Subject: pkg/20814: Updated package: mutt-1.4.1
To: None <gnats-bugs@gnats.netbsd.org>
From: None <cube@cubidou.net>
List: netbsd-bugs
Date: 03/20/2003 04:32:27
>Number: 20814
>Category: pkg
>Synopsis: Updated package: mutt-1.4.1
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: pkg-manager
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Wed Mar 19 19:33:00 PST 2003
>Closed-Date:
>Last-Modified:
>Originator: Quentin Garnier
>Release: NetBSD 1.6P
>Organization:
Quentin Garnier - cube@cubidou.net
"Feels like I'm fiddling while Rome is burning down.
Should I lay my fiddle down and take a rifle from the ground ?"
Leigh Nash/Sixpence None The Richer, Paralyzed, Divine Discontents, 2002.
>Environment:
System: NetBSD padme 1.6P NetBSD 1.6P (NVIDIA_ACPI-$Revision: 1.2 $) #14: Thu Mar 6 10:39:28 CET 2003 cube@padme:/home/cube/src/nv-netbsd/netvidia/src/sys/arch/i386/compile/NVIDIA_ACPI i386
Architecture: i386
Machine: i386
>Description:
From: Thomas Roessler <roessler@does-not-exist.org>
To: BUGTRAQ@securityfocus.com
Subject: mutt-1.4.1 fixes a buffer overflow.
Date: Thu, 20 Mar 2003 00:15:46 +0100
Mutt versions 1.4.1 and 1.5.4 have just been released and will soon
be available from ftp://ftp.mutt.org/mutt/.
Both versions fix a buffer overflow in mutt's IMAP client code which
was identified by Core Security Technologies, and fixed by Edmund
Grimley Evans. A more detailed advisory will be published by Core
Security.
Version 1.4.1 is a release on mutt's stable branch. The only
differences against 1.4 are a number of bug fixes. If you are
currently using mutt 1.4, it's probably a very good idea to update.
(continues about 1.5.4)
>How-To-Repeat:
>Fix:
Main site path changed. Not knowing exactly what to change,
I grabbed the whole list from www.mutt.org and pasted it in
the Makefile.
Index: Makefile
===================================================================
RCS file: /cvsroot/pkgsrc/mail/mutt/Makefile,v
retrieving revision 1.92
diff -u -r1.92 Makefile
--- Makefile 2003/03/13 02:35:30 1.92
+++ Makefile 2003/03/20 03:26:10
@@ -1,13 +1,45 @@
# $NetBSD: Makefile,v 1.92 2003/03/13 02:35:30 jschauma Exp $
-DISTNAME= mutt-1.4i
+DISTNAME= mutt-1.4.1i
PKGNAME= ${DISTNAME:C/i$//}
-PKGREVISION= 3
CATEGORIES= mail
-MASTER_SITES= ftp://ftp.mutt.org/pub/mutt/ \
- ftp://ftp.stealth.net/pub/mirrors/ftp.mutt.org/pub/mutt/ \
+MASTER_SITES= ftp://ftp.mutt.org/mutt/ \
+ ftp://ftp.gbnet.net/pub/mutt-international/ \
+ ftp://ftp.fu-berlin.de/pub/unix/mail/mutt/ \
+ ftp://ftp.gwdg.de/pub/unix/mail/mutt/international/ \
+ ftp://ftp.iks-jena.de/pub/mitarb/lutz/crypt/software/pgp/mutt/ \
+ ftp://uiarchive.cso.uiuc.edu/pub/packages/mail/mutt/ \
+ ftp://ftp.lip6.fr/pub/unix/mail/mutt/ \
+ ftp://ftp.42.org/pub/unix/mail/mutt/ \
ftp://gd.tuwien.ac.at/infosys/mail/mutt/ \
- ftp://ftp.fu-berlin.de/pub/unix/mail/mutt/
+ ftp://ftp.demon.co.uk/pub/mirrors/mutt/ \
+ ftp://ftp.ntua.gr/pub/net/mail/mutt/ \
+ ftp://ftp.freesoftware.com/pub/mutt/ \
+ ftp://ftp.kfki.hu/pub/packages/mail/mutt/ \
