Package: mutt
Version: 1.6.2-1
Severity: minor
Hi!
New versions of mutt will try to use getrandom() before reading /dev/urandom.
I see three issues:
* no need to #ifdef __linux__, solaris has getrandom() too
* it'd be nice to use getentropy() on [k]freebsd
* on older kernels supported by stretch (3.2..3.16) mutt complains that this
function is not implemented. This warning will scare users, and it's not
that rare to use new userspace on old kernels: vserver/openvz/lxc hosting,
ARMs with vendor kernels, etc. The fallback is fully secure: if
/dev/urandom cannot be read, mutt quits instead of using bad randomness.
-- Package-specific info:
Mutt 1.6.2-neo (2016-07-23)
Copyright (C) 1996-2016 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.
System: Linux 3.14.67-vs2.3.6.15-x32-vserver+ (x86_64)
libidn: 1.33 (compiled with 1.33)
hcache backend: tokyocabinet 1.4.48
Compiler:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/i686-linux-gnu/5/lto-wrapper
Target: i686-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 5.4.0-6'
--with-bugurl=file:///usr/share/doc/gcc-5/README.Bugs
--enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr
--program-suffix=-5 --enable-shared --enable-linker-build-id
--libexecdir=/usr/lib --without-included-gettext --enable-threads=posix
--libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu
--enable-libstdcxx-debug --enable-libstdcxx-time=yes
--with-default-libstdcxx-abi=new --enable-gnu-unique-object
--disable-vtable-verify --enable-libmpx --enable-plugin --with-system-zlib
--disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo
--with-java-home=/usr/lib/jvm/java-1.5.0-gcj-5-i386/jre --enable-java-home
--with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-5-i386
--with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-5-i386
--with-arch-directory=i386 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar
--enable-objc-gc --enable-targets=all --enable-multiarch --with-arch-32=i686
--with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic
--enable-checking=release --build=i686-linux-gnu --host=i686-linux-gnu
--target=i686-linux-gnu
Thread model: posix
gcc version 5.4.0 20160609 (Debian 5.4.0-6)
Configure options: '--build=i686-linux-gnu' '--prefix=/usr'
'--includedir=\${prefix}/include' '--mandir=\${prefix}/share/man'
'--infodir=\${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var'
'--disable-silent-rules' '--libdir=\${prefix}/lib/i386-linux-gnu'
'--libexecdir=\${prefix}/lib/i386-linux-gnu' '--disable-maintainer-mode'
'--disable-dependency-tracking' '--with-mailpath=/var/mail'
'--enable-compressed' '--enable-debug' '--enable-fcntl' '--enable-hcache'
'--enable-gpgme' '--enable-imap' '--enable-smtp' '--enable-pop'
'--enable-sidebar' '--enable-nntp' '--enable-notmuch' '--with-curses'
'--with-gnutls' '--with-gss' '--with-idn' '--with-mixmaster' '--with-sasl'
'--without-gdbm' '--without-bdb' '--without-qdbm' 'build_alias=i686-linux-gnu'
'CFLAGS=-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security'
'LDFLAGS=-fPIE -pie -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time
-D_FORTIFY_SOURCE=2'
Compilation CFLAGS: -Wall -pedantic -Wno-long-long -g -O2 -fPIE
-fstack-protector-strong -Wformat -Werror=format-security
Compile options:
+CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME
+DEBUG +DL_STANDALONE +ENABLE_NLS -EXACT_ADDRESS -HOMESPOOL -LOCALES_HACK
-SUN_ATTACHMENT +HAVE_BKGDSET +HAVE_COLOR +HAVE_CURS_SET +HAVE_GETADDRINFO
+HAVE_GETSID +HAVE_ICONV +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR
+HAVE_LIBIDN +HAVE_META +HAVE_REGCOMP +HAVE_RESIZETERM +HAVE_START_COLOR
+HAVE_TYPEAHEAD +HAVE_WC_FUNCS +ICONV_NONTRANS +USE_COMPRESSED +USE_DOTLOCK
+USE_FCNTL -USE_FLOCK -USE_GNU_REGEX +USE_GSS +USE_HCACHE +USE_IMAP
+USE_NOTMUCH +USE_NNTP +USE_POP +USE_SASL +USE_SETGID +USE_SIDEBAR +USE_SMTP
+USE_SSL_GNUTLS -USE_SSL_OPENSSL
-DOMAIN
MIXMASTER="mixmaster"
-ISPELL
SENDMAIL="/usr/sbin/sendmail"
MAILPATH="/var/mail"
PKGDATADIR="/usr/share/mutt"
SYSCONFDIR="/etc"
EXECSHELL="/bin/sh"
patch-quasi-delete-neo-git
patch-progress-neo-git
patch-status-color-neo-git
patch-index-color-neo-git
patch-nested-if-neo-git
patch-cond-date-neo-git
patch-tls-sni-neo-git
patch-sidebar-neo-git
patch-ifdef-neo-git
patch-fmemopen-neo-git
patch-initials-neo-git
patch-trash-neo-git
patch-limit-current-thread-neo-git
patch-skip-quoted-neo-git
patch-compress-neo-git
patch-keywords-neo-git
patch-nntp-neo-git
patch-lmdb-neo-git
patch-1.5.23.smime-encrypt-self.1
patch-new-mail-neo-git
patch-smime-encrypt-to-self-neo-git
patch-sensible-browser-neo-UNKNOWN
To learn more about NeoMutt, visit: http://www.neomutt.org/
If you find a bug in NeoMutt, please raise an issue at:
https://github.com/neomutt/neomutt/issues
or contact the lead developer: Richard Russon <[email protected]>
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (150, 'experimental')
Architecture: i386 (x86_64)
Kernel: Linux 3.14.67-vs2.3.6.15-x32-vserver+ (SMP w/2 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages mutt depends on:
ii libassuan0 2.4.3-1
ii libc6 2.23-4
ii libcomerr2 1.43.1-1
ii libgnutls30 3.5.2-2
ii libgpg-error0 1.24-1
ii libgpgme11 1.6.0-3
ii libgssapi-krb5-2 1.14.3+dfsg-1
ii libidn11 1.33-1
ii libk5crypto3 1.14.3+dfsg-1
ii libkrb5-3 1.14.3+dfsg-1
ii libncursesw5 6.0+20160625-1
ii libnotmuch4 0.22.1-2
ii libsasl2-2 2.1.26.dfsg1-15
ii libtinfo5 6.0+20160625-1
ii libtokyocabinet9 1.4.48-10
Versions of packages mutt recommends:
ii libsasl2-modules 2.1.26.dfsg1-15
ii locales 2.23-4
ii mime-support 3.60
Versions of packages mutt suggests:
pn aspell | ispell <none>
ii ca-certificates 20160104
ii gnupg 2.1.14-3
pn mixmaster <none>
ii openssl 1.0.2h-1
ii ssmtp [mail-transport-agent] 2.64-8
pn urlview <none>
Versions of packages mutt is related to:
ii mutt 1.6.2-1
-- no debconf information