rpms/mutt
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c8s
Branches Tags
rpms:c8s
rpms:c10s
rpms:c8
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:c9s
rpms:imports/c10s/mutt-2.2.13-4.el10
rpms:imports/c10s/mutt-2.2.13-3.el10
rpms:imports/c10s/mutt-2.2.12-6.el10
rpms:imports/c8/mutt-2.0.7-3.el8
rpms:imports/c9/mutt-2.2.6-2.el9
rpms:imports/c9/mutt-2.2.6-1.el9
rpms:imports/c8/mutt-2.0.7-2.el8
rpms:imports/c9-beta/mutt-2.2.6-1.el9
rpms:imports/c8-beta/mutt-2.0.7-2.el8
rpms:imports/c8s/mutt-2.0.7-2.el8
rpms:imports/c9/mutt-2.1.5-1.el9
rpms:imports/c9-beta/mutt-2.1.5-1.el9
rpms:imports/c9-beta/mutt-2.0.6-3.el9
rpms:imports/c8/mutt-2.0.7-1.el8
rpms:imports/c8-beta/mutt-2.0.7-1.el8
rpms:imports/c8-beta/mutt-1.10.1-2.el8
rpms:imports/c8/mutt-1.10.1-2.el8
rpms:imports/c8/mutt-1.10.1-1.el8
rpms:imports/c8s/mutt-2.0.7-1.el8
rpms:imports/c8s/mutt-2.0.6-1.el8
...
pull from: rpms:c10s
Branches Tags
rpms:c10s
rpms:c8
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:c8s
rpms:c9s
rpms:imports/c10s/mutt-2.2.13-4.el10
rpms:imports/c10s/mutt-2.2.13-3.el10
rpms:imports/c10s/mutt-2.2.12-6.el10
rpms:imports/c8/mutt-2.0.7-3.el8
rpms:imports/c9/mutt-2.2.6-2.el9
rpms:imports/c9/mutt-2.2.6-1.el9
rpms:imports/c8/mutt-2.0.7-2.el8
rpms:imports/c9-beta/mutt-2.2.6-1.el9
rpms:imports/c8-beta/mutt-2.0.7-2.el8
rpms:imports/c8s/mutt-2.0.7-2.el8
rpms:imports/c9/mutt-2.1.5-1.el9
rpms:imports/c9-beta/mutt-2.1.5-1.el9
rpms:imports/c9-beta/mutt-2.0.6-3.el9
rpms:imports/c8/mutt-2.0.7-1.el8
rpms:imports/c8-beta/mutt-2.0.7-1.el8
rpms:imports/c8-beta/mutt-1.10.1-2.el8
rpms:imports/c8/mutt-1.10.1-2.el8
rpms:imports/c8/mutt-1.10.1-1.el8
rpms:imports/c8s/mutt-2.0.7-1.el8
rpms:imports/c8s/mutt-2.0.6-1.el8

No commits in common. "c8s" and "c10s" have entirely different histories.
c8s ... c10s

19 changed files with 342 additions and 855 deletions
Show Stats Expand all files Collapse all files

1
.fmf/version Normal file
View File

@ -0,0 +1 @@
1

59
.gitignore vendored
View File

@ -1,2 +1,59 @@
SOURCES/mutt-2.0.7.tar.gz mutt-1.5.20-20100718hg1a35f0.tar.bz2
mutt-1.5.21.tar.gz
mutt-1.5.22.tar.gz
mutt-1.5.23.tar.gz
/mutt-1.5.23-20150609hg17a4f92e4a95.tar.gz
/mutt-1.5.24.tar.gz
/mutt-1.6.0.tar.gz
/mutt-1.6.1.tar.gz
/mutt-1.6.2.tar.gz
/mutt-1.7.0.tar.gz
/mutt-1.7.1.tar.gz
/mutt-1.7.2.tar.gz
/mutt-1.8.2.tar.gz
/mutt-1.8.3.tar.gz
/mutt-1.9.0.tar.gz
/mutt-1.9.1.tar.gz
/mutt-1.9.2.tar.gz
/mutt-1.9.3.tar.gz
/mutt-1.9.4.tar.gz
/mutt-1.9.5.tar.gz
/mutt-1.10.0.tar.gz
/mutt-1.10.1.tar.gz
/mutt-1.11.2.tar.gz
/mutt-1.11.3.tar.gz
/mutt-1.11.4.tar.gz
/mutt-1.12.0.tar.gz
/mutt-1.12.1.tar.gz
/mutt-1.12.2.tar.gz
/mutt-1.13.0.tar.gz
/mutt-1.13.2.tar.gz
/mutt-1.13.3.tar.gz
/mutt-1.13.4.tar.gz
/mutt-1.13.5.tar.gz
/mutt-1.14.0.tar.gz
/mutt-1.14.2.tar.gz
/mutt-1.14.3.tar.gz
/mutt-1.14.4.tar.gz
/mutt-1.14.5.tar.gz
/mutt-1.14.6.tar.gz
/mutt-1.14.7.tar.gz
/mutt-2.0.2.tar.gz
/mutt-2.0.5.tar.gz
/mutt-2.0.6.tar.gz
/mutt-2.0.7.tar.gz /mutt-2.0.7.tar.gz
/mutt-2.1.1.tar.gz
/mutt-2.1.3.tar.gz
/mutt-2.1.5.tar.gz
/mutt-2.2.0.tar.gz
/mutt-2.2.1.tar.gz
/mutt-2.2.2.tar.gz
/mutt-2.2.3.tar.gz
/mutt-2.2.5.tar.gz
/mutt-2.2.6.tar.gz
/mutt-2.2.7.tar.gz
/mutt-2.2.9.tar.gz
/mutt-2.2.10.tar.gz
/mutt-2.2.11.tar.gz
/mutt-2.2.12.tar.gz
/mutt-2.2.13.tar.gz

41
0015-Fix-rfc2047-base64-decoding-to-abort-on-illegal-char.patch
View File

@ -1,41 +0,0 @@
From 29754579de3a4e720ea0b30bc3e4c03dd905fd66 Mon Sep 17 00:00:00 2001
From: Kevin McCarthy <kevin@8t8.us>
Date: Sun, 3 Sep 2023 12:22:01 +0800
Subject: [PATCH] Fix rfc2047 base64 decoding to abort on illegal characters.
For some reason, the rfc2047 base64 decoder ignored illegal
characters, instead of aborting. This seems innocuous, but in fact
leads to at least three crash-bugs elsewhere in Mutt.
These stem from Mutt, in some cases, passing an entire header
field (name, colon, and body) to the rfc2047 decoder. (It is
technically incorrect to do so, by the way, but is beyond scope for
these fixes in stable). Mutt then assumes the result can't be empty
because of a previous check that the header contains at least a colon.
This commit takes care of the source of the crashes, by aborting the
rfc2047 decode. The following two commits add protective fixes to the
specific crash points.
Thanks to Chenyuan Mi (@morningbread) for discovering the strchr
crashes, giving a working example draft message, and providing the
stack traces for the two NULL derefences.
(cherry picked from commit 452ee330e094bfc7c9a68555e5152b1826534555)
---
rfc2047.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rfc2047.c b/rfc2047.c
index 488771bd..1a765b87 100644
--- a/rfc2047.c
+++ b/rfc2047.c
@@ -716,7 +716,7 @@ static int rfc2047_decode_word (BUFFER *d, const char *s, char **charset)
if (*pp == '=')
break;
if ((*pp & ~127) || (c = base64val(*pp)) == -1)
- continue;
+ goto error_out_0;
if (k + 6 >= 8)
{
k -= 2;

37
0016-CVE-2023-4874-Fix-write_one_header-illegal-header-ch.patch
View File

@ -1,37 +0,0 @@
From 427e205f3f5759c153a1d424ac6f6a82ac16a352 Mon Sep 17 00:00:00 2001
From: Kevin McCarthy <kevin@8t8.us>
Date: Sun, 3 Sep 2023 14:11:48 +0800
Subject: [PATCH] (CVE-2023-4874) Fix write_one_header() illegal header check.
This is another crash caused by the rfc2047 decoding bug fixed in the
second prior commit.
In this case, an empty header line followed by a header line starting
with ":", would result in t==end.
The mutt_substrdup() further below would go very badly at that point,
with t >= end+1. This could result in either a memcpy onto NULL or a
huge malloc call.
Thanks to Chenyuan Mi (@morningbread) for giving a working example
draft message of the rfc2047 decoding flaw. This allowed me, with
further testing, to discover this additional crash bug.
(cherry picked from commit a4752eb0ae0a521eec02e59e51ae5daedf74fda0)
---
sendlib.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sendlib.c b/sendlib.c
index 8fd5e6cb..8569e5cf 100644
--- a/sendlib.c
+++ b/sendlib.c
@@ -2038,7 +2038,7 @@ static int write_one_header (FILE *fp, int pfxw, int max, int wraplen,
else
{
t = strchr (start, ':');
- if (!t || t > end)
+ if (!t || t >= end)
{
dprint (1, (debugfile, "mwoh: warning: header not in "
"'key: value' format!\n"));

47
0017-CVE-2023-4875-Check-for-NULL-userhdrs.patch
View File

@ -1,47 +0,0 @@
From 74b4833b56212dbbac6f6353f6989f91176671a2 Mon Sep 17 00:00:00 2001
From: Kevin McCarthy <kevin@8t8.us>
Date: Mon, 4 Sep 2023 12:50:07 +0800
Subject: [PATCH] (CVE-2023-4875) Check for NULL userhdrs.
When composing an email, miscellaneous extra headers are stored in a
userhdrs list. Mutt first checks to ensure each header contains at
least a colon character, passes the entire userhdr field (name, colon,
and body) to the rfc2047 decoder, and safe_strdup()'s the result on
the userhdrs list. An empty result would from the decode would result
in a NULL headers being added to list.
The previous commit removed the possibility of the decoded header
field being empty, but it's prudent to add a check to the strchr
calls, in case there is another unexpected bug resulting in one.
Thanks to Chenyuan Mi (@morningbread) for discovering the two strchr
crashes, giving a working example draft message, and providing the
stack traces for the two NULL derefences.
(cherry picked from commit 4cc3128abdf52c615911589394a03271fddeefc6)
---
sendlib.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sendlib.c b/sendlib.c
index 8569e5cf..007baac1 100644
--- a/sendlib.c
+++ b/sendlib.c
@@ -2318,7 +2318,7 @@ int mutt_write_rfc822_header (FILE *fp, ENVELOPE *env, BODY *attach, char *date,
/* Add any user defined headers */
for (; tmp; tmp = tmp->next)
{
- if ((p = strchr (tmp->data, ':')))
+ if ((p = strchr (NONULL (tmp->data), ':')))
{
q = p;
@@ -2366,7 +2366,7 @@ static void encode_headers (LIST *h)
for (; h; h = h->next)
{
- if (!(p = strchr (h->data, ':')))
+ if (!(p = strchr (NONULL (h->data), ':')))
continue;
i = p - h->data;

4
gating.yaml
View File

@ -1,6 +1,6 @@
--- !Policy --- !Policy
product_versions: product_versions:
- rhel-8 - rhel-10
decision_context: osci_compose_gate decision_context: osci_compose_gate
rules: rules:
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional} - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

11
mutt-1.10.1-mutt-1.9.3-1_coverity_166.patch
View File

@ -1,11 +0,0 @@
diff -up mutt-1.10.1/query.c.mutt-1.9.3-1_coverity_166 mutt-1.10.1/query.c
--- mutt-1.10.1/query.c.mutt-1.9.3-1_coverity_166 2018-11-26 11:54:55.078468192 +0100
+++ mutt-1.10.1/query.c 2018-11-26 11:55:12.035710707 +0100
@@ -443,6 +443,7 @@ static void query_menu (char *buf, size_
}
mutt_create_alias (NULL, naddr);
+ rfc822_free_address (&naddr);
}
else
{

12
mutt-1.10.1-mutt-1.9.3-1_coverity_181.patch
View File

@ -1,12 +0,0 @@
diff -up mutt-1.10.1/send.c.mutt-1.9.3-1_coverity_181 mutt-1.10.1/send.c
--- mutt-1.10.1/send.c.mutt-1.9.3-1_coverity_181 2018-11-26 12:08:42.615216677 +0100
+++ mutt-1.10.1/send.c 2018-11-26 12:08:52.007351542 +0100
@@ -243,7 +243,7 @@ static int edit_envelope (ENVELOPE *en)
if (ascii_strncasecmp ("subject:", uh->data, 8) == 0)
{
p = skip_email_wsp(uh->data + 8);
- strncpy (buf, p, sizeof (buf));
+ strfcpy (buf, p, sizeof (buf));
}
}
}

31
mutt-1.10.1-mutt-1.9.3-1_coverity_187_188_189_190.patch
View File

@ -1,31 +0,0 @@
diff -up mutt-1.10.1/sendlib.c.mutt-1.9.3-1_coverity_187_188_189_190 mutt-1.10.1/sendlib.c
--- mutt-1.10.1/sendlib.c.mutt-1.9.3-1_coverity_187_188_189_190 2018-11-26 12:34:51.007894823 +0100
+++ mutt-1.10.1/sendlib.c 2018-11-26 12:35:08.374143006 +0100
@@ -1815,11 +1815,15 @@ static int write_one_header (FILE *fp, i
NONULL(pfx), valbuf, max, wraplen));
if (pfx && *pfx)
if (fputs (pfx, fp) == EOF)
+ {
+ FREE(&valbuf);
return -1;
+ }
if (!(t = strchr (valbuf, ':')))
{
dprint (1, (debugfile, "mwoh: warning: header not in "
"'key: value' format!\n"));
+ FREE(&valbuf);
return 0;
}
if (print_val (fp, pfx, valbuf, flags, mutt_strlen (pfx)) < 0)
@@ -1861,7 +1865,11 @@ static int write_one_header (FILE *fp, i
"max width = %d > %d\n",
NONULL(pfx), valbuf, max, wraplen));
if (fold_one_header (fp, tagbuf, valbuf, pfx, wraplen, flags) < 0)
+ {
+ FREE (&tagbuf);
+ FREE (&valbuf);
return -1;
+ }
FREE (&tagbuf);
FREE (&valbuf);
}

12
mutt-1.12.1-optusegpgagent.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up mutt-1.12.1/init.h.optusegpgagent mutt-1.12.1/init.h
--- mutt-1.12.1/init.h.optusegpgagent 2019-08-29 09:29:38.868810511 +0200
+++ mutt-1.12.1/init.h 2019-08-29 09:30:29.899395370 +0200
@@ -2444,7 +2444,7 @@ struct option_t MuttVars[] = {
** not used.
** (PGP only)
*/
- { "pgp_use_gpg_agent", DT_BOOL, R_NONE, {.l=OPTUSEGPGAGENT}, {.l=1} },
+ { "pgp_use_gpg_agent", DT_BOOL, R_NONE, {.l=OPTUSEGPGAGENT}, {.l=0} },
/*
** .pp
** If \fIset\fP, mutt expects a \fCgpg-agent(1)\fP process will handle

2
mutt-1.5.23-system_certs.patch
View File

@ -4,7 +4,7 @@ diff -rup mutt-17a4f92e4a95-orig/init.h mutt-17a4f92e4a95-new/init.h
@@ -2989,7 +2989,7 @@ struct option_t MuttVars[] = { @@ -2989,7 +2989,7 @@ struct option_t MuttVars[] = {
*/ */
#if defined(USE_SSL) #if defined(USE_SSL)
#ifdef USE_SSL_GNUTLS # ifdef USE_SSL_GNUTLS
- { "ssl_ca_certificates_file", DT_PATH, R_NONE, {.p=&SslCACertFile}, {.p=0} }, - { "ssl_ca_certificates_file", DT_PATH, R_NONE, {.p=&SslCACertFile}, {.p=0} },
+ { "ssl_ca_certificates_file", DT_PATH, R_NONE, {.p=&SslCACertFile}, {.p="/etc/ssl/certs/ca-bundle.crt"} }, + { "ssl_ca_certificates_file", DT_PATH, R_NONE, {.p=&SslCACertFile}, {.p="/etc/ssl/certs/ca-bundle.crt"} },
/* /*

2
mutt-1.9.4-lynx_no_backscapes.patch
View File

@ -5,7 +5,7 @@ diff -up mutt-1.9.1/doc/Makefile.am.lynx_no_backscapes mutt-1.9.1/doc/Makefile.a
check: check:
manual.txt: manual.html manual.txt: manual.html
- -LC_ALL=C lynx -localhost -dump -nolist -with_backspaces -display_charset=us-ascii manual.html > $@ || \ - -LC_ALL=C lynx -localhost -dump -nolist -nonumbers -with_backspaces -display_charset=us-ascii manual.html > $@ || \
+ -LC_ALL=C lynx -localhost -dump -nolist -display_charset=us-ascii manual.html > $@ || \ + -LC_ALL=C lynx -localhost -dump -nolist -display_charset=us-ascii manual.html > $@ || \
LC_ALL=C w3m -T text/html -I utf-8 -O utf-8 -dump < manual.html > $@ || \ LC_ALL=C w3m -T text/html -I utf-8 -O utf-8 -dump < manual.html > $@ || \
LC_ALL=C elinks -dump -no-numbering -no-references manual.html | sed -e 's,\\001, ,g' > $@ LC_ALL=C elinks -dump -no-numbering -no-references manual.html | sed -e 's,\\001, ,g' > $@

40
mutt-2.0.7-cve-2022-1328.patch
View File

@ -1,40 +0,0 @@
From e5ed080c00e59701ca62ef9b2a6d2612ebf765a5 Mon Sep 17 00:00:00 2001
From: Kevin McCarthy <kevin@8t8.us>
Date: Tue, 5 Apr 2022 11:05:52 -0700
Subject: [PATCH] Fix uudecode buffer overflow.
mutt_decode_uuencoded() used each line's initial "length character"
without any validation. It would happily read past the end of the
input line, and with a suitable value even past the length of the
input buffer.
As I noted in ticket 404, there are several other changes that could
be added to make the parser more robust. However, to avoid
accidentally introducing another bug or regression, I'm restricting
this patch to simply addressing the overflow.
Thanks to Tavis Ormandy for reporting the issue, along with a sample
message demonstrating the problem.
---
handler.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/handler.c b/handler.c
index d1b4bc73..c97cf0cb 100644
--- a/handler.c
+++ b/handler.c
@@ -404,9 +404,9 @@ static void mutt_decode_uuencoded (STATE *s, LOFF_T len, int istext, iconv_t cd)
pt = tmps;
linelen = decode_byte (*pt);
pt++;
- for (c = 0; c < linelen;)
+ for (c = 0; c < linelen && *pt;)
{
- for (l = 2; l <= 6; l += 2)
+ for (l = 2; l <= 6 && *pt && *(pt + 1); l += 2)
{
out = decode_byte (*pt) << l;
pt++;
--
2.34.1

24
mutt-configure-c99.patch Normal file
View File

@ -0,0 +1,24 @@
The standard iconv function uses char ** even for its input
argument. With a const char ** argument, ICONV_NONTRANS is incorrectly
set to 1 if the compiler produces an error for such incompatible
pointer types.
Submitted upstream: <https://gitlab.com/muttmua/mutt/-/merge_requests/175>
diff --git a/configure.ac b/configure.ac
index 9fe461df2a5af3a8..443da363081343c5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1322,10 +1322,10 @@ AC_CACHE_CHECK([whether iconv is non-transcribing], mutt_cv_iconv_nontrans,
int main()
{
iconv_t cd;
- const char *ib;
+ char *ib;
char *ob;
size_t ibl, obl;
- const char *s = "\304\211";
+ char *s = (char *) "\304\211";
changequote(, )dnl
char t[3];
changequote([, ])dnl

829
mutt.spec
View File

@ -19,15 +19,14 @@
Summary: A text mode mail user agent Summary: A text mode mail user agent
Name: mutt Name: mutt
Version: 2.0.7 Version: 2.2.13
Release: 3%{?dist} Release: 4%{?dist}
Epoch: 5 Epoch: 5
# The entire source code is GPLv2+ except # The entire source code is GPLv2+ except
# pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain # pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain
License: GPLv2+ and Public Domain License: GPL-2.0-or-later AND LicenseRef-Fedora-Public-Domain
Group: Applications/Internet
# hg snapshot created from http://dev.mutt.org/hg/mutt # hg snapshot created from http://dev.mutt.org/hg/mutt
Source: ftp://ftp.mutt.org/pub/%{name}/%{name}-%{version}.tar.gz Source: http://ftp.mutt.org/pub/%{name}/%{name}-%{version}.tar.gz
Source1: mutt_ldap_query Source1: mutt_ldap_query
Patch1: mutt-1.10.0-muttrc.patch Patch1: mutt-1.10.0-muttrc.patch
Patch2: mutt-1.8.0-cabundle.patch Patch2: mutt-1.8.0-cabundle.patch
@ -38,30 +37,18 @@ Patch8: mutt-1.5.23-system_certs.patch
Patch9: mutt-1.9.0-ssl_ciphers.patch Patch9: mutt-1.9.0-ssl_ciphers.patch
Patch10: mutt-1.9.4-lynx_no_backscapes.patch Patch10: mutt-1.9.4-lynx_no_backscapes.patch
Patch12: mutt-1.9.5-nodotlock.patch Patch12: mutt-1.9.5-nodotlock.patch
# Fixs compatibility with previous versions Patch13: mutt-1.12.1-optusegpgagent.patch
Patch13: mutt_disable_ssl_enforce.patch Patch14: mutt-configure-c99.patch
Patch14: mutt-2.0.7-cve-2022-1328.patch
# CVE-2023-4874 CVE-2023-4875
Patch0015: 0015-Fix-rfc2047-base64-decoding-to-abort-on-illegal-char.patch
Patch0016: 0016-CVE-2023-4874-Fix-write_one_header-illegal-header-ch.patch
Patch0017: 0017-CVE-2023-4875-Check-for-NULL-userhdrs.patch
# Coverity patches
# https://cov01.lab.eng.brq.redhat.com/el8-results/el8/mutt-1.9.3-1.el8+7/scan-results-imp.html
Patch111: mutt-1.10.1-mutt-1.9.3-1_coverity_166.patch
Patch112: mutt-1.10.1-mutt-1.9.3-1_coverity_181.patch
Patch113: mutt-1.10.1-mutt-1.9.3-1_coverity_187_188_189_190.patch
Url: http://www.mutt.org Url: http://www.mutt.org
Requires: mailcap, urlview Requires: mailcap, urlview
BuildRequires: gcc, make BuildRequires: make
BuildRequires: gcc
BuildRequires: ncurses-devel, gettext, automake BuildRequires: ncurses-devel, gettext, automake
# manual generation # manual generation
BuildRequires: /usr/bin/xsltproc, docbook-style-xsl, perl-interpreter BuildRequires: /usr/bin/xsltproc, docbook-style-xsl, perl-interpreter
BuildRequires: perl-generators BuildRequires: perl-generators
BuildRequires: lynx BuildRequires: lynx
BuildRequires: docbook2X
%if %{with hcache} %if %{with hcache}
%{?with_tokyocabinet:BuildRequires: tokyocabinet-devel} %{?with_tokyocabinet:BuildRequires: tokyocabinet-devel}
@ -97,25 +84,17 @@ for selecting groups of messages.
%setup -q %setup -q
# do not run ./prepare -V, because it also runs ./configure # do not run ./prepare -V, because it also runs ./configure
%patch10 -p1 -b .lynx_no_backscapes %patch -P 10 -p1 -b .lynx_no_backscapes
%patch12 -p1 -b .nodotlock %patch -P 12 -p1 -b .nodotlock
%patch -P 14 -p1
autoreconf --install autoreconf --install
%patch1 -p1 -b .muttrc %patch -P 1 -p1 -b .muttrc
%patch2 -p1 -b .cabundle %patch -P 2 -p1 -b .cabundle
%patch3 -p1 -b .syncdebug %patch -P 3 -p1 -b .syncdebug
%patch8 -p1 -b .system_certs %patch -P 8 -p1 -b .system_certs
%patch9 -p1 -b .ssl_ciphers %patch -P 9 -p1 -b .ssl_ciphers
%patch13 -p1 %patch -P 13 -p1 -b .optusegpgagent
%patch14 -p1 -b .cve-2022-1328
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch111 -p1 -b .mutt-1.9.3-1_coverity_166
%patch112 -p1 -b .mutt-1.9.3-1_coverity_181
%patch113 -p1 -b .mutt-1.9.3-1_coverity_187_188_189_190.patch
sed -i -r 's/`$GPGME_CONFIG --libs`/"\0 -lgpg-error"/' configure sed -i -r 's/`$GPGME_CONFIG --libs`/"\0 -lgpg-error"/' configure
@ -167,15 +146,19 @@ rm -f mutt_ssl.c
%{?with_sidebar: --enable-sidebar} \ %{?with_sidebar: --enable-sidebar} \
--with-docdir=%{_pkgdocdir} --with-docdir=%{_pkgdocdir}
#make %{?_smp_mflags}
%make_build %make_build
# remove unique id in manual.html because multilib conflicts # remove unique id in manual.html because multilib conflicts
sed -i -r 's/<a id="id[a-z0-9]\+">/<a id="id">/g' doc/manual.html sed -i -r 's/<a id="id[a-z0-9]\+">/<a id="id">/g' doc/manual.html
# fix the shebang in mutt_oauth2.py & preserve the time stamp
oauth2_script="contrib/mutt_oauth2.py"
t=$(stat -c %y "${oauth2_script}")
sed -i "s:^#\!/usr/bin/env\s\+python3\s\?$:#!%{python3}:" "${oauth2_script}"
touch -d "$t" "${oauth2_script}"
%install %install
make install DESTDIR=%{buildroot} %make_install
# we like GPG here # we like GPG here
cat contrib/gpg.rc >> \ cat contrib/gpg.rc >> \
@ -206,7 +189,6 @@ rm -f %{buildroot}%{_mandir}/man5/mmdf.5*
rm -rf %{buildroot}%{_pkgdocdir} rm -rf %{buildroot}%{_pkgdocdir}
# remove /usr/share/info/dir # remove /usr/share/info/dir
# prevents adding dir file without installed info utility
rm %{buildroot}%{_infodir}/dir rm %{buildroot}%{_infodir}/dir
# provide muttrc.local(5): the same as muttrc(5) # provide muttrc.local(5): the same as muttrc(5)
@ -219,6 +201,7 @@ ln -sf ./muttrc.5 %{buildroot}%{_mandir}/man5/muttrc.local.5
%{!?_licensedir:%global license %doc} %{!?_licensedir:%global license %doc}
%license COPYRIGHT GPL %license COPYRIGHT GPL
%doc ChangeLog NEWS README* UPDATING mutt_ldap_query %doc ChangeLog NEWS README* UPDATING mutt_ldap_query
%doc contrib/mutt_oauth2.py contrib/mutt_oauth2.py.README
%doc contrib/*.rc contrib/sample.* contrib/colors.* %doc contrib/*.rc contrib/sample.* contrib/colors.*
%doc doc/manual.html doc/manual.txt doc/smime-notes.txt %doc doc/manual.html doc/manual.txt doc/smime-notes.txt
%config(noreplace) %{_sysconfdir}/Muttrc %config(noreplace) %{_sysconfdir}/Muttrc
@ -236,25 +219,211 @@ ln -sf ./muttrc.5 %{buildroot}%{_mandir}/man5/muttrc.local.5
%changelog %changelog
* Wed Oct 11 2023 Matej Mužila <mmuzila@redhat.com> - 5:2.0.7-3 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 5:2.2.13-4
- Fix for: CVE-2023-4874 CVE-2023-4875 - Bump release for October 2024 mass rebuild:
- Resolves: RHEL-2811 Resolves: RHEL-64018
* Thu Jul 21 2022 Matej Mužila <mmuzila@redhat.com> - 5:2.0.7-2 * Fri Aug 09 2024 Michal Hlavinka <mhlavink@redhat.com> - 5:2.2.13-3
- Fix CVE-2022-1328 (#2109247) - rebuild for updated testing (2x)
* Wed May 5 2021 Filip Januš <fjanus@redhat.com> - 5:2.0.7-1 * Fri Aug 02 2024 Michal Hlavinka <mhlavink@redhat.com> - 5:2.2.13-1
- Upgrade to v2.0.7 - update to 2.2.13 (RHEL-52596)
- New bug fix release - trim changelog to last 10y
- Resolves: #1912614
* Thu Apr 8 2021 Filip Januš <fjanus@redhat.com> - 5:2.0.6-1 * Mon Jun 24 2024 Ondrej Sloup <osloup@redhat.com> - 5:2.2.12-6
- Upgrade to v2.0.6 - Remove docbook2X BuildRequire dependency as it is being deprecated
- Resolves: #1912614 - Resolves: RHEL-45561
* Thu Jun 13 2019 Matej Mužila <mmuzila@redhat.com> - 5:1.10.1-2 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 5:2.2.12-5
- Fix Coverity issues - Bump release for June 2024 mass rebuild
- Resolves: #1602622
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 5:2.2.12-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 5:2.2.12-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Dec 7 2023 Florian Weimer <fweimer@redhat.com> - 5:2.2.12-2
- Fix C99 compatibility issue
* Mon Nov 13 2023 Matej Mužila <mmuzila@redhat.com> - 5:2.2.12-1
- Upgrade to 2.2.12
- Resolves: #2232712
* Tue Sep 05 2023 Matej Mužila <mmuzila@redhat.com> - 5:2.2.11-1
- Upgrade to 2.2.11
- Resolves: #2232712
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 5:2.2.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Mon Apr 17 2023 Matej Mužila <mmuzila@redhat.com> - 5:2.2.10-1
- Upgrade to 2.2.10
- Resolves: #2181780
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 5:2.2.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Nov 23 2022 Matej Mužila <mmuzila@redhat.com> - 5:2.2.9-1
- Upgrade to 2.2.9
- Resolves: 2140353
* Thu Aug 11 2022 Matej Mužila <mmuzila@redhat.com> - 5:2.2.7-1
- Upgrade to 2.2.7
- Resolves: 2116172
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 5:2.2.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jun 15 2022 Matej Mužila <mmuzila@redhat.com> - 5:2.2.6-1
- Upgrade to 2.2.6
- Resolves: 2093746
* Mon May 30 2022 Matej Mužila <mmuzila@redhat.com> - 5:2.2.5-1
- Upgrade to 2.2.5
- Resolves: 2068653
* Thu Apr 21 2022 Matej Mužila <mmuzila@redhat.com> - 5:2.2.3-1
- Upgrade to 2.2.3
Resolves: CVE-2022-1328
* Mon Mar 28 2022 Matej Mužila <mmuzila@redhat.com> - 5:2.2.2-1
- Upgrade to 2.2.2
Resolves: #2068653
* Tue Feb 22 2022 Matej Mužila <mmuzila@redhat.com> - 5:2.2.1-1
- Upgrade to 2.2.1
Resolves: #2053874
* Wed Feb 16 2022 Matej Mužila <mmuzila@redhat.com> - 5:2.2.0-1
- Upgrade to 2.2.0
Resolves: #2053874
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 5:2.1.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Mon Jan 03 2022 Matej Mužila <mmuzila@redhat.com> - 5:2.1.5-1
- Upgrade to 2.1.5
* Mon Oct 25 2021 Matej Mužila <mmuzila@redhat.com> - 5:2.1.3-1
- Upgrade to 2.1.3
* Tue Aug 10 2021 Matej Mužila <mmuzila@redhat.com> - 5:2.1.1-1
- Upgrade to 2.1.1
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5:2.0.7-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri May 7 2021 Dan Čermák <dan.cermak@cgc-instruments.com> - 5:2.0.7-2
- Ship the mutt_oauth2.py script as well
* Thu May 6 2021 Filip Januš <fjanus@redhat.com> 5:2.0.7-1
-Rebase to v2.0.7
* Mon Mar 22 2021 Filip Januš <fjanus@redhat.com> 5:2.0.6-1
- Rebase to upstream version 2.0.6
* Mon Feb 1 2021 Filip Januš <fjanus@redhat.com> -5:2.0.5-1
- Rebase to upstream version 2.0.5
- Fix CVE-2021-3181
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5:2.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Dec 01 2020 Matej Mužila <mmuzila@redhat.com> - 5:2.0.2-1
- Upgrade to 2.0.2
- Resolves: #1895629, #1900827, CVE-2020-28896
* Tue Sep 01 2020 Matej Mužila <mmuzila@redhat.com> - 5:1.14.7-2
- Fix mutt-1.9.4-lynx_no_backscapes.patch
* Mon Aug 31 2020 Matej Mužila <mmuzila@redhat.com> - 5:1.14.7-1
- Upgrade to 1.14.7
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5:1.14.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 22 2020 Fabio Alessandro Locati <fale@fedoraproject.org> - 5:1.14.6-1
- Upgrade to 1.14.6
* Mon Jul 13 2020 Tom Stellard <tstellar@redhat.com> - 5:1.14.5-2
- Use make macros
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
* Wed Jun 24 2020 Fabio Alessandro Locati <fale@fedoraproject.org> - 5:1.14.5-1
- Upgrade to 1.14.5
* Fri Jun 19 2020 Fabio Alessandro Locati <fale@fedoraproject.org> - 5:1.14.4-1
- Upgrade to 1.14.4
- Resolves: #1848768
* Mon Jun 15 2020 Fabio Alessandro Locati <fale@fedoraproject.org> - 5:1.14.3-1
- Upgrade to 1.14.3
- Resolves: #1836550
* Tue May 26 2020 Matej Mužila <mmuzila@redhat.com> - 5:1.14.2-1
- Upgrade to 1.14.2
- Resolves: #1836550
* Sat May 09 2020 Fabio Alessandro Locati <fale@fedoraproject.org> - 5:1.14.0-1
- Upgrade to 1.14.0
- Resolves: #1818513
* Tue Apr 07 2020 Matej Mužila <mmuzila@redhat.com> - 5:1.13.5-1
- Upgrade to 1.13.5
- Resolves: #1818513
* Mon Feb 17 2020 Matej Mužila <mmuzila@redhat.com> - 5:1.13.4-1
- Upgrade to 1.13.4
- Resolves: #1803392
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5:1.13.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Wed Jan 15 2020 Matej Mužila <mmuzila@redhat.com> - 5:1.13.3-1
- Upgrade to 1.13.3
- Resolves: #1783717, #1785500
* Fri Jan 03 2020 Matej Mužila <mmuzila@redhat.com> - 5:1.13.2-1
- Upgrade to 1.13.2
- Resolves: #1783717
* Mon Dec 02 2019 Matej Mužila <mmuzila@redhat.com> - 5:1.13.0-1
- Upgrade to 1.13.0
- Resolves: #1754211
* Tue Sep 24 2019 Matej Mužila <mmuzila@redhat.com> - 5:1.12.2-1
- Upgrade to 1.12.2
- Resolves: #1754211
* Thu Aug 29 2019 Matej Mužila <mmuzila@redhat.com> - 5:1.12.1-3
- Make mutt to ask for GPG passphrase
- Resolves: #1731854
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 5:1.12.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed Jul 17 2019 Matej Mužila <mmuzila@redhat.com> - 5:1.12.1-1
- Upgrade to 1.12.1
- Resolves #1720848
* Tue May 28 2019 Matej Mužila <mmuzila@redhat.com> - 5:1.12.0-1
- Upgrade to 1.12.0
- Resolves #1710398,#1713910
* Wed Apr 24 2019 Björn Esser <besser82@fedoraproject.org> - 5:1.11.4-2
- Remove hardcoded gzip suffix from GNU info pages
* Wed Feb 06 2019 Matej Mužila <mmuzila@redhat.com> - 5:1.11.4-1
- Upgrade to 1.11.4
- Resolves #1688091
* Wed Feb 06 2019 Matej Mužila <mmuzila@redhat.com> - 5:1.11.3-1
- Upgrade to 1.11.3
- Resolves #1659217
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 5:1.10.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Jul 17 2018 Matej Mužila <mmuzila@redhat.com> - 5:1.10.1-1 * Tue Jul 17 2018 Matej Mužila <mmuzila@redhat.com> - 5:1.10.1-1
- Upgrade to 1.10.1 - Upgrade to 1.10.1
@ -380,551 +549,3 @@ ln -sf ./muttrc.5 %{buildroot}%{_mandir}/man5/muttrc.local.5
* Thu May 15 2014 Dan Horák <dan[at]danny.cz> - 5:1.5.23-2 * Thu May 15 2014 Dan Horák <dan[at]danny.cz> - 5:1.5.23-2
- update Makefile.am before running autoreconf - update Makefile.am before running autoreconf
* Tue Apr 29 2014 Jan Pacner <jpacner@redhat.com> - 5:1.5.23-1
- Resolves: #1034263 (new version due to CVE)
- patch cleanup (upstream fixes)
- add html documentation (in addition to the current txt one)
* Mon Dec 02 2013 Jan Pacner <jpacner@redhat.com> - 5:1.5.22-1
- new release (Resolves: #1034263)
- use inline sed instead of nodotlock patch
- patches removed: testcert, hdrcnt, certscomp, updating, pophash,
notation, writehead, tmpdir, verpeers, tlsv1v2
- manhelp patch adjusted (only DEBUG logging capability was left)
* Mon Oct 21 2013 Honza Horak <hhorak@redhat.com> - 5:1.5.21-26
- Fixed patch for certificates comparison
* Mon Sep 23 2013 Miroslav Lichvar <mlichvar@redhat.com> - 5:1.5.21-25
- Revert to packaging only selected doc files
* Thu Aug 8 2013 Ville Skyttä <ville.skytta@iki.fi> - 5:1.5.21-24
- Fix FTBFS with unversioned %%{_docdir_fmt} (#992311), drop duplicate docs.
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5:1.5.21-23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Jul 18 2013 Petr Pisar <ppisar@redhat.com> - 5:1.5.21-22
- Perl 5.18 rebuild
* Thu Jun 27 2013 Honza Horak <hhorak@redhat.com> - 5:1.5.21-21
- Backported support for TLS 1.2 and TLS 1.2 protocols
Resolves: #957840
* Wed May 29 2013 Honza Horak <hhorak@redhat.com> - 5:1.5.21-20
- Fix patch for #750929
Resolves: #957542
* Mon May 20 2013 Honza Horak <hhorak@redhat.com> - 5:1.5.21-19
- Fix missing options in doc and pgpring, pgpewrap man page
* Mon Mar 4 2013 Honza Horak <hhorak@redhat.com> - 5:1.5.21-18
- gnutls_certificate_verify_peers became deprecated, using
a recent alternative
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5:1.5.21-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Dec 03 2012 Honza Horak <hhorak@redhat.com> - 5:1.5.21-16
- remove unique id in manual.html because multilib conflict
- provide muttrc.local(5)
* Thu Sep 27 2012 Honza Horak <hhorak@redhat.com> - 5:1.5.21-15
- Change default tmpdir from /tmp to /var/tmp
Resolves: #858264
* Mon Sep 10 2012 Honza Horak <hhorak@redhat.com> - 5:1.5.21-14
- Minor spec file changes
* Fri Jul 27 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5:1.5.21-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu May 10 2012 Honza Horak <hhorak@redhat.com> - 5:1.5.21-12
- Fix segmentation fault while syncing mailbox
(rhbz#691719)
- Fix unhandled strchr output
(rhbz#833044)
* Wed Apr 25 2012 Honza Horak <hhorak@redhat.com> - 5:1.5.21-11
- Patch from Petr Pisar fixing verification of PGP signatures
with NULL notation
(rhbz#816044)
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5:1.5.21-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Dec 07 2011 Honza Horak <hhorak@redhat.com> - 5:1.5.21-9