+ ftp://sunsite.uio.no/pub/mail/mutt/ \
+ ftp://pgp.rasip.fer.hr/pub/mutt/ \
+ ftp://ftp.arch.pwr.wroc.pl/pub/mutt/ \
+ ftp://ftp.uib.no/pub/mutt/ \
+ ftp://ftp.spyda.net/pub/mutt/ \
+ ftp://ftp.linux.it/pub/mirrors/mutt/ \
+ ftp://ftp3.linux.it/pub/mirrors/mutt/ \
+ ftp://ftp.funet.fi/pub/unix/mail/mutt/ \
+ ftp://ftp.jp.qmail.org/mutt/ \
+ ftp://ftp.is.co.za/networking/mail/mua/mutt/ \
+ ftp://ftp.medasys-digital-systems.fr/pub/unix/mutt/ \
+ ftp://strasbourg.linuxfr.org/pub/mutt/ \
+ ftp://ftp.parodius.com/pub/mutt/ \
+ ftp://dimonieta.udg.es/mirror/mutt/ \
+ ftp://ftp.gigabell.net/pub/mutt/ \
+ ftp://ftp.gin.cz/pub/MIRRORS/ftp.mutt.org/ \
+ http://mutt.nitnet.com.br/ \
+ ftp://unix.nitnet.com.br/pub/mutt/ \
+ ftp://ftp.nluug.nl/pub/mail/mutt/ \
+ ftp://ftp.franken.de/pub/linux/mutt/ \
+ ftp://ftp.stealth.net/pub/mirrors/ftp.mutt.org/pub/mutt/ \
+ ftp://ftp.exobit.org/pub/mail/mutt/ \
+ http://mirrors.sunsite.dk/mutt/ \
+ ftp://sunsite.dk/mirrors/mutt/
MAINTAINER= tron@netbsd.org
HOMEPAGE= http://www.mutt.org/
Index: distinfo
===================================================================
RCS file: /cvsroot/pkgsrc/mail/mutt/distinfo,v
retrieving revision 1.12
diff -u -r1.12 distinfo
--- distinfo 2002/12/03 21:21:57 1.12
+++ distinfo 2003/03/20 03:26:10
@@ -1,9 +1,9 @@
$NetBSD: distinfo,v 1.12 2002/12/03 21:21:57 jmmv Exp $
-SHA1 (mutt-1.4i.tar.gz) = 6b7fb8440de18f12ceb24a486a1bbe77fce93955
-Size (mutt-1.4i.tar.gz) = 2554158 bytes
+SHA1 (mutt-1.4.1i.tar.gz) = 34622caf9d04979d8ad01219050288561998f64b
+Size (mutt-1.4.1i.tar.gz) = 2599487 bytes
SHA1 (patch-ab) = e0d3c5b90c94a501436aa037f5538c4ab12b04bc
SHA1 (patch-ad) = 63abea4130832d7612a904f7954ab9c97b3b80ac
SHA1 (patch-ae) = 7a7bc491c9f58b6ba26d5619182fb812d0f5e94e
-SHA1 (patch-af) = 7ab4b6f8f6457317216d1d4126a19c07a478abad
+SHA1 (patch-af) = 5f987c889a035be5c5d158743fbe9edfb06aa308
SHA1 (patch-ag) = a1574bfe28b2a0ee5295a3f3529b6865f72075fa
Index: patches/patch-af
===================================================================
RCS file: /cvsroot/pkgsrc/mail/mutt/patches/patch-af,v
retrieving revision 1.3
diff -u -r1.3 patch-af
--- patches/patch-af 2002/12/03 21:21:57 1.3
+++ patches/patch-af 2003/03/20 03:26:10
@@ -1,8 +1,8 @@
-$NetBSD: patch-af,v 1.3 2002/12/03 21:21:57 jmmv Exp $
+$NetBSD$
---- doc/mutt.man.in.orig Thu Aug 30 14:55:37 2001
+--- doc/mutt.man.in.orig 2002-07-24 10:41:31.000000000 +0200
+++ doc/mutt.man.in
-@@ -124,21 +124,19 @@ Editor to invoke when the ~v command is
+@@ -124,21 +124,19 @@ Specifies the editor to use when composi
.PP
.IP "~/.muttrc or ~/.mutt/muttrc"
User configuration file.
@@ -15,7 +15,7 @@
User definition for handling non-text MIME types.
-.IP "/etc/mailcap"
+.IP "@PKG_SYSCONFDIR@/mailcap"
- System definition for handing non-text MIME types.
+ System definition for handling non-text MIME types.
.IP "~/.mime.types"
User's personal mapping between MIME types and file extensions.
-.IP "/etc/mime.types"
>Release-Note:
>Audit-Trail:
>Unformatted: