Update to 2.2.12 for fix CVE-2023-4874 and CVE-2023-4875

(cherry picked from commit e78afc10ea562f7adc25fe49b6af71e8be3034cf)
2023-09-14 14:30:47 +08:00 · 2023-09-14 14:30:47 +08:00 · a9c5a5c1fe
commit a9c5a5c1fe
parent 43f78418d6
7 changed files with 14 additions and 55 deletions
--- a/CVE-2022-1328.patch
+++ b/CVE-2022-1328.patch
@ -1,40 +0,0 @@
-From e5ed080c00e59701ca62ef9b2a6d2612ebf765a5 Mon Sep 17 00:00:00 2001
-From: Kevin McCarthy <kevin@8t8.us>
-Date: Tue, 5 Apr 2022 11:05:52 -0700
-Subject: [PATCH] Fix uudecode buffer overflow.
-
-mutt_decode_uuencoded() used each line's initial "length character"
-without any validation.  It would happily read past the end of the
-input line, and with a suitable value even past the length of the
-input buffer.
-
-As I noted in ticket 404, there are several other changes that could
-be added to make the parser more robust.  However, to avoid
-accidentally introducing another bug or regression, I'm restricting
-this patch to simply addressing the overflow.
-
-Thanks to Tavis Ormandy for reporting the issue, along with a sample
-message demonstrating the problem.
---
- handler.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/handler.c b/handler.c
-index d1b4bc73..c97cf0cb 100644
--- a/handler.c
-+++ b/handler.c
-@@ -404,9 +404,9 @@ static void mutt_decode_uuencoded (STATE *s, LOFF_T len, int istext, iconv_t cd)
-     pt = tmps;
-     linelen = decode_byte (*pt);
-     pt++;
-    for (c = 0; c < linelen;)
-+    for (c = 0; c < linelen && *pt;)
-     {
-      for (l = 2; l <= 6; l += 2)
-+      for (l = 2; l <= 6 && *pt && *(pt + 1); l += 2)
-       {
- 	out = decode_byte (*pt) << l;
- 	pt++;
-- 
-GitLab
-
--- a/mutt-1.12.1-optusegpgagent.patch
+++ b/mutt-1.12.1-optusegpgagent.patch
@ -1,13 +1,12 @@
-diff --git a/init.h b/init.h
-index acc7d8b..14d417c 100644
--- a/init.h
-+++ b/init.h
+diff -up mutt-1.12.1/init.h.optusegpgagent mutt-1.12.1/init.h
+--- mutt-1.12.1/init.h.optusegpgagent	2019-08-29 09:29:38.868810511 +0200
+++ mutt-1.12.1/init.h	2019-08-29 09:30:29.899395370 +0200
@@ -2444,7 +2444,7 @@ struct option_t MuttVars[] = {
-   ** subprocess failed.
+   ** not used.
   ** (PGP only)
   */
-  { "pgp_check_gpg_decrypt_status_fd", DT_BOOL, R_NONE, {.l=OPTPGPCHECKGPGDECRYPTSTATUSFD}, {.l=1} },
-+  { "pgp_check_gpg_decrypt_status_fd", DT_BOOL, R_NONE, {.l=OPTPGPCHECKGPGDECRYPTSTATUSFD}, {.l=0} },
+-  { "pgp_use_gpg_agent", DT_BOOL, R_NONE, {.l=OPTUSEGPGAGENT}, {.l=1} },
+  { "pgp_use_gpg_agent", DT_BOOL, R_NONE, {.l=OPTUSEGPGAGENT}, {.l=0} },
   /*
   ** .pp
-   ** If \fIset\fP, mutt will check the status file descriptor output
+   ** If \fIset\fP, mutt expects a \fCgpg-agent(1)\fP process will handle
--- a/mutt-1.5.23-system_certs.patch
+++ b/mutt-1.5.23-system_certs.patch
@ -4,7 +4,7 @@ diff -rup mutt-17a4f92e4a95-orig/init.h mutt-17a4f92e4a95-new/init.h
@@ -2989,7 +2989,7 @@ struct option_t MuttVars[] = {
   */
 #if defined(USE_SSL)
- #ifdef USE_SSL_GNUTLS
+ # ifdef USE_SSL_GNUTLS
 -  { "ssl_ca_certificates_file", DT_PATH, R_NONE, {.p=&SslCACertFile}, {.p=0} },
 +  { "ssl_ca_certificates_file", DT_PATH, R_NONE, {.p=&SslCACertFile}, {.p="/etc/ssl/certs/ca-bundle.crt"} },
   /*
--- a/mutt-1.8.0-cabundle.patch
+++ b/mutt-1.8.0-cabundle.patch
@ -26,4 +26,3 @@ diff -ur mutt-1.8.0.orig/doc/smime-notes.txt mutt-1.8.0/doc/smime-notes.txt
   signed by one of them. You can use "smime_keys add_root" to do so, or
   just copy ca-bundle.crt into the place you point mutt's smime_ca_location
   variable to.
-
--- a/mutt-2.1.3.tar.gz
+++ b/mutt-2.1.3.tar.gz
--- a/mutt-2.2.12.tar.gz
+++ b/mutt-2.2.12.tar.gz
--- a/mutt.spec
+++ b/mutt.spec
@ -1,11 +1,11 @@
 Name:           mutt
-Version:        2.1.3
-Release:        2
+Version:        2.2.12
+Release:        1
 Epoch:          5
 Summary:        Text-based mail client
 License:        GPLv2+ and Public Domain
 URL:            http://www.mutt.org
-Source:         ftp://ftp.mutt.org/pub/%{name}/%{name}-%{version}.tar.gz
+Source0:        http://ftp.mutt.org/pub/%{name}/%{name}-%{version}.tar.gz
 Source1:        mutt_ldap_query

 Patch1:         mutt-1.5.23-system_certs.patch
@ -16,8 +16,6 @@ Patch5:         mutt-1.9.4-lynx_no_backscapes.patch
 Patch6:         mutt-1.9.5-nodotlock.patch
 Patch7:         mutt-1.10.0-muttrc.patch
 Patch8:         mutt-1.12.1-optusegpgagent.patch
-#https://gitlab.com/muttmua/mutt/-/commit/e5ed080c00e59701ca62ef9b2a6d2612ebf765a5.patch
-Patch9:         CVE-2022-1328.patch

 BuildRequires:  gcc ncurses-devel gettext automake /usr/bin/xsltproc
 BuildRequires:  lynx docbook-style-xsl perl-interpreter perl-generators
@ -125,6 +123,9 @@ ln -sf ./muttrc.5 %{buildroot}%{_mandir}/man5/muttrc.local.5
 %{_infodir}/mutt.info.*

 %changelog
+* Thu Sep 14 2023 yaoxin <yao_xin001@hoperun.com> - 5:2.2.12-1
+- Update to 2.2.12 for fix CVE-2023-4874 and CVE-2023-4875
+
 * Sun Apr 24 2022 yaoxin <yaoxin30@h-partners.com> - 2.1.3-2
 - Fix CVE-2022-1328