- Fixed a segmentation fault while parsing the certificates file
(rhbz#750929)
* Wed Nov 02 2011 Honza Horak <hhorak@redhat.com> - 5:1.5.21-8
- Removed ca-bundle.crt since it is outdated (rhbz#734379)
- Build with gpgme support by default (rhbz#748337)
- Fixed segmentation fault during messages removal in thread mode
(rhbz#674271)
* Wed Oct 26 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5:1.5.21-7
- Rebuilt for glibc bug#747377
* Wed Jun 29 2011 Honza Horak <hhorak@redhat.com> - 5:1.5.21-6
- Fixed message indexes when skipping fetch response (mutt bug #3288)
* Fri Apr 15 2011 Honza Horak <hhorak@redhat.com> - 5:1.5.21-5
- Fixed hostname verification of x.509 certificates.
(rhbz#688756, CVE-2011-1429)
* Tue Mar 29 2011 Honza Horak <hhorak@redhat.com> - 5:1.5.21-4
- Fixed segmentation faults during reading message headers (rhbz#676074)
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5:1.5.21-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Sep 29 2010 jkeating - 5:1.5.21-2
- Rebuilt for gcc bug 634757
* Tue Sep 21 2010 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.21-1
- update to 1.5.21
- link with gpg-error when building with gpgme support (#621626)
* Fri Jul 30 2010 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.20-3.20100718hg1a35f0
- update to hg snapshot 20100718hg1a35f0
* Thu Dec 17 2009 Deji Akingunola <dakingun@gmail.com> - 5:1.5.20-2.20091214hg736b6a.1
- Rebuild for tokyocabinet new release soname bump
* Wed Dec 16 2009 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.20-2.20091214hg736b6a
- update to hg snapshot 20091214hg736b6a
* Fri Sep 18 2009 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.20-1.20090827hg605559
- update to post 1.5.20 hg snapshot (#515148)
- use hunspell by default (#510358)
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5:1.5.19-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Tue Jun 09 2009 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.19-5
- fix certificate verification (CVE-2009-1390)
- add support for gnutls INSECURE_ALGORITHM error code (#499390)
* Wed Apr 01 2009 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.19-4
- use PATH_MAX for buffers passed to realpath (#492861)
- unconditionally inode-sort Maildir and MH folders
- restore connection polling callback when closing SASL connection
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5:1.5.19-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Wed Jan 14 2009 Alex Lancaster <alexlan[AT]fedoraproject org> - 5:1.5.19-2
- Rebuild for deps
* Wed Jan 07 2009 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.19-1
- update to 1.5.19
- switch hcache backend to tokyocabinet
- drop intr patch
* Mon Jul 28 2008 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.18-4
- rebuild with db4.7 (Robert Scheck) (#455144)
* Wed Jun 25 2008 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.18-3
- buildrequire aspell (#452133)
- rebuild with new gnutls
* Mon Jun 02 2008 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.18-2
- allow interrupts when reading, writing or closing sockets (#447887)
- fix possible crash when opening IMAP mailbox
* Mon May 19 2008 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.18-1
- update to 1.5.18
* Fri Apr 04 2008 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.17-4
- fix sending long commands when using gnutls (#438275)
- glob tilde in smime_keys (#424311)
- fix awk script in mutt_ldap_query
- force building with libdb
- make enabling/disabling features in spec easier
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 5:1.5.17-3
- Autorebuild for GCC 4.3
* Fri Nov 23 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.17-2
- don't ignore $from in batch send mode (#392861)
- check Maildir for not being NULL when expanding '='-paths
- prevent mailto parsing buffer overflow by ignoring too long header
- use strtok_r() to parse mailto: links, not strtok()
- update UPDATING
* Fri Nov 02 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.17-1
- update to 1.5.17
* Mon Sep 17 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.16-4
- fix md5 on big-endian systems
* Tue Aug 28 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.16-3
- replace md5 implementation
- update license tag
* Wed Jul 11 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.16-2
- split urlview off, fix requires and description (#226167)
* Mon Jun 11 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.16-1
- update to 1.5.16
* Mon May 28 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.14-4
- validate msgid in APOP authentication (CVE-2007-1558)
- fix overflow in gecos field handling (CVE-2007-2683)
* Mon Mar 19 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.14-3
- fix building
* Mon Mar 19 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.14-2
- add check_mbox_size configuration variable; if enabled, file size is used
instead of access time when checking for new mail
- bind delete key to delete-char (#232601)
* Fri Feb 23 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.14-1
- update to 1.5.14
* Thu Feb 15 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.13-2.20070212cvs
- update to latest CVS
- enable libidn support (#228158)
* Wed Feb 07 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.13-1.20070126cvs
- update to 1.5.13, and latest CVS (#168183, #220816)
- spec cleanup
* Wed Dec 06 2006 Miroslav Lichvar <mlichvar@redhat.com> 5:1.4.2.2-5
- use correct fcc folder with IMAP (#217469)
- don't require smtpdaemon, gettext
* Tue Oct 31 2006 Miroslav Lichvar <mlichvar@redhat.com> 5:1.4.2.2-4
- fix POP authentication with latest cyrus-sasl (#212816)
* Tue Oct 24 2006 Miroslav Lichvar <mlichvar@redhat.com> 5:1.4.2.2-3
- fix insecure temp file creation on NFS (#211085, CVE-2006-5297)
* Thu Aug 03 2006 Miroslav Lichvar <mlichvar@redhat.com> 5:1.4.2.2-2
- fix a SASL authentication bug (#199591)
* Mon Jul 17 2006 Miroslav Lichvar <mlichvar@redhat.com> 5:1.4.2.2-1
- update to 1.4.2.2
- fix directories in manual.txt (#162207)
- drop bcc patch (#197408)
- don't package flea
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 5:1.4.2.1-7.1
- rebuild
* Thu Jun 29 2006 Miroslav Lichvar <mlichvar@redhat.com> 5:1.4.2.1-7
- fix a buffer overflow when processing IMAP namespace (#197152, CVE-2006-3242)
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 5:1.4.2.1-6.2.1
- bump again for double-long bug on ppc(64)
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 5:1.4.2.1-6.2
- rebuilt for new gcc4.1 snapshot and glibc changes
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt
* Wed Nov 9 2005 Bill Nottingham <notting@redhat.com> 5:1.4.2.1-6
- rebuild against new ssl libs
* Thu Oct 27 2005 Bill Nottingham <notting@redhat.com> 5:1.4.2.1-5
- add patch from 1.5 branch to fix SASL logging (#157251, #171528)
* Fri Aug 26 2005 Bill Nottingham <notting@redhat.com> 5:1.4.2.1-3
- add patch from 1.5 branch to fix base64 decoding (#166718)
* Mon Mar 7 2005 Bill Nottingham <notting@redhat.com> 5:1.4.2.1-2
- rebuild against new openssl
- fix build with gcc4
* Thu Jan 27 2005 Bill Nottingham <notting@redhat.com> 5:1.4.2.1-1
- update to 1.4.2.1 (#141007, <moritz@barsnick.net>)
- include a /etc/Muttrc.local for site config (#123109)
- add <f2> as a additional help key for terminals that use <f1> internally
(#139277)
* Wed Sep 15 2004 Nalin Dahyabhai <nalin@redhat.com> 5:1.4.1-10
- expect the server to prompt for additional auth data if we have some to
send (#129961, upstream #1845)
- use "pop" as the service name instead of "pop-3" when using SASL for POP,
per rfc1734
* Fri Aug 13 2004 Bill Nottingham <notting@redhat.com> 5:1.4.1-9
- set write_bcc to no by default (since we ship exim)
- build against sasl2 (#126724)
* Mon Jun 28 2004 Bill Nottingham <notting@redhat.com>
