Patch mutt CVE-2021-32055 (#4303)

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>

SPECS-EXTENDED/mutt/CVE-2021-32055.patch

@@ -0,0 +1,36 @@
+From 7c4779ac24d2fb68a2a47b58c7904118f40965d5 Mon Sep 17 00:00:00 2001
+From: Kevin McCarthy <kevin@8t8.us>
+Date: Mon, 3 May 2021 13:11:30 -0700
+Subject: [PATCH] Fix seqset iterator when it ends in a comma.
+
+If the seqset ended with a comma, the substr_end marker would be just
+before the trailing nul.  In the next call, the loop to skip the
+marker would iterate right past the end of string too.
+
+The fix is simple: place the substr_end marker and skip past it
+immediately.
+---
+ imap/util.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/imap/util.c b/imap/util.c
+index c529fd8f..488e8396 100644
+--- a/imap/util.c
++++ b/imap/util.c
+@@ -1036,13 +1036,11 @@ int mutt_seqset_iterator_next (SEQSET_ITERATOR *iter, unsigned int *next)
+     if (iter->substr_cur == iter->eostr)
+       return 1;
+ 
+-    while (!*(iter->substr_cur))
+-      iter->substr_cur++;
+     iter->substr_end = strchr (iter->substr_cur, ',');
+     if (!iter->substr_end)
+       iter->substr_end = iter->eostr;
+     else
+-      *(iter->substr_end) = '\0';
++      *(iter->substr_end++) = '\0';
+ 
+     range_sep = strchr (iter->substr_cur, ':');
+     if (range_sep)
+-- 
+GitLab

SPECS-EXTENDED/mutt/mutt.spec

@@ -22,7 +22,7 @@ Distribution:   Mariner
 Summary: A text mode mail user agent
 Name: mutt
 Version: 2.0.5
-Release: 3%{?dist}
+Release: 4%{?dist}
 # The entire source code is GPLv2+ except
 # pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain
 License: GPLv2+ and Public Domain
@@ -39,7 +39,8 @@ Patch9: mutt-1.9.0-ssl_ciphers.patch
 Patch10: mutt-1.9.4-lynx_no_backscapes.patch
 Patch12: mutt-1.9.5-nodotlock.patch
 Patch13: mutt-1.12.1-optusegpgagent.patch
-Patch14:mutt_disable_ssl_enforce.patch
+Patch14: mutt_disable_ssl_enforce.patch
+Patch15: CVE-2021-32055.patch
 
 Url: http://www.mutt.org
 Requires: mailcap, urlview
@@ -97,6 +98,7 @@ autoreconf --install
 %patch9 -p1 -b .ssl_ciphers
 %patch13 -p1 -b .optusegpgagent
 %patch14 -p1
+%patch15 -p1
 
 sed -i -r 's/`$GPGME_CONFIG --libs`/"\0 -lgpg-error"/' configure
 
@@ -215,7 +217,11 @@ ln -sf ./muttrc.5 %{buildroot}%{_mandir}/man5/muttrc.local.5
 
 
 %changelog
-* Fri Oct 29 2021 Muhammad Falak <mwani@microsft.com> - 2.0.5-3
+* Tue Nov 29 2022 Muhammad Falak <mwani@microsoft.com> - 2.0.5-4
+- Patch CVE-2021-32055
+- License verified
+
+* Fri Oct 29 2021 Muhammad Falak <mwani@microsoft.com> - 2.0.5-3
 - Remove epoch
 
 * Thu Jul 8 2021 Muhammad Falak R Wani <mwani@microsoft.com> -5:2.0.5-2