From 303824af5b46a17bc4fd357c8de9f17bc934be3d Mon Sep 17 00:00:00 2001 From: Matej Muzila Date: Tue, 9 Jun 2015 10:43:48 +0200 Subject: [PATCH 1/5] Update to hg snapshot 17a4f92e4a95 - Resolves #1227288 (Do not send "From" header without the host part (eg. )) --- .gitignore | 1 + mutt.spec | 18 ++++++++++-------- sources | 2 +- 3 files changed, 12 insertions(+), 9 deletions(-) diff --git a/.gitignore b/.gitignore index 7cd8a74..6df79e0 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ mutt-1.5.20-20100718hg1a35f0.tar.bz2 mutt-1.5.21.tar.gz mutt-1.5.22.tar.gz mutt-1.5.23.tar.gz +/mutt-1.5.23-20150609hg17a4f92e4a95.tar.gz diff --git a/mutt.spec b/mutt.spec index 87a143f..e880ac6 100644 --- a/mutt.spec +++ b/mutt.spec @@ -12,19 +12,22 @@ %bcond_with qdbm %bcond_with gdbm %bcond_without gpgme +%global commithash 17a4f92e4a95 +%global snapver 20150609hg%{?commithash} %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} Summary: A text mode mail user agent Name: mutt Version: 1.5.23 -Release: 8%{?dist} +Release: 8.%{?snapver}%{?dist} Epoch: 5 # The entire source code is GPLv2+ except # pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain License: GPLv2+ and Public Domain Group: Applications/Internet -Source: ftp://ftp.mutt.org/mutt/devel/mutt-%{version}.tar.gz +# hg snapshot created from http://dev.mutt.org/hg/mutt +Source: %{name}-%{version}-%{?snapver}.tar.gz Source1: mutt_ldap_query Patch1: mutt-1.5.18-muttrc.patch Patch2: mutt-1.5.21-cabundle.patch @@ -32,7 +35,6 @@ Patch2: mutt-1.5.21-cabundle.patch Patch3: mutt-1.5.21-syncdebug.patch # FIXME make it to upstream Patch4: mutt-1.5.23-add_debug_option.patch -Patch5: mutt-1.5.23-sendlib.patch Patch7: mutt-1.5.23-domainname.patch Url: http://www.mutt.org/ Requires: mailcap, urlview @@ -72,7 +74,7 @@ for selecting groups of messages. %prep # unpack; cd -%setup -q +%setup -q -n %{name}-%{?commithash} # disable mutt_dotlock program - disable post-install mutt_dotlock checking sed -i -r 's|install-exec-hook|my-useless-label|' Makefile.am # do not run ./prepare -V, because it also runs ./configure @@ -81,7 +83,6 @@ autoreconf --install %patch2 -p1 -b .cabundle %patch3 -p1 -b .syncdebug %patch4 -p1 -b .add_debug_option -%patch5 -p1 -b .sendlib %patch7 -p1 -b .domainname @@ -188,9 +189,10 @@ ln -sf ./muttrc.5 $RPM_BUILD_ROOT%{_mandir}/man5/muttrc.local.5 %changelog -* Tue Jun 02 2015 Matej Muzila - 5:1.5.23-8 -- Resolves #1227288 -- Do not send "From" header without the host part (eg. ) +* Tue Jun 09 2015 Matej Muzila - 5:1.5.23-8.20150609hg17a4f92e4a95 +- Update to hg snapshot 17a4f92e4a95 +- Resolves #1227288 (Do not send "From" header without the + host part (eg. )) * Wed Dec 03 2014 Matej Muzila - 5:1.5.23-7 - added patch file forgotten in last commit diff --git a/sources b/sources index 3b69a44..ba708c5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -11f5b6a3eeba1afa1257fe93c9f26bff mutt-1.5.23.tar.gz +a91b8e5849e0024fc13ee4336ddb734e mutt-1.5.23-20150609hg17a4f92e4a95.tar.gz From 7203a0ba66c458417d1263718ea3fa4c4c697819 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 17 Jun 2015 21:16:24 +0000 Subject: [PATCH 2/5] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild --- mutt.