From a68126c0642d9ea6881a17ba2b1ef9fe71c5d1e1 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Adeodato=20Sim=C3=B3?= Date: Sat, 15 Jul 2006 01:56:19 +0200 Subject: [PATCH 1/1] Start preparing mutt-1.5.12; adjusted patches and such stuff. --- debian/changelog | 6 + .../dont_document_not_present_features.diff | 10 +- debian/patches/features/compressed-folders | 151 ++++++++---------- debian/patches/series | 9 +- .../patches/upstream/fix_cve-2006-3242.diff | 53 ------ debian/patches/version.diff | 10 -- 6 files changed, 79 insertions(+), 160 deletions(-) delete mode 100644 debian/patches/upstream/fix_cve-2006-3242.diff delete mode 100644 debian/patches/version.diff diff --git a/debian/changelog b/debian/changelog index 8150d7a..9fa3880 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +mutt (1.5.12) UNRELEASED; urgency=low + + * New upstream release. + + -- Adeodato Simó Sat, 15 Jul 2006 01:14:33 +0200 + mutt (1.5.11+cvs20060403-2) unstable; urgency=high * Fix CVE-2006-3242, stack-based buffer overflow when processing an overly diff --git a/debian/patches/debian-specific/dont_document_not_present_features.diff b/debian/patches/debian-specific/dont_document_not_present_features.diff index b1f0e90..76794cc 100644 --- a/debian/patches/debian-specific/dont_document_not_present_features.diff +++ b/debian/patches/debian-specific/dont_document_not_present_features.diff @@ -1,5 +1,5 @@ ---- mutt-1.5.11.orig/init.h -+++ mutt-1.5.11/init.h +--- init.h.orig ++++ init.h @@ -80,9 +80,9 @@ #define ISPELL "ispell" #endif @@ -12,12 +12,12 @@ # ifndef USE_IMAP # define USE_IMAP # endif -@@ -2007,7 +2007,7 @@ +@@ -2015,7 +2015,7 @@ ** .pp ** Example: set certificate_file=~/.mutt/certificates */ --# if defined _MAKEDOC || !defined(USE_GNUTLS) -+# ifndef USE_GNUTLS +-# if defined _MAKEDOC || !defined(USE_SSL_GNUTLS) ++# ifndef USE_SSL_GNUTLS { "ssl_usesystemcerts", DT_BOOL, R_NONE, OPTSSLSYSTEMCERTS, 1 }, /* ** .pp diff --git a/debian/patches/features/compressed-folders b/debian/patches/features/compressed-folders index 45e3922..5c43021 100644 --- a/debian/patches/features/compressed-folders +++ b/debian/patches/features/compressed-folders @@ -15,11 +15,11 @@ The home page for this patch is: $(for f in Makefile.in config.h.in configure 'Muttrc*' doc/manual.txt \ doc/manual.sgml 'doc/manual*.html' doc/muttrc.man; do echo "-x $f"; done) - adjust the init.h hunk to the presence of group & ungroup + - 2006-07-15: adjust Makefile.am and doc/manual.xml.head to mutt-1.5.12 == END PATCH -diff -urN mutt-1.5.11/compress.c mutt-1.5.11-ro/compress.c ---- mutt-1.5.11/compress.c 1970-01-01 01:00:00.000000000 +0100 -+++ mutt-1.5.11-ro/compress.c 2005-09-27 13:26:58.000000000 +0200 +--- /dev/null ++++ compress.c @@ -0,0 +1,487 @@ +/* + * Copyright (C) 1997 Alain Penders @@ -508,9 +508,8 @@ diff -urN mutt-1.5.11/compress.c mutt-1.5.11-ro/compress.c +} + +#endif /* USE_COMPRESSED */ -diff -urN mutt-1.5.11/compress.h mutt-1.5.11-ro/compress.h ---- mutt-1.5.11/compress.h 1970-01-01 01:00:00.000000000 +0100 -+++ mutt-1.5.11-ro/compress.h 2005-09-27 13:26:58.000000000 +0200 +--- /dev/null ++++ compress.h @@ -0,0 +1,27 @@ +/* + * Copyright (C) 1997 Alain Penders @@ -539,12 +538,9 @@ diff -urN mutt-1.5.11/compress.h mutt-1.5.11-ro/compress.h +int mutt_test_compress_command (const char *); +int mutt_check_mailbox_compressed (CONTEXT *); +void mutt_fast_close_compressed (CONTEXT *); -diff -urN mutt-1.5.11/config.h.in mutt-1.5.11-ro/config.h.in -diff -urN mutt-1.5.11/configure mutt-1.5.11-ro/configure -diff -urN mutt-1.5.11/configure.in mutt-1.5.11-ro/configure.in ---- mutt-1.5.11/configure.in 2005-09-15 16:21:24.000000000 +0200 -+++ mutt-1.5.11-ro/configure.in 2005-09-27 13:26:58.000000000 +0200 -@@ -711,6 +711,11 @@ +--- configure.in.orig ++++ configure.in +@@ -745,6 +745,11 @@ AC_DEFINE(LOCALES_HACK,1,[ Define if the result of isprint() is unreliable. ]) fi]) @@ -556,10 +552,9 @@ diff -urN mutt-1.5.11/configure.in mutt-1.5.11-ro/configure.in AC_ARG_WITH(exec-shell, AC_HELP_STRING([--with-exec-shell=SHELL], [Specify alternate shell (ONLY if /bin/sh is broken)]), [if test $withval != yes; then AC_DEFINE_UNQUOTED(EXECSHELL, "$withval", -diff -urN mutt-1.5.11/curs_main.c mutt-1.5.11-ro/curs_main.c ---- mutt-1.5.11/curs_main.c 2005-09-07 10:19:43.000000000 +0200 -+++ mutt-1.5.11-ro/curs_main.c 2005-09-27 13:26:58.000000000 +0200 -@@ -1091,6 +1091,11 @@ +--- curs_main.c.orig ++++ curs_main.c +@@ -1096,6 +1096,11 @@ { int check; @@ -571,14 +566,13 @@ diff -urN mutt-1.5.11/curs_main.c mutt-1.5.11-ro/curs_main.c mutt_str_replace (&LastFolder, Context->path); oldcount = Context ? Context->msgcount : 0; -diff -urN mutt-1.5.11/doc/manual.xml.head mutt-1.5.11-ro/doc/manual.xml.head ---- mutt-1.5.11/doc/manual.xml.head 2005-09-06 18:46:44.000000000 +0200 -+++ mutt-1.5.11-ro/doc/manual.xml.head 2005-09-27 13:29:11.000000000 +0200 -@@ -4404,6 +4404,205 @@ +--- doc/manual.xml.head.orig ++++ doc/manual.xml.head +@@ -4745,6 +4745,205 @@ -+ ++ +Compressed folders Support (OPTIONAL) + + @@ -630,7 +624,7 @@ diff -urN mutt-1.5.11/doc/manual.xml.head mutt-1.5.11-ro/doc/manual.xml.head +the compressed file will be removed if you delete all of the messages. + + -+ ++ +Open a compressed mailbox for reading + + @@ -663,9 +657,9 @@ diff -urN mutt-1.5.11/doc/manual.xml.head mutt-1.5.11-ro/doc/manual.xml.head +If the command is empty, this operation is +disabled for this file type. + -+ ++ + -+ ++ +Write a compressed mailbox + + @@ -700,9 +694,9 @@ diff -urN mutt-1.5.11/doc/manual.xml.head mutt-1.5.11-ro/doc/manual.xml.head +close-hook is not called when you +exit