diff options
| author |   Fabian Groffen <grobian@gentoo.org> | 2009-10-27 09:20:25 +0000 |
|---|---|---|
| committer | Fabian Groffen <grobian@gentoo.org> | 2009-10-27 09:20:25 +0000 |
| commit | 2109d083ccf951aecaf3b1fd086154f1981207fe (patch) | |
| tree | 8079e85a6463292a78b22fc1d9d4057d3690e2ae /mail-client | |
| parent | Stable for HPPA (bug #290113). (diff) | |
| download | historical-2109d083ccf951aecaf3b1fd086154f1981207fe.tar.gz historical-2109d083ccf951aecaf3b1fd086154f1981207fe.tar.bz2 historical-2109d083ccf951aecaf3b1fd086154f1981207fe.zip | |
Add patch to fix ssl security issue CVE-2009-3765, bug #290660
Package-Manager: portage-2.2.00.14724-prefix/cvs/SunOS i386
Diffstat (limited to 'mail-client')
| -rw-r--r-- | mail-client/mutt/ChangeLog | 9 | ||||
| -rw-r--r-- | mail-client/mutt/Manifest | 5 | ||||
| -rw-r--r-- | mail-client/mutt/files/mutt-1.5.20-ssl-CVE-2009-3765-dc09812e63a3.patch | 25 | ||||
| -rw-r--r-- | mail-client/mutt/mutt-1.5.20-r8.ebuild (renamed from mail-client/mutt/mutt-1.5.20-r7.ebuild) | 6 |
4 files changed, 40 insertions, 5 deletions
diff --git a/mail-client/mutt/ChangeLog b/mail-client/mutt/ChangeLog index 3ac344752aab..b0e0ffa11145 100644 --- a/mail-client/mutt/ChangeLog +++ b/mail-client/mutt/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for mail-client/mutt # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/mail-client/mutt/ChangeLog,v 1.161 2009/10/27 09:08:08 grobian Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-client/mutt/ChangeLog,v 1.162 2009/10/27 09:20:24 grobian Exp $ + +*mutt-1.5.20-r8 (27 Oct 2009) + + 27 Oct 2009; Fabian Groffen <grobian@gentoo.org> -mutt-1.5.20-r7.ebuild, + +mutt-1.5.20-r8.ebuild, + +files/mutt-1.5.20-ssl-CVE-2009-3765-dc09812e63a3.patch: + Add patch to fix ssl security issue CVE-2009-3765, bug #290660 27 Oct 2009; Fabian Groffen <grobian@gentoo.org> -mutt-1.5.16.ebuild, -mutt-1.5.19-r1.ebuild: diff --git a/mail-client/mutt/Manifest b/mail-client/mutt/Manifest index b0df6b727b02..bbebbec7a0ab 100644 --- a/mail-client/mutt/Manifest +++ b/mail-client/mutt/Manifest @@ -26,6 +26,7 @@ AUX mutt-1.5.20-next-invalid-pattern-crash-6a08a5244d60.patch 791 RMD160 b4e91bb AUX mutt-1.5.20-propagate-mh_read_sequences-2fc9348684fe.patch 725 RMD160 9125bf147ba4be50821d38301af361844e176b2e SHA1 6f11d93ac397b15d01fe6ede010a29998743356f SHA256 633cbff8666d49e1a02c348e27f7cec1046460581d3af1f5c73905ba6ff4a564 AUX mutt-1.5.20-search-pattern-crash-053ef7bbaa72.patch 634 RMD160 c7eb6d6977b8b43b5ef84cb5dede58bb5018a02c SHA1 381bca1965f0fe2a13429f68872901dfcfe5f07f SHA256 b25f814ec615e5240fc2d449b0b41e3d20d6c862d0131bcc1d0e3d876244470b AUX mutt-1.5.20-smtp-batch-mode-0a3de4d9a009-f6c6066a5925.patch 