qnikst 14/03/13 20:44:53 Added: mutt-1.5.22-cve-2014-0567.patch Log: fix buffer overflow issue (CVE-2014-0567), bug #504462 (Portage version: 2.2.8-r1/cvs/Linux x86_64, signed Manifest commit with key 0xEAD50D64D8D3571A!)
Revision Changes Path 1.1 mail-client/mutt/files/mutt-1.5.22-cve-2014-0567.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-client/mutt/files/mutt-1.5.22-cve-2014-0567.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/mail-client/mutt/files/mutt-1.5.22-cve-2014-0567.patch?rev=1.1&content-type=text/plain Index: mutt-1.5.22-cve-2014-0567.patch =================================================================== # HG changeset patch # User Michael Elkins <m...@sigpipe.org> # Date 1394556009 25200 # Tue Mar 11 09:40:09 2014 -0700 # Branch stable # Node ID 9bf7593e3c08cc32bd69595d5c1cac75c29ba09d # Parent 3d5e23a66a1a179d9be25767e634174905ae2bdb Fix buffer overrun caused by not updating a string length after address expansion. diff --git a/copy.c b/copy.c --- a/copy.c +++ b/copy.c @@ -254,6 +254,7 @@ { if (!address_header_decode (&this_one)) rfc2047_decode (&this_one); + this_one_len = mutt_strlen (this_one); } if (!headers[x])