[Frugalware-darcs] frugalware-current: mutt-devel-1.5.15-2-i686

voroskoi voroskoi at frugalware.org
Thu Jun 7 16:22:40 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-current;a=darcs_commitdiff;h=20070607125436-dd049-1760bdd836e50e0269716cc7d41d0eb9a1550229.gz;

[mutt-devel-1.5.15-2-i686
voroskoi <voroskoi at frugalware.org>**20070607125436
 secfix bump, closes #2139
] {
addfile ./source/network-extra/mutt-devel/CVE-2007-2683.diff
hunk ./source/network-extra/mutt-devel/CVE-2007-2683.diff 1
+
+# HG changeset patch
+# User Jonathan Smith <https://issues.rpath.com/>
+# Date 1179873167 14400
+# Node ID 736653ce1896d754da5771458af0c6f68c4cf17c
+# Parent 3d1d7f6cf693b610993860b2495fb3f01da97f88
+merge changeset 47d08903b79b: Use signed arithmetic in mutt_gecos_name to =
avoid an overflow. Closes #2885.
+
+--- a/muttlib.c	Mon Apr 02 15:20:58 2007 -0700
++++ b/muttlib.c	Tue May 22 18:32:47 2007 -0400
+@@ -514,7 +514,7 @@ char *mutt_gecos_name (char *dest, size_
+     if (dest[idx] =3D=3D '&')
+     {
+       memmove (&dest[idx + pwnl], &dest[idx + 1],
+-	       MAX(destlen - idx - pwnl - 1, 0));
++	       MAX((ssize_t)(destlen - idx - pwnl - 1), 0));
+       memcpy (&dest[idx], pw->pw_name, MIN(destlen - idx - 1, pwnl));
+       dest[idx] =3D toupper (dest[idx]);
+     }
+
hunk ./source/network-extra/mutt-devel/FrugalBuild 8
-pkgrel=3D1
+pkgrel=3D2
hunk ./source/network-extra/mutt-devel/FrugalBuild 19
-source=3D(ftp://ftp.mutt.org/$origname/devel/$origname-${pkgver}.tar.gz)
-signatures=3D($source.asc)
+source=3D(ftp://ftp.mutt.org/$origname/devel/$origname-${pkgver}.tar.gz CV=
E-2007-2683.diff)
+signatures=3D($source.asc '')
}


More information about the Frugalware-darcs mailing list