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mutt.spec b/mutt.spec index e880ac6..cdc3b1c 100644 --- a/mutt.spec +++ b/mutt.spec @@ -20,7 +20,7 @@ Summary: A text mode mail user agent Name: mutt Version: 1.5.23 -Release: 8.%{?snapver}%{?dist} +Release: 9.%{?snapver}%{?dist} Epoch: 5 # The entire source code is GPLv2+ except # pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain @@ -189,6 +189,9 @@ ln -sf ./muttrc.5 $RPM_BUILD_ROOT%{_mandir}/man5/muttrc.local.5 %changelog +* Wed Jun 17 2015 Fedora Release Engineering - 5:1.5.23-9.20150609hg17a4f92e4a95 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + * Tue Jun 09 2015 Matej Muzila - 5:1.5.23-8.20150609hg17a4f92e4a95 - Update to hg snapshot 17a4f92e4a95 - Resolves #1227288 (Do not send "From" header without the From 9ce4307ae64ff38eebb6b85da91c87ffdda2dbb7 Mon Sep 17 00:00:00 2001 From: Matej Muzila Date: Thu, 25 Jun 2015 16:15:39 +0200 Subject: [PATCH 3/5] Make system CA bundle default in mutt - Resolves: #1069778 --- mutt-1.5.23-system_certs.patch | 12 ++++++++++++ mutt.spec | 9 +++++++-- 2 files changed, 19 insertions(+), 2 deletions(-) create mode 100644 mutt-1.5.23-system_certs.patch diff --git a/mutt-1.5.23-system_certs.patch b/mutt-1.5.23-system_certs.patch new file mode 100644 index 0000000..41d7840 --- /dev/null +++ b/mutt-1.5.23-system_certs.patch @@ -0,0 +1,12 @@ +diff -rup mutt-17a4f92e4a95-orig/init.h mutt-17a4f92e4a95-new/init.h +--- mutt-17a4f92e4a95-orig/init.h 2015-06-07 22:59:32.000000000 +0200 ++++ mutt-17a4f92e4a95-new/init.h 2015-06-25 15:28:56.095570332 +0200 +@@ -2989,7 +2989,7 @@ struct option_t MuttVars[] = { + */ + #if defined(USE_SSL) + #ifdef USE_SSL_GNUTLS +- { "ssl_ca_certificates_file", DT_PATH, R_NONE, UL &SslCACertFile, 0 }, ++ { "ssl_ca_certificates_file", DT_PATH, R_NONE, UL &SslCACertFile, "/etc/ssl/certs/ca-bundle.crt" }, + /* + ** .pp + ** This variable specifies a file containing trusted CA certificates. diff --git a/mutt.spec b/mutt.spec index cdc3b1c..e626f93 100644 --- a/mutt.spec +++ b/mutt.spec @@ -20,7 +20,7 @@ Summary: A text mode mail user agent Name: mutt Version: 1.5.23 -Release: 9.%{?snapver}%{?dist} +Release: 10.%{?snapver}%{?dist} Epoch: 5 # The entire source code is GPLv2+ except # pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain @@ -36,6 +36,7 @@ Patch3: mutt-1.5.21-syncdebug.patch # FIXME make it to upstream Patch4: mutt-1.5.23-add_debug_option.patch Patch7: mutt-1.5.23-domainname.patch +Patch8: mutt-1.5.23-system_certs.patch Url: http://www.mutt.org/ Requires: mailcap, urlview BuildRequires: ncurses-devel, gettext, automake @@ -84,7 +85,7 @@ autoreconf --install %patch3 -p1 -b .syncdebug %patch4 -p1 -b .add_debug_option %patch7 -p1 -b .domainname - +%patch8 -p1 -b .system_certs sed -i -r 's/`$GPGME_CONFIG --libs`/"\0 -lgpg-error"/' configure # disable mutt_dotlock program - remove support from mutt binary @@ -189,6 +190,10 @@ ln -sf ./muttrc.5 $RPM_BUILD_ROOT%{_mandir}/man5/muttrc.local.5 %changelog +* Thu Jun 25 2015 Matej Muzila - 5:1.5.23-10.20150609hg17a4f92e4a95 +- Make system CA bundle default in mutt +- Resolves: #1069778 + * Wed Jun 17 2015 Fedora Release Engineering - 5:1.5.23-9.20150609hg17a4f92e4a95 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild From f5db476a2808841fc6722d4d6a4c106db29b32e6 Mon Sep 17 00:00:00 