2211 RMD160 730cd88c1cfaf83d9eeeb1f2ed7d58b2eb43b85f SHA1 e6ce5e3b0ea1a9885a53ba93fc43ce8a17654287 SHA256 838f9734ba360936f99e06b25eb14425870ea788d97769ee2a0c57bd98e42468 +AUX mutt-1.5.20-ssl-CVE-2009-3765-dc09812e63a3.patch 860 RMD160 c7a4a69194fd735a992c470bae0b1e21f5346fc0 SHA1 a151b6424f261a1988f72f9f9df00d17f44b7726 SHA256 c16df7b212806867ae134837dafdc7aff9e36084a493238adfd8f80b3935d370 AUX mutt-1.5.20-tab-subject-questionmark-298194c414f0-cff8e8ce4327.patch 1131 RMD160 5286dc8809747291e31e1c1a3801ad5efbdc285b SHA1 fe3cc48c0592b5f7775db8f46a5fccfff4a68895 SHA256 8cec9af4bc073faacfec09331fc928ddb9c0b98be11da5c5022fc1af2bdece5f AUX mutt-1.5.20-ungroup-command-77ac8b5c2be6.patch 14089 RMD160 e26623f79a4ecf5d7a84cd94159e01ad8bfb8b42 SHA1 2f3811d9f85ac2764c33cd1aa4f852dc1b56d017 SHA256 830bb141fbfe42226f12af508d6f4d7fa2904213386695967c488a8a89f8b8ab AUX mutt-1.5.20-unmailbox-segfault-25e46aad362b.patch 455 RMD160 63b73ed21d42d0849f38ef1098029c64933c47a5 SHA1 9da6a6914d3ae276887efd1a30ed3ea55bc57bcb SHA256 7d44b98e8f7538ce85ddb80877a0caabd1edcfd5e558258896d50691c51a3d0e @@ -34,6 +35,6 @@ DIST mutt-1.5.20.tar.gz 3635047 RMD160 df582f79364b9fd70a0001e76a119d8f78275ebb DIST patch-1.5.20.sidebar.20090619.txt 53335 RMD160 4c693b100a320d11ea94aedb75cff63d9f6cfb3f SHA1 d72355e39674bb4f892e4af3b84fe49c94415487 SHA256 6e925319adbfa0ba7f120f0ef4ddc62f99b1dc8f6a8b5bdc31dd8a0040aded1b EBUILD mutt-1.5.20-r4.ebuild 8442 RMD160 b8e5a90fa48cb236f31e69dddb63ba7078f2dd5d SHA1 88f66d53c60f431173ac86c7c1ca5888879e9e7c SHA256 ddfda6ec2a6649f05b36e492b5237feaf64546c758e1c8bfd0a600af8b25ee80 EBUILD mutt-1.5.20-r6.ebuild 8728 RMD160 f8df0550896b4ca3b6b81e06a2bb657c6fb429e3 SHA1 a8a7da268bcbb48384a4930eae472f08575a579f SHA256 86e66961cbef99cb844de77c0ea7177e24890a3830debe8caab5bfa4424e9d74 -EBUILD mutt-1.5.20-r7.ebuild 8985 RMD160 195e239fb2c12833ecbff9d6f49bf2e5c0beda5e SHA1 1b9704ab1ac4dc33acfd2447ce0269e8954d1fff SHA256 b4289fbc67dd6bc4b4ac711bdddae5ef8a2287ac96150fbb0971e4ebf6853919 -MISC ChangeLog 36276 RMD160 bf05f58d43267f4fd534b50d51f696318d7475ea SHA1 8de606268f1124a4226b04d0408a0533b3a212f0 SHA256 5f78674beb99ca8e51e5b450e616bdfb6e1d9f060ee5681ef31031d4e8a3e961 +EBUILD mutt-1.5.20-r8.ebuild 9056 RMD160 7199e773ded09b63aecdf21d3475f4bccfc7ea2a SHA1 c2f98e2e795f517f1924b94329faad8d8b8ee288 SHA256 8517e5d884b48e85a4ff330e263301c7ffa6cf89e75afbbe48c942c7758b4446 +MISC ChangeLog 36533 RMD160 696f74b4fd39de0b2ed72977df8f99d4955639da SHA1 815fd30be6a8c364c7d82e8c9a7a9e0adc77d732 SHA256 43fef132e80e95e9bee63c6b24ae3bcac0c62e7502e38a3f1d54bd1095d50b27 MISC metadata.xml 726 RMD160 1f80ee52c2da9e29fb71b6bb7cd58ebc056bd13d SHA1 c1ef3fae9dd08dbef11a77dfc8ca08d6eea0c08b