from the folder if the folder was not changed. + -+ ++ + -+ ++ +Append a message to a compressed mailbox + + @@ -744,9 +738,9 @@ diff -urN mutt-1.5.11/doc/manual.xml.head mutt-1.5.11-ro/doc/manual.xml.head +close-hookrespectively) each time you +will add to it. + -+ ++ + -+ ++ +Encrypted folders + + @@ -774,15 +768,14 @@ diff -urN mutt-1.5.11/doc/manual.xml.head mutt-1.5.11-ro/doc/manual.xml.head +decrypted in the /tmp directory, where it can be read by your system +administrator. So think about the security aspects of this. + -+ + ++ + - - Mutt's MIME Support + -diff -urN mutt-1.5.11/doc/muttrc.man.head mutt-1.5.11-ro/doc/muttrc.man.head ---- mutt-1.5.11/doc/muttrc.man.head 2005-09-07 10:19:44.000000000 +0200 -+++ mutt-1.5.11-ro/doc/muttrc.man.head 2005-09-27 13:29:53.000000000 +0200 + +--- doc/muttrc.man.head.orig ++++ doc/muttrc.man.head @@ -316,6 +316,24 @@ to a certain recipient. The meaning of "key ID" is to be taken broadly: This can be a different e-mail address, a numerical key ID, @@ -808,9 +801,8 @@ diff -urN mutt-1.5.11/doc/muttrc.man.head mutt-1.5.11-ro/doc/muttrc.man.head .TP \fBpush\fP \fIstring\fP This command adds the named \fIstring\fP to the keyboard buffer. -diff -urN mutt-1.5.11/hook.c mutt-1.5.11-ro/hook.c ---- mutt-1.5.11/hook.c 2005-02-03 19:47:52.000000000 +0100 -+++ mutt-1.5.11-ro/hook.c 2005-09-27 13:27:02.000000000 +0200 +--- hook.c.orig ++++ hook.c @@ -24,6 +24,10 @@ #include "mailbox.h" #include "mutt_crypt.h" @@ -839,10 +831,9 @@ diff -urN mutt-1.5.11/hook.c mutt-1.5.11-ro/hook.c else if (DefaultHook && !(data & (M_CHARSETHOOK | M_ACCOUNTHOOK)) && (!WithCrypto || !(data & M_CRYPTHOOK)) ) -diff -urN mutt-1.5.11/init.h mutt-1.5.11-ro/init.h ---- mutt-1.5.11/init.h 2005-09-15 16:19:54.000000000 +0200 -+++ mutt-1.5.11-ro/init.h 2005-09-27 13:27:02.000000000 +0200 -@@ -3100,6 +3100,11 @@ +--- init.h.orig ++++ init.h +@@ -3108,6 +3108,11 @@ { "folder-hook", mutt_parse_hook, M_FOLDERHOOK }, { "group", parse_group, 0 }, { "ungroup", parse_ungroup, 0 }, @@ -854,10 +845,9 @@ diff -urN mutt-1.5.11/init.h mutt-1.5.11-ro/init.h { "hdr_order", parse_list, UL &HeaderOrderList }, #ifdef HAVE_ICONV { "iconv-hook", mutt_parse_hook, M_ICONVHOOK }, -diff -urN mutt-1.5.11/main.c mutt-1.5.11-ro/main.c ---- mutt-1.5.11/main.c 2005-09-07 10:19:43.000000000 +0200 -+++ mutt-1.5.11-ro/main.c 2005-09-27 13:27:02.000000000 +0200 -@@ -385,6 +385,12 @@ +--- main.c.orig ++++ main.c +@@ -398,6 +398,12 @@ #else "-LOCALES_HACK " #endif @@ -870,9 +860,8 @@ diff -urN mutt-1.5.11/main.c mutt-1.5.11-ro/main.c #ifdef HAVE_WC_FUNCS "+HAVE_WC_FUNCS " -diff -urN mutt-1.5.11/Makefile.am mutt-1.5.11-ro/Makefile.am ---- mutt-1.5.11/Makefile.am 2005-08-11 23:27:28.000000000 +0200 -+++ mutt-1.5.11-ro/Makefile.am 2005-09-27 13:27:02.000000000 +0200 +--- Makefile.am.orig ++++ Makefile.am @@ -18,7 +18,7 @@ bin_PROGRAMS = mutt @DOTLOCK_TARGET@ @PGPAUX_TARGET@ mutt_SOURCES = $(BUILT_SOURCES) \ @@ -880,21 +869,19 @@ diff -urN mutt-1.5.11/Makefile.am mutt-1.5.11-ro/Makefile.am - crypt.c cryptglue.c \ + crypt.c cryptglue.c compress.c \ commands.c complete.c compose.c copy.c curs_lib.c curs_main.c date.c \ - edit.c enter.c flags.c init.c filter.c from.c getdomain.c \ - handler.c hash.c hdrline.c headers.c help.c hook.c keymap.c \ -@@ -67,7 +67,7 @@ + edit.c enter.c flags.c init.c filter.c from.c \ + getdomain.c group.c \ +@@ -68,7 +68,7 @@ crypt-gpgme.c crypt-mod-pgp-gpgme.c crypt-mod-smime-gpgme.c - EXTRA_DIST = COPYRIGHT GPL OPS OPS.PGP OPS.CRYPT OPS.SMIME TODO \ + EXTRA_DIST = COPYRIGHT GPL OPS OPS.PGP OPS.CRYPT OPS.SMIME TODO UPDATING \ - configure account.h \ + configure account.h compress.h \ attach.h buffy.h charset.h copy.h crypthash.h dotlock.h functions.h gen_defs \ globals.h hash.h history.h init.h keymap.h mutt_crypt.h \ mailbox.h mapping.h md5.h mime.h mutt.h mutt_curses.h mutt_menu.h \ -diff -urN mutt-1.5.11/Makefile.in mutt-1.5.11-ro/Makefile.in -diff -urN mutt-1.5.11/mbox.c mutt-1.5.11-ro/mbox.c ---- mutt-1.5.11/mbox.c 2005-08-02 09:08:00.000000000 +0200 -+++ mutt-1.5.11-ro/mbox.c 2005-09-27 13:27:02.000000000 +0200 +--- mbox.c.orig ++++ mbox.c @@ -28,6 +28,10 @@ #include "sort.h" #include "copy.h" @@ -919,9 +906,8 @@ diff -urN mutt-1.5.11/mbox.c mutt-1.5.11-ro/mbox.c mutt_unblock_signals (); mx_fastclose_mailbox (ctx); return 0; -diff -urN mutt-1.5.11/mutt.h mutt-1.5.11-ro/mutt.h ---- mutt-1.5.11/mutt.h 2005-09-07 10:19:43.000000000 +0200 -+++ mutt-1.5.11-ro/mutt.h 2005-09-27 13:27:02.000000000 +0200 +--- mutt.h.orig ++++ mutt.h @@ -157,6 +157,11 @@ #define M_ACCOUNTHOOK (1<<9) #define M_REPLYHOOK (1<<10) @@ -934,7 +920,7 @@ diff -urN mutt-1.5.11/mutt.h mutt-1.5.11-ro/mutt.h /* tree characters for linearize_tree and print_enriched_string */ #define M_TREE_LLCORNER 1 -@@ -828,6 +833,11 @@ +@@ -863,6 +868,11 @@ void *data; /* driver specific data */ #endif /* USE_IMAP */ @@ -946,12 +932,8 @@ diff -urN mutt-1.5.11/mutt.h mutt-1.5.11-ro/mutt.h short magic; /* mailbox type */ unsigned int locked : 1; /* is the mailbox locked? */ -diff -urN mutt-1.5.11/Muttrc mutt-1.5.11-ro/Muttrc -diff -urN mutt-1.5.11/Muttrc.head mutt-1.5.11-ro/Muttrc.head -diff -urN mutt-1.5.11/Muttrc.head.in mutt-1.5.11-ro/Muttrc.head.in -diff -urN mutt-1.5.11/mx.c mutt-1.5.11-ro/mx.c ---- mutt-1.5.11/mx.c 2005-09-07 10:19:43.000000000 +0200 -+++ mutt-1.5.11-ro/mx.c 2005-09-27 13:27:02.000000000 +0200 +--- mx.c.orig ++++ mx.c @@ -30,6 +30,10 @@ #include "keymap.h" #include "url.h" @@ -1026,7 +1008,7 @@ diff -urN mutt-1.5.11/mx.c mutt-1.5.11-ro/mx.c return rc; } -@@ -1021,6 +1051,11 @@ +@@ -1017,6 +1047,11 @@ !mutt_is_spool(ctx->path) && !option (OPTSAVEEMPTY)) mx_unlink_empty (ctx->path); @@ -1038,7 +1020,7 @@ diff -urN mutt-1.5.11/mx.c mutt-1.5.11-ro/mx.c mx_fastclose_mailbox (ctx); return 0; -@@ -1330,6 +1365,11 @@ +@@ -1326,6 +1361,11 @@ { int rc; @@ -1050,9 +1032,8 @@ diff -urN mutt-1.5.11/mx.c mutt-1.5.11-ro/mx.c if (ctx) { if (ctx->locked) lock = 0; -diff -urN mutt-1.5.11/mx.h mutt-1.5.11-ro/mx.h ---- mutt-1.5.11/mx.h 2003-08-05 15:58:16.000000000 +0200 -+++ mutt-1.5.11-ro/mx.h 2005-09-27 13:27:02.000000000 +0200 +--- mx.h.orig ++++ mx.h @@ -40,6 +40,9 @@ #ifdef USE_POP , M_POP @@ -1063,14 +1044,14 @@ diff -urN mutt-1.5.11/mx.h mutt-1.5.11-ro/mx.h }; WHERE short DefaultMagic INITVAL (M_MBOX); -diff -urN mutt-1.5.11/PATCHES mutt-1.5.11-ro/PATCHES ---- mutt-1.5.11/PATCHES 2005-08-15 10:16:00.000000000 +0200 -+++ mutt-1.5.11-ro/PATCHES 2005-09-27 13:30:25.000000000 +0200 -@@ -0,0 +1 @@ +--- PATCHES.orig ++++ PATCHES +@@ -1,2 +1,3 @@ +patch-1.5.11.rr.compressed.1 -diff -urN mutt-1.5.11/po/de.po mutt-1.5.11-ro/po/de.po ---- mutt-1.5.11/po/de.po 2005-09-15 16:23:50.000000000 +0200 -+++ mutt-1.5.11-ro/po/de.po 2005-09-27 13:27:02.000000000 +0200 + patch-1.5.6.tt.assumed_charset.1 + patch-1.5.6.dw.maildir-mtime.1 +--- po/de.po.orig ++++ po/de.po @@ -1262,6 +1262,48 @@ msgid "Failed to figure out sender" msgstr "Kann Absender nicht ermitteln" @@ -1120,7 +1101,7 @@ diff -urN mutt-1.5.11/po/de.po mutt-1.5.11-ro/po/de.po #: crypt.c:69 #, c-format msgid " (current time: %c)" -@@ -1882,6 +1924,10 @@ +@@ -1910,6 +1952,10 @@ msgid "Help for %s" msgstr "Hilfe für %s" @@ -1131,7 +1112,7 @@ diff -urN mutt-1.5.11/po/de.po mutt-1.5.11-ro/po/de.po #: hook.c:246 #, c-format msgid "unhook: Can't do unhook * from within a hook." -@@ -3336,18 +3382,10 @@ +@@ -3424,18 +3470,10 @@ msgid "Mailbox is corrupt!" msgstr "Mailbox fehlerhaft!" @@ -1150,9 +1131,8 @@ diff -urN mutt-1.5.11/po/de.po mutt-1.5.11-ro/po/de.po #. this means ctx->changed or ctx->deleted was set, but no #. * messages were found to be changed or deleted. This should #. * never happen, is we presume it is a bug in mutt. -diff -urN mutt-1.5.11/po/POTFILES.in mutt-1.5.11-ro/po/POTFILES.in ---- mutt-1.5.11/po/POTFILES.in 2005-08-03 11:17:47.000000000 +0200 -+++ mutt-1.5.11-ro/po/POTFILES.in 2005-09-27 13:27:02.000000000 +0200 +--- po/POTFILES.in.orig ++++ po/POTFILES.in @@ -8,6 +8,7 @@ color.c commands.c @@ -1161,9 +1141,8 @@ diff -urN mutt-1.5.11/po/POTFILES.in mutt-1.5.11-ro/po/POTFILES.in crypt-gpgme.c crypt.c cryptglue.c -diff -urN mutt-1.5.11/status.c mutt-1.5.11-ro/status.c ---- mutt-1.5.11/status.c 2005-02-03 19:47:53.000000000 +0100 -+++ mutt-1.5.11-ro/status.c 2005-09-27 13:27:02.000000000 +0200 +--- status.c.orig ++++ status.c @@ -97,6 +97,14 @@ case 'f': diff --git a/debian/patches/series b/debian/patches/series index be9d1a2..0964941 