ports/99613: maintainer-update of mail/mutt-devel
Udo Schweigert
udo.schweigert at siemens.com
Thu Jun 29 16:10:51 UTC 2006
>Number: 99613
>Category: ports
>Synopsis: maintainer-update of mail/mutt-devel
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Thu Jun 29 16:10:16 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Udo Schweigert
>Release: FreeBSD 6.1-RELEASE-p2 i386
>Organization:
>Environment:
>Description:
Maintainer update of mail/mutt-devel:
- Fix IMAP buffer overflow
(http://www.securityfocus.com/bid/18642)
>How-To-Repeat:
>Fix:
diff -ru /usr/ports/mail/mutt-devel/Makefile ./Makefile
--- /usr/ports/mail/mutt-devel/Makefile Fri Jun 23 06:07:58 2006
+++ ./Makefile Thu Jun 29 17:25:17 2006
@@ -107,7 +107,7 @@
PORTNAME= mutt-devel
PORTVERSION= 1.5.11
-PORTREVISION?= 2
+PORTREVISION?= 3
CATEGORIES+= mail ipv6
.if defined(WITH_MUTT_NNTP)
CATEGORIES+= news
diff -ru /usr/ports/mail/mutt-devel/files/patch-imap-browse.c ./files/patch-imap-browse.c
--- /usr/ports/mail/mutt-devel/files/patch-imap-browse.c Thu Jan 1 01:00:00 1970
+++ ./files/patch-imap-browse.c Thu Jun 29 17:24:49 2006
@@ -0,0 +1,28 @@
+--- imap/browse.c.orig
++++ imap/browse.c
+@@ -505,7 +505,7 @@ static int browse_get_namespace (IMAP_DA
+ if (*s == '\"')
+ {
+ s++;
+- while (*s && *s != '\"')
++ while (*s && *s != '\"' && n < sizeof (ns) - 1)
+ {
+ if (*s == '\\')
+ s++;
+@@ -516,12 +516,14 @@ static int browse_get_namespace (IMAP_DA
+ s++;
+ }
+ else
+- while (*s && !ISSPACE (*s))
++ while (*s && !ISSPACE (*s) && n < sizeof (ns) - 1)
+ {
+ ns[n++] = *s;
+ s++;
+ }
+ ns[n] = '\0';
++ if (n == sizeof (ns) - 1)
++ dprint (1, (debugfile, "browse_get_namespace: too long: [%s]\n", ns));
+ /* delim? */
+ s = imap_next_word (s);
+ /* delimiter is meaningless if namespace is "". Why does
+
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list