[mutt] 02/02: upstream/827189-opportunistic-encryption-crash.patch: do not crash when doing opportunistic encryption with long addresses (Closes: 827189).
Antonio Radici
antonio at moszumanska.debian.org
Tue Sep 13 19:11:46 UTC 2016
This is an automated email from the git hooks/post-receive script.
antonio pushed a commit to branch master
in repository mutt.
commit 07b5c8d428814374f57f158e3c97f10a33e87afd
Author: Antonio Radici <antonio at debian.org>
Date: Tue Sep 13 16:16:11 2016 +0100
upstream/827189-opportunistic-encryption-crash.patch: do not crash when doing opportunistic encryption with long addresses (Closes: 827189).
---
debian/changelog | 2 ++
debian/patches/series | 1 +
.../827189-opportunistic-encryption-crash.patch | 26 ++++++++++++++++++++++
3 files changed, 29 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index acfd24f..5d1bbeb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,8 @@ mutt (1.7.0-5) UNRELEASED; urgency=medium
+ neomutt-devel/837601-do-not-segfault-on-new-mails.patch: updated to
prevent crash when exiting from the pager while viewing a composed email
(Closes: 837634).
+ + upstream/827189-opportunistic-encryption-crash.patch: do not crash when
+ doing opportunistic encryption with long addresses (Closes: 827189).
-- Antonio Radici <antonio at debian.org> Tue, 13 Sep 2016 14:57:35 +0100
diff --git a/debian/patches/series b/debian/patches/series
index 2809d50..d22a506 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -27,4 +27,5 @@ upstream/833192-preserve-messageid-for-postponed-emails.patch
upstream/644992-ipv6-literal.patch
upstream/549204-clear-N-on-readonly-imap-folders.patch
upstream/837372-do-not-color-gpgme-output.patch
+upstream/827189-opportunistic-encryption-crash.patch
upstream/openssl-1.1-build.patch
diff --git a/debian/patches/upstream/827189-opportunistic-encryption-crash.patch b/debian/patches/upstream/827189-opportunistic-encryption-crash.patch
new file mode 100644
index 0000000..e19c9fb
--- /dev/null
+++ b/debian/patches/upstream/827189-opportunistic-encryption-crash.patch
@@ -0,0 +1,26 @@
+The following patch prevents a crash due to a buffer overflow when a mail
+contains a '+' in its address and opportunistic encryption is used.
+
+Debian bug: http://bugs.debian.org/827189
+Upstream issue: http://bugs.mutt.org/3873
+
+--- a/crypt-gpgme.c
++++ b/crypt-gpgme.c
+@@ -3708,7 +3708,7 @@
+ {
+ for(s = l->data; *s; s++)
+ {
+- if (*s == '%')
++ if (*s == '%' || *s == '+')
+ n += 2;
+ n++;
+ }
+@@ -3716,6 +3716,8 @@
+ }
+ n++; /* make sure to allocate at least one byte */
+ pattern = p = safe_calloc (1,n);
++ if (!pattern)
++ return NULL;
+ for(l=list; l; l = l->next)
+ {
+ s = l->data;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-mutt/mutt.git
More information about the pkg-mutt-commits
mailing list