SHA256 71c7659be3754f95ace951ee4e2c5baa1c91ca617c19511489d9afe0c0f58a0e diff --git a/mail-client/mutt/files/mutt-1.5.20-ssl-CVE-2009-3765-dc09812e63a3.patch b/mail-client/mutt/files/mutt-1.5.20-ssl-CVE-2009-3765-dc09812e63a3.patch new file mode 100644 index 000000000000..becf16baa486 --- /dev/null +++ b/mail-client/mutt/files/mutt-1.5.20-ssl-CVE-2009-3765-dc09812e63a3.patch @@ -0,0 +1,25 @@ +http://bugs.gentoo.org/show_bug.cgi?id=290660 +http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3765 +http://dev.mutt.org/trac/changeset/6016:dc09812e63a3/mutt_ssl.c + +Index: mutt_ssl.c +=================================================================== +--- mutt_ssl.c (revision 5870:dc9ec900c657) ++++ mutt_ssl.c (revision 6016:dc09812e63a3) +@@ -682,5 +682,6 @@ + if (subj_alt_name->type == GEN_DNS) + { +- if ((match_found = hostname_match(hostname_ascii, ++ if (mutt_strlen(subj_alt_name) == subj_alt_name->d.ia5->length && ++ (match_found = hostname_match(hostname_ascii, + (char *)(subj_alt_name->d.ia5->data)))) + { +@@ -712,5 +713,7 @@ + goto out; + } +- match_found = hostname_match(hostname_ascii, buf); ++ if (mutt_strlen(buf) == bufsize - 1) { ++ match_found = hostname_match(hostname_ascii, buf); ++ } + } + diff --git a/mail-client/mutt/mutt-1.5.20-r7.ebuild b/mail-client/mutt/mutt-1.5.20-r8.ebuild index 0edb74418da6..5afdfdb9ea80 100644 --- a/mail-client/mutt/mutt-1.5.20-r7.ebuild +++ b/mail-client/mutt/mutt-1.5.20-r8.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2009 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/mail-client/mutt/mutt-1.5.20-r7.ebuild,v 1.2 2009/10/26 20:37:21 klausman Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-client/mutt/mutt-1.5.20-r8.ebuild,v 1.1 2009/10/27 09:20:24 grobian Exp $ inherit eutils flag-o-matic autotools @@ -78,6 +78,8 @@ src_unpack() { built_with_use sys-libs/ncurses unicode && \ epatch "${FILESDIR}"/mutt-1.5.18-solaris-ncurses-chars.patch epatch "${FILESDIR}"/mutt-1.5.20-gpgme-1.2.0.patch + epatch "${FILESDIR}"/mutt-1.5.20-dont-reveal-bbc.patch + # post-release hot-fixes epatch "${FILESDIR}"/mutt-1.5.20-imap-port-invalid-d6f88fbf8387.patch epatch "${FILESDIR}"/mutt-1.5.20-header-weeding-f40de578e8ed.patch @@ -98,7 +100,7 @@ src_unpack() { epatch "${FILESDIR}"/mutt-1.5.20-fix-mh-parsing-14bb498c6a1c.patch epatch "${FILESDIR}"/mutt-1.5.20-search-pattern-crash-053ef7bbaa72.patch epatch "${FILESDIR}"/mutt-1.5.20-next-invalid-pattern-crash-6a08a5244d60.patch - epatch "${FILESDIR}"/mutt-1.5.20-dont-reveal-bbc.patch + epatch "${FILESDIR}"/mutt-1.5.20-ssl-CVE-2009-3765-dc09812e63a3.patch # patch version string for bug reports sed -i -e 's/"Mutt %s (%s)"/"Mutt %s (%s, Gentoo '"${PVR}"')"/' \ |