summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/mail.scm7
-rw-r--r--gnu/packages/patches/mutt-CVE-2021-3181.patch45
3 files changed, 3 insertions, 50 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 0553c12f28..c631e449d1 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1385,7 +1385,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/mupen64plus-video-z64-glew-correct-path.patch    \
   %D%/packages/patches/musl-cross-locale.patch			\
   %D%/packages/patches/mutt-store-references.patch		\
-  %D%/packages/patches/mutt-CVE-2021-3181.patch			\
   %D%/packages/patches/m4-gnulib-libio.patch			\
   %D%/packages/patches/ncompress-fix-softlinks.patch		\
   %D%/packages/patches/netcdf-date-time.patch			\
diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm
index ab3a19578e..b3927bbafe 100644
--- a/gnu/packages/mail.scm
+++ b/gnu/packages/mail.scm
@@ -445,7 +445,7 @@ aliasing facilities to work just as they would on normal mail.")
 (define-public mutt
   (package
     (name "mutt")
-    (version "2.0.4")
+    (version "2.0.5")
     (source (origin
              (method url-fetch)
              (uri (list
@@ -455,9 +455,8 @@ aliasing facilities to work just as they would on normal mail.")
                                    version ".tar.gz")))
              (sha256
               (base32
-               "1m4ig69qw4g3lhm4351snmy5i0ch65fqc9vqqdybr6jy21w7w225"))
-             (patches (search-patches "mutt-store-references.patch"
-                                      "mutt-CVE-2021-3181.patch"))))
+               "0k80s27sf7djb7zxj81ihksr8jkr71mfaa8976fzh41i1pn5l7g2"))
+             (patches (search-patches "mutt-store-references.patch"))))
     (build-system gnu-build-system)
     (inputs
      `(("cyrus-sasl" ,cyrus-sasl)
diff --git a/gnu/packages/patches/mutt-CVE-2021-3181.patch b/gnu/packages/patches/mutt-CVE-2021-3181.patch
deleted file mode 100644
index df5214b052..0000000000
--- a/gnu/packages/patches/mutt-CVE-2021-3181.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-Fix CVE-2021-3181:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3181
-
-Patch copied from upstream source repository:
-
-https://gitlab.com/muttmua/mutt/-/commit/c059e20ea4c7cb3ee9ffd3500ffe313ae84b2545
-
-From c059e20ea4c7cb3ee9ffd3500ffe313ae84b2545 Mon Sep 17 00:00:00 2001
-From: Kevin McCarthy <kevin@8t8.us>
-Date: Sun, 17 Jan 2021 10:40:37 -0800
-Subject: [PATCH] Fix memory leak parsing group address.
-
-When there was a group address terminator with no previous addresses,
-an address would be allocated but not attached to the address list.
-
-Change this to only allocate when last exists.
-
-It would be more correct to not allocate at all unless we are inside a
-group list, but I will address that in a separate commit to master.
----
- rfc822.c | 5 ++---
- 1 file changed, 2 insertions(+), 3 deletions(-)
-
-diff --git a/rfc822.c b/rfc822.c
-index 7ff4eaa3..ced619f2 100644
---- a/rfc822.c
-+++ b/rfc822.c
-@@ -587,11 +587,10 @@ ADDRESS *rfc822_parse_adrlist (ADDRESS *top, const char *s)
- #endif
- 
-       /* add group terminator */
--      cur = rfc822_new_address ();
-       if (last)
-       {
--	last->next = cur;
--	last = cur;
-+	last->next = rfc822_new_address ();
-+	last = last->next;
-       }
- 
-       phraselen = 0;
--- 
-GitLab
-