Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Please unblock package mutt This version addessses DSA-3083 and CVE2014-9116. Tracking bug: 771125 Debdiff against 1.5.23-1.1 attached unblock mutt/1.5.23-2 -- System Information: Debian Release: 7.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.12-0.bpo.1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
diff -Nru mutt-1.5.23/debian/changelog mutt-1.5.23/debian/changelog --- mutt-1.5.23/debian/changelog 2014-08-17 12:43:01.000000000 +0100 +++ mutt-1.5.23/debian/changelog 2014-11-29 18:40:59.000000000 +0000 @@ -1,3 +1,11 @@ +mutt (1.5.23-2) unstable; urgency=medium + + * Created upstream/771125-CVE-2014-9116-jessie.patch to address + CVE-2014-9116; the patch prevent mutt_substrdup from being used in a way + that can lead to a segfault. + + -- Antonio Radici <anto...@dyne.org> Sat, 29 Nov 2014 18:13:56 +0000 + mutt (1.5.23-1.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru mutt-1.5.23/debian/patches/series mutt-1.5.23/debian/patches/series --- mutt-1.5.23/debian/patches/series 2014-03-16 15:06:06.000000000 +0000 +++ mutt-1.5.23/debian/patches/series 2014-11-29 18:40:59.000000000 +0000 @@ -34,6 +34,7 @@ upstream/611410-no-implicit_autoview-for-text-html.patch upstream/path_max.patch translations/update_german_translation.patch +upstream/771125-CVE-2014-9116-jessie.patch __separator__mutt.org.patch mutt-patched/sidebar.patch mutt-patched/sidebar-dotpathsep.patch diff -Nru mutt-1.5.23/debian/patches/upstream/771125-CVE-2014-9116-jessie.patch mutt-1.5.23/debian/patches/upstream/771125-CVE-2014-9116-jessie.patch --- mutt-1.5.23/debian/patches/upstream/771125-CVE-2014-9116-jessie.patch 1970-01-01 01:00:00.000000000 +0100 +++ mutt-1.5.23/debian/patches/upstream/771125-CVE-2014-9116-jessie.patch 2014-11-29 18:40:59.000000000 +0000 @@ -0,0 +1,39 @@ +This patch solves the issue raised by CVE-2014-9116 in bug 771125. + +We correctly redefine what are the whitespace characters as per RFC5322; by +doing so we prevent mutt_substrdup from being used in a way that could lead to +a segfault. + +The lib.c part was written by Antonio Radici <anto...@debian.org> to prevent +crashes due to this kind of bugs from happening again. + +The wheezy version of this patch is slightly different, therefore this patch +has -jessie prefixed in its name. + +Index: mutt/lib.c +=================================================================== +--- mutt.orig/lib.c ++++ mutt/lib.c +@@ -815,6 +815,9 @@ char *mutt_substrdup (const char *begin, + size_t len; + char *p; + ++ if (end != NULL && end < begin) ++ return NULL; ++ + if (end) + len = end - begin; + else +Index: mutt/lib.h +=================================================================== +--- mutt.orig/lib.h ++++ mutt/lib.h +@@ -98,7 +98,7 @@ + on some systems */ + # define SKIPWS(c) while (*(c) && isspace ((unsigned char) *(c))) c++; + +-#define EMAIL_WSP " \t\r\n" ++#define EMAIL_WSP " \t\r" + + /* skip over WSP as defined by RFC5322. This is used primarily for parsing + * header fields. */
