gnu: Mutt: Update to 2.0.5.

* gnu/packages/patches/mutt-CVE-2021-3181.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
* gnu/packages/mail.scm (mutt): Update to 2.0.5.
[source]: Remove obsolete patch.
This commit is contained in:
Leo Famulari 2021-01-25 16:36:53 -05:00
parent 608ca22a81
commit 59c03bd4f9
No known key found for this signature in database
GPG key ID: 2646FA30BACA7F08
3 changed files with 3 additions and 50 deletions

View file

@ -1385,7 +1385,6 @@ dist_patch_DATA = \
%D%/packages/patches/mupen64plus-video-z64-glew-correct-path.patch \
%D%/packages/patches/musl-cross-locale.patch \
%D%/packages/patches/mutt-store-references.patch \
%D%/packages/patches/mutt-CVE-2021-3181.patch \
%D%/packages/patches/m4-gnulib-libio.patch \
%D%/packages/patches/ncompress-fix-softlinks.patch \
%D%/packages/patches/netcdf-date-time.patch \

View file

@ -445,7 +445,7 @@ (define-public fetchmail
(define-public mutt
(package
(name "mutt")
(version "2.0.4")
(version "2.0.5")
(source (origin
(method url-fetch)
(uri (list
@ -455,9 +455,8 @@ (define-public mutt
version ".tar.gz")))
(sha256
(base32
"1m4ig69qw4g3lhm4351snmy5i0ch65fqc9vqqdybr6jy21w7w225"))
(patches (search-patches "mutt-store-references.patch"
"mutt-CVE-2021-3181.patch"))))
"0k80s27sf7djb7zxj81ihksr8jkr71mfaa8976fzh41i1pn5l7g2"))
(patches (search-patches "mutt-store-references.patch"))))
(build-system gnu-build-system)
(inputs
`(("cyrus-sasl" ,cyrus-sasl)

View file

@ -1,45 +0,0 @@
Fix CVE-2021-3181:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3181
Patch copied from upstream source repository:
https://gitlab.com/muttmua/mutt/-/commit/c059e20ea4c7cb3ee9ffd3500ffe313ae84b2545
From c059e20ea4c7cb3ee9ffd3500ffe313ae84b2545 Mon Sep 17 00:00:00 2001
From: Kevin McCarthy <kevin@8t8.us>
Date: Sun, 17 Jan 2021 10:40:37 -0800
Subject: [PATCH] Fix memory leak parsing group address.
When there was a group address terminator with no previous addresses,
an address would be allocated but not attached to the address list.
Change this to only allocate when last exists.
It would be more correct to not allocate at all unless we are inside a
group list, but I will address that in a separate commit to master.
---
rfc822.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/rfc822.c b/rfc822.c
index 7ff4eaa3..ced619f2 100644
--- a/rfc822.c
+++ b/rfc822.c
@@ -587,11 +587,10 @@ ADDRESS *rfc822_parse_adrlist (ADDRESS *top, const char *s)
#endif
/* add group terminator */
- cur = rfc822_new_address ();
if (last)
{
- last->next = cur;
- last = cur;
+ last->next = rfc822_new_address ();
+ last = last->next;
}
phraselen = 0;
--
GitLab