Date: Thu, 29 Jun 2006 17:32:53 +0200 (CEST) From: Udo Schweigert <udo.schweigert@siemens.com> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/99614: maintainer-update of mail/mutt Message-ID: <200606291532.k5TFWrCR059796@alaska.cert.siemens.com> Resent-Message-ID: <200606291610.k5TGAHBd079542@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 99614 >Category: ports >Synopsis: maintainer-update of mail/mutt >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Thu Jun 29 16:10:16 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Udo Schweigert >Release: FreeBSD 6.1-RELEASE-p2 i386 >Organization: >Environment: >Description: Maintainer update of mail/mutt: - Fix IMAP buffer overflow (http://www.securityfocus.com/bid/18642) >How-To-Repeat: >Fix: diff -ru /usr/ports/mail/mutt/Makefile ./Makefile --- /usr/ports/mail/mutt/Makefile Thu May 11 00:36:57 2006 +++ ./Makefile Thu Jun 29 17:22:01 2006 @@ -8,7 +8,7 @@ PORTNAME= mutt PORTVERSION= 1.4.2.1 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES+= mail ipv6 MASTER_SITES= ftp://ftp.mutt.org/mutt/ \ ftp://ftp.fu-berlin.de/pub/unix/mail/mutt/ \ diff -ru /usr/ports/mail/mutt/files/patch-imap-browse.c ./files/patch-imap-browse.c --- /usr/ports/mail/mutt/files/patch-imap-browse.c Thu Jan 1 01:00:00 1970 +++ ./files/patch-imap-browse.c Thu Jun 29 17:19:44 2006 @@ -0,0 +1,28 @@ +--- imap/browse.c.orig ++++ imap/browse.c +@@ -505,7 +505,7 @@ static int browse_get_namespace (IMAP_DA + if (*s == '\"') + { + s++; +- while (*s && *s != '\"') ++ while (*s && *s != '\"' && n < sizeof (ns) - 1) + { + if (*s == '\\') + s++; +@@ -516,12 +516,14 @@ static int browse_get_namespace (IMAP_DA + s++; + } + else +- while (*s && !ISSPACE (*s)) ++ while (*s && !ISSPACE (*s) && n < sizeof (ns) - 1) + { + ns[n++] = *s; + s++; + } + ns[n] = '\0'; ++ if (n == sizeof (ns) - 1) ++ dprint (1, (debugfile, "browse_get_namespace: too long: [%s]\n", ns)); + /* delim? */ + s = imap_next_word (s); + /* delimiter is meaningless if namespace is "". Why does + >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200606291532.k5TFWrCR059796>