Sören Tempel: 2 main/gpgme: upgrade to 1.6.0 main/mutt: upgrade to 1.5.24 3 files changed, 12 insertions(+), 64 deletions(-)
Copy & paste the following snippet into your terminal to import this patchset into git:
curl -s https://lists.alpinelinux.org/~alpine/aports/patches/1121/mbox | git am -3Learn more about email & git
--- main/gpgme/APKBUILD | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/main/gpgme/APKBUILD b/main/gpgme/APKBUILD index 623f312..797702d 100644 --- a/main/gpgme/APKBUILD +++ b/main/gpgme/APKBUILD @@ -1,18 +1,18 @@ # Contributor: William Pitcock <nenolod@dereferenced.org> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=gpgme -pkgver=1.5.4 +pkgver=1.6.0 pkgrel=0 pkgdesc="gnupg made easy" url="http://www.gnupg.org/related_software/gpgme/" arch="all" license="GPL" -depends=gnupg +depends="gnupg" depends_dev="libgpg-error-dev libassuan-dev" makedepends="$depends_dev" install="" subpackages="$pkgname-dev $pkgname-doc" -source="ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-$pkgver.tar.bz2" +source="ftp://ftp.gnupg.org/gcrypt/$pkgname/$pkgname-$pkgver.tar.bz2" _builddir="$srcdir"/gpgme-$pkgver prepare() { @@ -45,6 +45,6 @@ package() { rm "$pkgdir"/usr/lib/*.la || return 1 } -md5sums="feafa03ea064e1d1dc11bc2b88404623 gpgme-1.5.4.tar.bz2" -sha256sums="bb38c0ec8815c9e94e6047b484984808a8dad9d6bec8df33dc5339fd55ffea6c gpgme-1.5.4.tar.bz2" -sha512sums="192c2aceb979915606cbc32164eafcfb907f1d6cc5058f71999f7a4b50bbc01063048fd5d907c149414f84a7dad909771f21c2e042850e0b21253c88942cf1f5 gpgme-1.5.4.tar.bz2" +md5sums="60d730d22e8065fd5de309e8b98e304b gpgme-1.6.0.tar.bz2" +sha256sums="b09de4197ac280b102080e09eaec6211d081efff1963bf7821cf8f4f9916099d gpgme-1.6.0.tar.bz2" +sha512sums="b7ccccc2bac246b0759c8752cadd3e77f03da39711badfc66d0f21cefab3f3b07fe1038611ad9ca1c16a8a48d7e831dcca68d83d052456a4cf794a73e287d41b gpgme-1.6.0.tar.bz2" -- 2.5.1 --- Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org Help: alpine-aports+help@lists.alpinelinux.org ---
--- main/mutt/APKBUILD | 19 ++++++------------ main/mutt/CVE-2014-9116.patch | 45 ------------------------------------------- 2 files changed, 6 insertions(+), 58 deletions(-) delete mode 100644 main/mutt/CVE-2014-9116.patch diff --git a/main/mutt/APKBUILD b/main/mutt/APKBUILD index 8d9df5b..0cb9f13 100644 --- a/main/mutt/APKBUILD +++ b/main/mutt/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Andrew Manison<amanison@anselsystems.com> # Maintainer: Andrew Manison<amanison@anselsystems.com> pkgname=mutt -pkgver=1.5.23 +pkgver=1.5.24 pkgrel=1 pkgdesc="a small but very powerful text-mode email client" url="http://www.mutt.org" @@ -12,15 +12,12 @@ makedepends="cyrus-sasl-dev gdbm-dev gettext-dev gpgme-dev libidn-dev ncurses-dev openssl-dev perl" install= subpackages="$pkgname-doc $pkgname-lang" -source="https://bitbucket.org/$pkgname/$pkgname/downloads/$pkgname-$pkgver.tar.gz - CVE-2014-9116.patch - " +source="https://bitbucket.org/$pkgname/$pkgname/downloads/$pkgname-$pkgver.tar.gz" _builddir="$srcdir"/$pkgname-$pkgver prepare() { cd "$_builddir" - update_config_sub || return 1 for i in $source; do case $i in *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; @@ -56,7 +53,7 @@ build() { package() { cd "$_builddir" make DESTDIR="$pkgdir" install - + rm "$pkgdir"/etc/*.dist \ "$pkgdir"/etc/mime.types \ "$pkgdir"/usr/bin/muttbug \ @@ -68,12 +65,8 @@ package() { grep -C 5 "^color" contrib/sample.muttrc >> "$pkgdir"/etc/Muttrc echo "source /etc/Muttrc.local" >> "$pkgdir"/etc/Muttrc echo "# Local configuration for Mutt." > "$pkgdir"/etc/Muttrc.local - } -md5sums="11f5b6a3eeba1afa1257fe93c9f26bff mutt-1.5.23.tar.gz -6df95ec10fa73e3675dcc3b0a6372f50 CVE-2014-9116.patch" -sha256sums="3af0701e57b9e1880ed3a0dee34498a228939e854a16cdccd24e5e502626fd37 mutt-1.5.23.tar.gz -97fd773b5c58c7803c57fcd126c1c81c2c7cbb7b860f217571c6a2a47a5b01c5 CVE-2014-9116.patch" -sha512sums="f1b4a7230253651857f61bd7215cce870a613012f613d4c907d401556083726c8ed7d429d57a8bf858c3b5b23683380d4c1494540d86ca80813e22cb6b95bc1e mutt-1.5.23.tar.gz -14aba18442da7783ec76c17699c0e3e88c4f25a21418d37b48e456f572b0b56f9197aa8d694a8bf23be313252cf76e818bc5e9d3e30f2dfe8bff14eb8f6b01e8 CVE-2014-9116.patch" +md5sums="7f25d27f3c7c82285ac07aac35f5f0f2 mutt-1.5.24.tar.gz" +sha256sums="a292ca765ed7b19db4ac495938a3ef808a16193b7d623d65562bb8feb2b42200 mutt-1.5.24.tar.gz" +sha512sums="f7fe7edf9d1701a8e92761b1f5e6ef2e3a3b513af7898872cbe36a8800714cb76945788a60d2008820c57bc5344a4147e2686f690da42cfc8a912e3a432452b1 mutt-1.5.24.tar.gz" diff --git a/main/mutt/CVE-2014-9116.patch b/main/mutt/CVE-2014-9116.patch deleted file mode 100644 index 86b1b5f..0000000 --- a/main/mutt/CVE-2014-9116.patch @@ -1,45 +0,0 @@ -# HG changeset patch -# User Kevin McCarthy <kevin@8t8.us> -# Date 1417472364 28800 -# Mon Dec 01 14:19:24 2014 -0800 -# Branch stable -# Node ID 0aebf1df43598b442ac75ae4fe17875351854db0 -# Parent 5a86319adad0d17e4acaf8a580bfc9eb247547d0 -Revert write_one_header() to skip space and tab. (closes #3716) - -This patch fixes CVE-2014-9116 in the stable branch. It reverts -write_one_header() to the pre [f251d523ca5a] code for skipping -whitespace. - -Thanks to Antonio Radici and Tomas Hoger for their analysis and patches -to mutt, which this patch is based off of. - -diff --git a/sendlib.c b/sendlib.c ---- a/sendlib.c -+++ b/sendlib.c -@@ -1809,17 +1809,24 @@ - { - tagbuf = NULL; - valbuf = mutt_substrdup (start, end); - } - else - { - tagbuf = mutt_substrdup (start, t); - /* skip over the colon separating the header field name and value */ -- t = skip_email_wsp(t + 1); -+ ++t; -+ -+ /* skip over any leading whitespace (WSP, as defined in RFC5322) -+ * NOTE: skip_email_wsp() does the wrong thing here. -+ * See tickets 3609 and 3716. */ -+ while (*t == ' ' || *t == '\t') -+ t++; -+ - valbuf = mutt_substrdup (t, end); - } - dprint(4,(debugfile,"mwoh: buf[%s%s] too long, " - "max width = %d > %d\n", - NONULL(pfx), valbuf, max, wraplen)); - if (fold_one_header (fp, tagbuf, valbuf, pfx, wraplen, flags) < 0) - return -1; - FREE (&tagbuf); -- 2.5.1 --- Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org Help: alpine-aports+help@lists.alpinelinux.org ---