2001 From: Matej Muzila Date: Thu, 13 Aug 2015 14:34:16 +0200 Subject: [PATCH 4/5] Utilize system-wide crypto-policies - rhbz#1179324 --- mutt-1.5.23-ssl_ciphers.patch | 74 +++++++++++++++++++++++++++++++++++ mutt.spec | 13 +++++- 2 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 mutt-1.5.23-ssl_ciphers.patch diff --git a/mutt-1.5.23-ssl_ciphers.patch b/mutt-1.5.23-ssl_ciphers.patch new file mode 100644 index 0000000..a70b70b --- /dev/null +++ b/mutt-1.5.23-ssl_ciphers.patch @@ -0,0 +1,74 @@ +diff -rup mutt-17a4f92e4a95-orig/init.h mutt-17a4f92e4a95/init.h +--- mutt-17a4f92e4a95-orig/init.h 2015-07-30 11:09:54.536930119 +0200 ++++ mutt-17a4f92e4a95/init.h 2015-07-30 11:11:17.383772131 +0200 +@@ -3092,7 +3092,7 @@ struct option_t MuttVars[] = { + ** URL. You should only unset this for particular known hosts, using + ** the \fC$\fP function. + */ +- { "ssl_ciphers", DT_STR, R_NONE, UL &SslCiphers, UL 0 }, ++ { "ssl_ciphers", DT_STR, R_NONE, UL &SslCiphers, UL "@SYSTEM" }, + /* + ** .pp + ** Contains a colon-seperated list of ciphers to use when using SSL. +--- mutt-17a4f92e4a95/mutt_ssl_gnutls.c.ssl_ciphers 2015-08-20 13:19:24.990481900 +0200 ++++ mutt-17a4f92e4a95/mutt_ssl_gnutls.c 2015-08-20 14:37:18.405928684 +0200 +@@ -286,32 +286,35 @@ + else + safe_strcat (priority, priority_size, "NORMAL"); + +- if (! option(OPTTLSV1_2)) ++ if (SslCiphers && strcmp(SslCiphers, "@SYSTEM")) + { +- nproto--; +- safe_strcat (priority, priority_size, ":-VERS-TLS1.2"); +- } +- if (! option(OPTTLSV1_1)) +- { +- nproto--; +- safe_strcat (priority, priority_size, ":-VERS-TLS1.1"); +- } +- if (! option(OPTTLSV1)) +- { +- nproto--; +- safe_strcat (priority, priority_size, ":-VERS-TLS1.0"); +- } +- if (! option(OPTSSLV3)) +- { +- nproto--; +- safe_strcat (priority, priority_size, ":-VERS-SSL3.0"); +- } ++ if (! option(OPTTLSV1_2)) ++ { ++ nproto--; ++ safe_strcat (priority, priority_size, ":-VERS-TLS1.2"); ++ } ++ if (! option(OPTTLSV1_1)) ++ { ++ nproto--; ++ safe_strcat (priority, priority_size, ":-VERS-TLS1.1"); ++ } ++ if (! option(OPTTLSV1)) ++ { ++ nproto--; ++ safe_strcat (priority, priority_size, ":-VERS-TLS1.0"); ++ } ++ if (! option(OPTSSLV3)) ++ { ++ nproto--; ++ safe_strcat (priority, priority_size, ":-VERS-SSL3.0"); ++ } + +- if (nproto == 0) +- { +- mutt_error (_("All available protocols for TLS/SSL connection disabled")); +- FREE (&priority); +- return -1; ++ if (nproto == 0) ++ { ++ mutt_error (_("All available protocols for TLS/SSL connection disabled")); ++ FREE (&priority); ++ return -1; ++ } + } + + if ((err = gnutls_priority_set_direct (data->state, priority, NULL)) < 0) diff --git a/mutt.spec b/mutt.spec index e626f93..ebb32a2 100644 --- a/mutt.spec +++ b/mutt.spec @@ -20,7 +20,7 @@ Summary: A text mode mail user agent Name: mutt Version: 1.5.23 -Release: 10.%{?snapver}%{?dist} +Release: 11.