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,8 +1,6 @@ -version.diff - features/maildir-mtime features/assumed-charset -features/compressed-folders +features/compressed-folders -p0 features/compressed-folders.ranty-fix features/compressed-folders.debian @@ -16,8 +14,7 @@ debian-specific/use_usr_bin_editor.diff debian-specific/dont_rebuild_po_files.diff debian-specific/build_doc_adjustments.diff debian-specific/correct_docdir_in_man_page.diff -debian-specific/dont_document_not_present_features.diff +debian-specific/dont_document_not_present_features.diff -p0 misc/define-pgp_getkeys_command.diff -misc/autotools-update.diff -upstream/fix_cve-2006-3242.diff -p0 +#misc/autotools-update.diff diff --git a/debian/patches/upstream/fix_cve-2006-3242.diff b/debian/patches/upstream/fix_cve-2006-3242.diff deleted file mode 100644 index dcab392..0000000 --- a/debian/patches/upstream/fix_cve-2006-3242.diff +++ /dev/null @@ -1,53 +0,0 @@ ------------------------------------------------------------- -revno: 3939 -committer: brendan -timestamp: Mon 2006-06-19 18:14:03 +0000 -message: - From: TAKAHASHI Tamotsu - - Fix browse_get_namespace() which could overflow ns[LONG_STRING]. - (Possible remote vulnerability) ------------------------------------------------------------- -revno: 3940 -committer: brendan -timestamp: Mon 2006-06-19 18:14:54 +0000 -message: - # changelog commit ---- ChangeLog.orig -+++ ChangeLog -@@ -1,3 +1,8 @@ -+2006-06-19 18:14:03 TAKAHASHI Tamotsu (brendan) -+ -+ * imap/browse.c: Fix browse_get_namespace() which could overflow -+ ns[LONG_STRING]. (Possible remote vulnerability) -+ - 2006-04-03 20:26:14 Brendan Cully (brendan) - - * imap/command.c: Don't pass a null destination to imap_fix_path ---- imap/browse.c.orig -+++ imap/browse.c -@@ -505,7 +505,7 @@ - if (*s == '\"') - { - s++; -- while (*s && *s != '\"') -+ while (*s && *s != '\"' && n < sizeof (ns) - 1) - { - if (*s == '\\') - s++; -@@ -516,12 +516,14 @@ - s++; - } - else -- while (*s && !ISSPACE (*s)) -+ while (*s && !ISSPACE (*s) && n < sizeof (ns) - 1) - { - ns[n++] = *s; - s++; - } - ns[n] = '\0'; -+ if (n == sizeof (ns) - 1) -+ dprint (1, (debugfile, "browse_get_namespace: too long: [%s]\n", ns)); - /* delim? */ - s = imap_next_word (s); - /* delimiter is meaningless if namespace is "". Why does diff --git a/debian/patches/version.diff b/debian/patches/version.diff deleted file mode 100644 index 69efa0d..0000000 --- a/debian/patches/version.diff +++ /dev/null @@ -1,10 +0,0 @@ ---- mutt-1.5.11+cvs20060126.orig/VERSION -+++ mutt-1.5.11+cvs20060126/VERSION -@@ -1 +1 @@ --1.5.11 -+1.5.11+cvs20060403 ---- mutt-1.5.11+cvs20060126.orig/reldate.h -+++ mutt-1.5.11+cvs20060126/reldate.h -@@ -1 +1 @@ --const char *ReleaseDate = "2005-09-15"; -+const char *ReleaseDate = "2006-04-03"; -- 2.43.0