[%s%s] too long, "
-

More information about the arch-commits mailing list