From a5d2d9c94b72559a9d3405b51bfec5e434c55b62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Honza=20Hor=C3=A1k?= Date: Fri, 15 Apr 2011 14:28:59 +0200 Subject: [PATCH] Fixed hostname verification of x.509 certificates. (rhbz#688756, CVE-2011-1429) --- mutt-1.5.21-testcert.patch | 30 ++++++++++++++++++++++++++++++ mutt.spec | 8 +++++++- 2 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 mutt-1.5.21-testcert.patch diff --git a/mutt-1.5.21-testcert.patch b/mutt-1.5.21-testcert.patch new file mode 100644 index 0000000..0d0c86d --- /dev/null +++ b/mutt-1.5.21-testcert.patch @@ -0,0 +1,30 @@ +diff -up mutt-1.5.21/mutt_ssl_gnutls.c.old mutt-1.5.21/mutt_ssl_gnutls.c +--- mutt-1.5.21/mutt_ssl_gnutls.c.old 2011-03-23 11:46:28.760386765 +0100 ++++ mutt-1.5.21/mutt_ssl_gnutls.c 2011-03-23 14:34:45.839456449 +0100 +@@ -978,6 +978,7 @@ static int tls_check_certificate (CONNEC + unsigned int cert_list_size = 0; + gnutls_certificate_status certstat; + int certerr, i, preauthrc, savedcert, rc = 0; ++ int rcpeer; + + if (gnutls_auth_get_type (state) != GNUTLS_CRD_CERTIFICATE) + { +@@ -1003,6 +1004,9 @@ static int tls_check_certificate (CONNEC + for (i = 0; i < cert_list_size; i++) { + rc = tls_check_preauth(&cert_list[i], certstat, conn->account.host, i, + &certerr, &savedcert); ++ if (i == 0) ++ rcpeer = rc; ++ + preauthrc += rc; + + if (savedcert) +@@ -1028,7 +1032,7 @@ static int tls_check_certificate (CONNEC + dprint (1, (debugfile, "error trusting certificate %d: %d\n", i, rc)); + + certstat = tls_verify_peers (state); +- if (!certstat) ++ if (!certstat && !rcpeer) + return 1; + } + } diff --git a/mutt.spec b/mutt.spec index 8fae0af..30d59ee 100644 --- a/mutt.spec +++ b/mutt.spec @@ -16,7 +16,7 @@ Summary: A text mode mail user agent Name: mutt Version: 1.5.21 -Release: 4%{?dist} +Release: 5%{?dist} Epoch: 5 # The entire source code is GPLv2+ except # pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain @@ -29,6 +29,7 @@ Patch3: mutt-1.5.18-muttrc.patch Patch4: mutt-1.5.18-manual.patch Patch5: mutt-1.5.21-updating.patch Patch6: mutt-1.5.21-hdrcnt.patch +Patch7: mutt-1.5.21-testcert.patch Url: http://www.mutt.org/ Requires: mailcap urlview BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -70,6 +71,7 @@ for selecting groups of messages. %patch4 -p1 -b .manual %patch5 -p1 -b .updating %patch6 -p1 -b .hdrcnt +%patch7 -p1 -b .testcert sed -i.gpgerror 's/`$GPGME_CONFIG --libs`/"\0 -lgpg-error"/' configure @@ -152,6 +154,10 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man5/muttrc.* %changelog +* Fri Apr 15 2011 Honza Horak - 5:1.5.21-5 +- Fixed hostname verification of x.509 certificates. + (rhbz#688756, CVE-2011-1429) + * Tue Mar 29 2011 Honza Horak - 5:1.5.21-4 - Fixed segmentation faults during reading message headers (rhbz#676074)