- remove autosplat patch (#116769)
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Tue Jun 8 2004 Bill Nottingham <notting@redhat.com> 5:1.4.1-7
- link urlview against ncursesw (fixes #125530, indirectly)
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Tue Jan 27 2004 Bill Nottingham <notting@redhat.com> 5:1.4.1-5
- add patch to fix menu padding (CAN-2004-0078, #109317)
* Mon Aug 18 2003 Bill Nottingham <notting@redhat.com> 5:1.4.1-4
- rebuild against ncursesw
* Tue Jul 22 2003 Nalin Dahyabhai <nalin@redhat.com> 5:1.4.1-3.2
- rebuild
* Mon Jul 7 2003 Bill Nottingham <notting@redhat.com> 5:1.4.1-3
- fix auth to windows KDCs (#98662)
* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Wed Mar 19 2003 Bill Nottingham <notting@redhat.com> 5:1.4.1-1
- update to 1.4.1, fixes buffer overflow in IMAP code
* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
- rebuilt
* Mon Jan 20 2003 Bill Nottingham <notting@redhat.com> 5:1.4-9
- add mailcap requires
- change urlview to htmlview as default browser
* Fri Jan 17 2003 Florian La Roche <Florian.LaRoche@redhat.de>
- change urlview to mozilla as default browser
* Tue Jan 7 2003 Nalin Dahyabhai <nalin@redhat.com> 5:1.4-7
- rebuild
* Mon Dec 2 2002 Bill Nottingham <notting@redhat.com> 5:1.4-6
- ship flea
* Fri Nov 29 2002 Tim Powers <timp@redhat.com> 5:1.4-5
- remove unpackaged files from the buildroot
* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
- automated rebuild
* Fri Jun 14 2002 Bill Nottingham <notting@redhat.com> 1.4-3
- rebuild against new slang
* Wed May 29 2002 Nalin Dahyabhai <nalin@redhat.com> 1.4-2
- forcibly enable SSL and GSSAPI support
* Wed May 29 2002 Bill Nottingham <notting@redhat.com> 1.4-1
- whoa, 1.4.
* Sun May 26 2002 Tim Powers <timp@redhat.com>
- automated rebuild
* Thu May 16 2002 Bill Nottingham <notting@redhat.com>
- autoconf fun
* Wed Jan 09 2002 Tim Powers <timp@redhat.com>
- automated rebuild
* Tue Jan 1 2002 Bill Nottingham <notting@redhat.com>
- update to 1.2.5.1
* Mon Jul 23 2001 Bill Nottingham <notting@redhat.com>
- don't explictly require krb5-libs, etc.; that's what find-requires is for
(#49780, sort of)
* Sat Jul 21 2001 Tim Powers <timp@redhat.com>
- no more applnk entries, it's cluttering our menus
* Fri Jul 20 2001 Bill Nottingham <notting@redhat.com>
- add slang-devel to buildprereqs (#49531)
* Mon Jun 11 2001 Bill Nottingham <notting@redhat.com>
- add some sample color definitions (#19471)
* Thu May 24 2001 Bill Nottingham <notting@redhat.com>
- fix typo in muttrc.man (#41610)
* Mon May 14 2001 Bill Nottingham <notting@redhat.com>
- use mktemp in muttbug
* Wed May 2 2001 Nalin Dahyabhai <nalin@redhat.com>
- require webclient, not weclient
* Wed May 2 2001 Bill Nottingham <notting@redhat.com>
- build urlview here
* Fri Mar 2 2001 Nalin Dahyabhai <nalin@redhat.com>
- rebuild in new environment
* Tue Feb 13 2001 Bill Nottingham <notting@redhat.com>
- change buildprereq to /usr/sbin/sendmail (it's what it should have been
originally)
- %%langify
* Tue Feb 13 2001 Michael Stefaniuc <mstefani@redhat.com>
- changed buildprereq to smtpdaemon
* Tue Dec 19 2000 Bill Nottingham <notting@redhat.com>
- rebuild; it's just broken
- fix #13196
- buildprereq sendmail
* Fri Dec 01 2000 Bill Nottingham <notting@redhat.com>
- rebuild because of broken fileutils
* Fri Nov 10 2000 Nalin Dahyabhai <nalin@redhat.com>
- include a sample LDAP query script as a doc file
* Mon Nov 6 2000 Nalin Dahyabhai <nalin@redhat.com>
- patch for imap servers that like to volunteer information after AUTHENTICATE
* Thu Aug 24 2000 Nalin Dahyabhai <nalin@redhat.com>
- rebuild in new environment
- force flock() off and fcntl() on in case defaults change
* Tue Aug 8 2000 Nalin Dahyabhai <nalin@redhat.com>
- enable SSL support
* Fri Aug 4 2000 Bill Nottingham <notting@redhat.com>
- add translation to desktop entry
* Fri Jul 28 2000 Bill Nottingham <notting@redhat.com>
- update to 1.2.5i - fixes IMAP bugs
* Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
- automatic rebuild
* Fri Jul 7 2000 Bill Nottingham <notting@redhat.com>
- 1.2.4i
* Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com>
- rebuild in new environment (release 3)
- adjust GSSAPI build logic
* Thu Jun 22 2000 Bill Nottingham <notting@redhat.com>
- fix MD5 code
* Wed Jun 21 2000 Bill Nottingham <notting@redhat.com>
- update to 1.2.2i
* Mon Jun 19 2000 Trond Eivind Glomsrød <teg@redhat.com>
- use aspell
* Sat Jun 10 2000 Bill Nottingham <notting@redhat.com>
- FHS fixes
* Wed May 10 2000 Bill Nottingham <notting@redhat.com>
- add some files
* Tue May 9 2000 Bill Nottingham <notting@redhat.com>
- update to 1.2i
* Tue Apr 4 2000 Bill Nottingham <notting@redhat.com>
- eliminate explicit krb5-configs dependency
* Wed Mar 22 2000 Bill Nottingham <notting@redhat.com>
- auto<foo> is so much fun.
* Wed Mar 01 2000 Nalin Dahyabhai <nalin@redhat.com>
- make kerberos support conditional at compile-time
* Mon Feb 07 2000 Preston Brown <pbrown@redhat.com>
- wmconfig -> desktop
* Fri Feb 4 2000 Bill Nottingham <notting@redhat.com>
- keep the makefiles from re-running autoheader, automake, etc.
* Thu Feb 3 2000 Nalin Dahyabhai <nalin@redhat.com>
- add forward-ported sasl patch
* Thu Feb 3 2000 Bill Nottingham <notting@redhat.com>
- handle compressed man pages, other cleanups
* Wed Jan 19 2000 Bill Nottingham <notting@redhat.com>
- 1.0.1
* Mon Jan 3 2000 Bill Nottingham <notting@redhat.com>
- add the sample mime.types to /usr/doc
* Sat Jan 1 2000 Bill Nottingham <notting@redhat.com>
- fix an odd y2k issue on receiving mail from ancient clients
* Thu Oct 21 1999 Bill Nottingham <notting@redhat.com>
- one-point-oh.
* Sat Sep 25 1999 Bill Nottingham <notting@redhat.com>
- add a buffer overflow patch
* Tue Aug 31 1999 Bill Nottingham <notting@redhat.com>
- update to 1.0pre2
* Tue Aug 17 1999 Bill Nottingham <notting@redhat.com>
- update to 0.95.7
- require urlview since the default muttrc uses it
* Mon Jun 21 1999 Bill Nottingham <notting@redhat.com>
- get correct manual path the Right Way(tm)
- make it so it uses default colors even if COLORFGBG isn't set
* Mon Jun 14 1999 Bill Nottingham <notting@redhat.com>
- update to 0.95.6
* Mon Apr 26 1999 Bill Nottingham <notting@redhat.com>
- try and make sure $RPM_OPT_FLAGS gets passed through
* Fri Apr 23 1999 Bill Nottingham <notting@redhat.com>
- update to 0.95.5
* Mon Mar 29 1999 Bill Nottingham <notting@redhat.com>
- sed correct doc path into /etc/Muttrc for viewing manual
* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
- auto rebuild in the new build environment (release 3)
* Thu Mar 18 1999 Bill Nottingham <notting@redhat.com>
- strip binary
* Mon Mar 8 1999 Bill Nottingham <notting@redhat.com>
- update to 0.95.4 - fixes a /tmp race
* Wed Feb 24 1999 Bill Nottingham <notting@redhat.com>
- the RETURN OF WMCONFIG! Aiyeee!
* Fri Feb 12 1999 Bill Nottingham <notting@redhat.com>
- 0.95.3 - fixes mailcap handling
* Mon Jan 4 1999 Bill Nottingham <notting@redhat.com>
- 0.95.1
* Sat Dec 12 1998 Bill Nottingham <notting@redhat.com>
- 0.95
* Fri Jul 31 1998 Bill Nottingham <notting@redhat.com>
- backport some 0.94.2 security fixes
- fix un-setgid
- update to 0.93.2
* Tue Jul 28 1998 Jeff Johnson <jbj@redhat.com>
- security fix
- update to 0.93.1.
- turn off setgid mail.
* Thu May 07 1998 Prospector System <bugs@redhat.com>
- translations modified for de, fr, tr
* Tue Apr 21 1998 Cristian Gafton <gafton@redhat.com>
- updated to 0.91.1
* Fri Apr 10 1998 Cristian Gafton <gafton@redhat.com>
- updated to mutt-0.89.1
* Thu Oct 16 1997 Otto Hammersmith <otto@redhat.com>
- Updated to mutt 0.85.
- added wmconfig entries.
- removed mime.types
* Mon Sep 1 1997 Donnie Barnes <djb@redhat.com>
- Rebuilt to insure all sources were fresh and patches were clean.
* Wed Aug 6 1997 Manoj Kasichainula <manojk@io.com>
- Initial version for 0.81(e)

26
mutt_disable_ssl_enforce.patch
View File

@ -1,26 +0,0 @@
Based on https://gitlab.com/muttmua/mutt/-/commit/9204b24e99767ae06b5df25eca55c028d702528b
This patch disable enforcing of ssl
diff -ur mutt-2.0.2/doc/manual.xml.head mutt_patch/doc/manual.xml.head
--- mutt-2.0.2/doc/manual.xml.head 2020-11-07 21:30:03.000000000 +0100
+++ mutt_patch/doc/manual.xml.head 2021-01-27 20:21:05.964647359 +0100
@@ -9104,7 +9104,7 @@
<para>
When connecting through a <link linkend="tunnel">$tunnel</link>
and <link linkend="tunnel-is-secure">$tunnel_is_secure</link> is
- set (the default), Mutt will assume the connection to the server
+ set (Not the default!), Mutt will assume the connection to the server
through the pipe is already secured. Mutt will ignore <link
linkend="ssl-starttls">$ssl_starttls</link> and <link
linkend="ssl-force-tls">$ssl_force_tls</link>, behaving as if TLS
diff -ur mutt-2.0.2/init.h mutt_patch/init.h
--- mutt-2.0.2/init.h 2020-11-20 02:28:59.000000000 +0100
+++ mutt_patch/init.h 2021-01-27 20:20:09.696052996 +0100
@@ -4021,7 +4021,7 @@
** The file containing a client certificate and its associated private
** key.
*/
- { "ssl_force_tls", DT_BOOL, R_NONE, {.l=OPTSSLFORCETLS}, {.l=1} },
+ { "ssl_force_tls", DT_BOOL, R_NONE, {.l=OPTSSLFORCETLS}, {.l=0} },
/*
** .pp
** If this variable is \fIset\fP, Mutt will require that all connections

16
plans/tier1.fmf Normal file
View File

@ -0,0 +1,16 @@
---
summary: Tier1 plan for mutt
discover:
how: fmf
url: https://pkgs.devel.redhat.com/git/tests/mutt
ref: master
filter: tier:1
execute:
how: tmt
adjust:
enabled: false
when: distro == centos-stream or distro == fedora

1
planses/.fmf/version Normal file
View File

@ -0,0 +1 @@
1

2
sources
View File

@ -1 +1 @@
SHA512 (mutt-2.0.7.tar.gz) = 1eb689fb9e6aa3cf0bcd0b696c25477cd04b74d8ec93404df071de6dc051e46bbad88131cdf610eb01df4789984707f3791366ae2fda28de2d2739aeb9d34e30 SHA512 (mutt-2.2.13.tar.gz) = dcd84235b6f759c31b56cf021efc17c0bb1fd4d59226d12af9838f3cbbcf0301262ae5f67803565cce3afd6ff5eed3a380a81958f57fb7d8f38e2ecfd0ff7d2c