%{?snapver}%{?dist} Epoch: 5 # The entire source code is GPLv2+ except # pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain @@ -37,6 +37,7 @@ Patch3: mutt-1.5.21-syncdebug.patch Patch4: mutt-1.5.23-add_debug_option.patch Patch7: mutt-1.5.23-domainname.patch Patch8: mutt-1.5.23-system_certs.patch +Patch9: mutt-1.5.23-ssl_ciphers.patch Url: http://www.mutt.org/ Requires: mailcap, urlview BuildRequires: ncurses-devel, gettext, automake @@ -86,6 +87,7 @@ autoreconf --install %patch4 -p1 -b .add_debug_option %patch7 -p1 -b .domainname %patch8 -p1 -b .system_certs +%patch9 -p1 -b .ssl_ciphers sed -i -r 's/`$GPGME_CONFIG --libs`/"\0 -lgpg-error"/' configure # disable mutt_dotlock program - remove support from mutt binary @@ -99,6 +101,11 @@ if echo %{release} | grep -E -q '%{hgreldate}'; then echo %{release} | sed -r 's/.*%{hgreldate}.*/"\1-\2-\3";/' >> reldate.h fi +# remove mutt_ssl.c to be sure it won't be used because it violates +# Packaging:CryptoPolicies +# https://fedoraproject.org/wiki/Packaging:CryptoPolicies +rm -f mutt_ssl.c + %build %configure \ @@ -190,6 +197,10 @@ ln -sf ./muttrc.5 $RPM_BUILD_ROOT%{_mandir}/man5/muttrc.local.5 %changelog +* Wed Aug 26 2015 Matej Muzila - 5:1.5.23-11.20150609hg17a4f92e4a95 +- Utilize system-wide crypto-policies +- rhbz#1179324 + * Thu Jun 25 2015 Matej Muzila - 5:1.5.23-10.20150609hg17a4f92e4a95 - Make system CA bundle default in mutt - Resolves: #1069778 From 23f8ee20667135f240a855a2c9a48f8ab3b9736e Mon Sep 17 00:00:00 2001 From: Matej Muzila Date: Fri, 4 Sep 2015 09:27:13 +0200 Subject: [PATCH 5/5] =?UTF-8?q?New=20release,=C2=A0resolves=20rhbz#1259332?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 1 + mutt.spec | 13 +++++++------ sources | 2 +- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index 6df79e0..7004204 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ mutt-1.5.21.tar.gz mutt-1.5.22.tar.gz mutt-1.5.23.tar.gz /mutt-1.5.23-20150609hg17a4f92e4a95.tar.gz +/mutt-1.5.24.tar.gz diff --git a/mutt.spec b/mutt.spec index ebb32a2..567c656 100644 --- a/mutt.spec +++ b/mutt.spec @@ -12,22 +12,20 @@ %bcond_with qdbm %bcond_with gdbm %bcond_without gpgme -%global commithash 17a4f92e4a95 -%global snapver 20150609hg%{?commithash} %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} Summary: A text mode mail user agent Name: mutt -Version: 1.5.23 -Release: 11.%{?snapver}%{?dist} +Version: 1.5.24 +Release: 1%{?dist} Epoch: 5 # The entire source code is GPLv2+ except # pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain License: GPLv2+ and Public Domain Group: Applications/Internet # hg snapshot created from http://dev.mutt.org/hg/mutt -Source: %{name}-%{version}-%{?snapver}.tar.gz +Source: %{name}-%{version}.tar.gz Source1: mutt_ldap_query Patch1: mutt-1.5.18-muttrc.patch Patch2: mutt-1.5.21-cabundle.patch @@ -76,7 +74,7 @@ for selecting groups of messages. %prep # unpack; cd -%setup -q -n %{name}-%{?commithash} +%setup -q # disable mutt_dotlock program - disable post-install mutt_dotlock checking sed -i -r 's|install-exec-hook|my-useless-label|' Makefile.am # do not run ./prepare -V, because it also runs ./configure @@ -197,6 +195,9 @@ ln -sf ./muttrc.5 $RPM_BUILD_ROOT%{_mandir}/man5/muttrc.local.5 %changelog +* Thu Sep 04 2015 Matej Muzila - 5:1.5.24-1 +- New release, resolves rhbz#1259332 + * Wed Aug 26 2015 Matej Muzila - 5:1.5.23-11.20150609hg17a4f92e4a95 - Utilize system-wide crypto-policies - rhbz#1179324 diff --git a/sources b/sources index ba708c5..ff43ff6 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -a91b8e5849e0024fc13ee4336ddb734e mutt-1.5.23-20150609hg17a4f92e4a95.tar.gz +7f25d27f3c7c82285ac07aac35f5f0f2 mutt-1.5.24.tar.gz