[pkgsrc/pkgsrc-2006Q1]: pkgsrc/mail/mutt Pullup ticket 1705 - requested by tron

[ghen <ghen%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/3c4d79f4bb99
branches:  pkgsrc-2006Q1
changeset: 510353:3c4d79f4bb99
user:      ghen <ghen%pkgsrc.org@localhost>
date:      Tue Jun 20 11:00:56 2006 +0000

description:
Pullup ticket 1705 - requested by tron
security fix for mutt

Revisions pulled up:
- pkgsrc/mail/mutt/Makefile             via patch
- pkgsrc/mail/mutt/distinfo             1.30
- pkgsrc/mail/mutt/patches/patch-ae     1.4

   Module Name: pkgsrc
   Committed By:        tron
   Date:                Tue Jun 20 09:14:47 UTC 2006

   Modified Files:
        pkgsrc/mail/mutt: Makefile PLIST distinfo
   Added Files:
        pkgsrc/mail/mutt/patches: patch-ae

   Log Message:
   Add fix from the "mutt" CVS repository for a buffer overflow in the
   IMAP code which could be exploited by a malicious IMAP server.
   Bump package revision.

diffstat:

 mail/mutt/Makefile         |   4 ++--
 mail/mutt/distinfo         |   3 ++-
 mail/mutt/patches/patch-ae |  29 +++++++++++++++++++++++++++++
 3 files changed, 33 insertions(+), 3 deletions(-)

diffs (64 lines):

diff -r b8a1d728ad2b -r 3c4d79f4bb99 mail/mutt/Makefile
--- a/mail/mutt/Makefile        Thu Jun 15 14:52:13 2006 +0000
+++ b/mail/mutt/Makefile        Tue Jun 20 11:00:56 2006 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.136 2006/03/14 01:14:30 jlam Exp $
+# $NetBSD: Makefile,v 1.136.2.1 2006/06/20 11:00:56 ghen Exp $
 
 DISTNAME=              mutt-1.4.2.1i
 PKGNAME=               ${DISTNAME:C/i$//}
-PKGREVISION=           6
+PKGREVISION=           7
 CATEGORIES=            mail
 MASTER_SITES=          ftp://ftp.mutt.org/mutt/ \
                        ftp://ftp.stealth.net/pub/mirrors/ftp.mutt.org/pub/mutt/ \
diff -r b8a1d728ad2b -r 3c4d79f4bb99 mail/mutt/distinfo
--- a/mail/mutt/distinfo        Thu Jun 15 14:52:13 2006 +0000
+++ b/mail/mutt/distinfo        Tue Jun 20 11:00:56 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.28 2006/02/07 00:00:51 minskim Exp $
+$NetBSD: distinfo,v 1.28.2.1 2006/06/20 11:00:56 ghen Exp $
 
 SHA1 (mutt-1.4.2.1i.tar.gz) = 10fae2eef5a671d1ea6e17acd6e64cd1f37c3961
 RMD160 (mutt-1.4.2.1i.tar.gz) = 314536f77e0494dc6e4a5d57c681de791c8ce0fc
@@ -7,6 +7,7 @@
 SHA1 (patch-ab) = 9eb4d0d861fff0a6a387d035293e28c6dd17a06c
 SHA1 (patch-ac) = acfece3438c1cadc43247c590045699be7212ede
 SHA1 (patch-ad) = 6d7647913a0442ce474d02129d9bec0dbbd3df52
+SHA1 (patch-ae) = 442e3be4d0a5483e55f8e218cfbfc026e28235f5
 SHA1 (patch-ag) = c369b0b5d4855e50a016530f81190b2cbd47cef1
 SHA1 (patch-ah) = 04549728683b4250a26f6d6c7a212b8d505014d2
 SHA1 (patch-ai) = 317b736d6b9a896e1ee185cce37a1c2184c02cde
diff -r b8a1d728ad2b -r 3c4d79f4bb99 mail/mutt/patches/patch-ae
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/mutt/patches/patch-ae        Tue Jun 20 11:00:56 2006 +0000
@@ -0,0 +1,29 @@
+$NetBSD: patch-ae,v 1.3.14.1 2006/06/20 11:00:57 ghen Exp $
+
+--- imap/browse.c.orig 2002-02-26 10:38:56.000000000 +0000
++++ imap/browse.c      2006-06-20 10:05:32.000000000 +0100
+@@ -452,7 +452,7 @@
+           if (*s == '\"')
+           {
+             s++;
+-            while (*s && *s != '\"') 
++            while (*s && *s != '\"' && n < sizeof (ns) - 1) 
+             {
+               if (*s == '\\')
+                 s++;
+@@ -463,12 +463,14 @@
+               s++;
+           }
+           else
+-            while (*s && !ISSPACE (*s)) 
++            while (*s && !ISSPACE (*s) && n < sizeof (ns) - 1)
+             {
+               ns[n++] = *s;
+               s++;
+             }
+           ns[n] = '\0';
++          if (n == sizeof (ns) - 1)
++            dprint (1, (debugfile, "browse_get_namespace: too long: [%s]\n", ns));
+           /* delim? */
+           s = imap_next_word (s);
+           /* delimiter is meaningless if namespace is "". Why does