* [gentoo-commits] gentoo-x86 commit in mail-client/mutt/files: mutt-1.5.22-cve-2014-0567.patch
@ 2014-03-13 20:44 Alexander Vershilov (qnikst)
0 siblings, 0 replies; 2+ messages in thread
From: Alexander Vershilov (qnikst) @ 2014-03-13 20:44 UTC (permalink / raw
To: gentoo-commits
qnikst 14/03/13 20:44:53
Added: mutt-1.5.22-cve-2014-0567.patch
Log:
fix buffer overflow issue (CVE-2014-0567), bug #504462
(Portage version: 2.2.8-r1/cvs/Linux x86_64, signed Manifest commit with key 0xEAD50D64D8D3571A!)
Revision Changes Path
1.1 mail-client/mutt/files/mutt-1.5.22-cve-2014-0567.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-client/mutt/files/mutt-1.5.22-cve-2014-0567.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-client/mutt/files/mutt-1.5.22-cve-2014-0567.patch?rev=1.1&content-type=text/plain
Index: mutt-1.5.22-cve-2014-0567.patch
===================================================================
# HG changeset patch
# User Michael Elkins <me@sigpipe.org>
# Date 1394556009 25200
# Tue Mar 11 09:40:09 2014 -0700
# Branch stable
# Node ID 9bf7593e3c08cc32bd69595d5c1cac75c29ba09d
# Parent 3d5e23a66a1a179d9be25767e634174905ae2bdb
Fix buffer overrun caused by not updating a string length after address expansion.
diff --git a/copy.c b/copy.c
--- a/copy.c
+++ b/copy.c
@@ -254,6 +254,7 @@
{
if (!address_header_decode (&this_one))
rfc2047_decode (&this_one);
+ this_one_len = mutt_strlen (this_one);
}
if (!headers[x])
^ permalink raw reply [flat|nested] 2+ messages in thread
* [gentoo-commits] gentoo-x86 commit in mail-client/mutt/files: mutt-1.5.22-cve-2014-0567.patch
@ 2015-04-23 7:44 Fabian Groffen (grobian)
0 siblings, 0 replies; 2+ messages in thread
From: Fabian Groffen (grobian) @ 2015-04-23 7:44 UTC (permalink / raw
To: gentoo-commits
grobian 15/04/23 07:44:50
Removed: mutt-1.5.22-cve-2014-0567.patch
Log:
Drop vulnerable version
(Portage version: 2.2.14-prefix/cvs/SunOS i386, signed Manifest commit with key 0x5F75F607C5C74E89)
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-04-23 7:45 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-03-13 20:44 [gentoo-commits] gentoo-x86 commit in mail-client/mutt/files: mutt-1.5.22-cve-2014-0567.patch Alexander Vershilov (qnikst)
-- strict thread matches above, loose matches on Subject: below --
2015-04-23 7:44 Fabian Groffen (grobian)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox