update to 2.2.10

CVE-2022-1328.patch

@@ -1,40 +0,0 @@
-From e5ed080c00e59701ca62ef9b2a6d2612ebf765a5 Mon Sep 17 00:00:00 2001
-From: Kevin McCarthy <kevin@8t8.us>
-Date: Tue, 5 Apr 2022 11:05:52 -0700
-Subject: [PATCH] Fix uudecode buffer overflow.
-
-mutt_decode_uuencoded() used each line's initial "length character"
-without any validation.  It would happily read past the end of the
-input line, and with a suitable value even past the length of the
-input buffer.
-
-As I noted in ticket 404, there are several other changes that could
-be added to make the parser more robust.  However, to avoid
-accidentally introducing another bug or regression, I'm restricting
-this patch to simply addressing the overflow.
-
-Thanks to Tavis Ormandy for reporting the issue, along with a sample
-message demonstrating the problem.
----
- handler.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/handler.c b/handler.c
-index d1b4bc73..c97cf0cb 100644
---- a/handler.c
-+++ b/handler.c
-@@ -404,9 +404,9 @@ static void mutt_decode_uuencoded (STATE *s, LOFF_T len, int istext, iconv_t cd)
-     pt = tmps;
-     linelen = decode_byte (*pt);
-     pt++;
--    for (c = 0; c < linelen;)
-+    for (c = 0; c < linelen && *pt;)
-     {
--      for (l = 2; l <= 6; l += 2)
-+      for (l = 2; l <= 6 && *pt && *(pt + 1); l += 2)
-       {
- 	out = decode_byte (*pt) << l;
- 	pt++;
--- 
-GitLab
-

mutt-1.12.1-optusegpgagent.patch

@@ -1,13 +1,12 @@
-diff --git a/init.h b/init.h
-index acc7d8b..14d417c 100644
---- a/init.h
-+++ b/init.h
+diff -up mutt-1.12.1/init.h.optusegpgagent mutt-1.12.1/init.h
+--- mutt-1.12.1/init.h.optusegpgagent	2019-08-29 09:29:38.868810511 +0200
++++ mutt-1.12.1/init.h	2019-08-29 09:30:29.899395370 +0200
 @@ -2444,7 +2444,7 @@ struct option_t MuttVars[] = {
-   ** subprocess failed.
+   ** not used.
    ** (PGP only)
    */
--  { "pgp_check_gpg_decrypt_status_fd", DT_BOOL, R_NONE, {.l=OPTPGPCHECKGPGDECRYPTSTATUSFD}, {.l=1} },
-+  { "pgp_check_gpg_decrypt_status_fd", DT_BOOL, R_NONE, {.l=OPTPGPCHECKGPGDECRYPTSTATUSFD}, {.l=0} },
+-  { "pgp_use_gpg_agent", DT_BOOL, R_NONE, {.l=OPTUSEGPGAGENT}, {.l=1} },
++  { "pgp_use_gpg_agent", DT_BOOL, R_NONE, {.l=OPTUSEGPGAGENT}, {.l=0} },
    /*
    ** .pp
-   ** If \fIset\fP, mutt will check the status file descriptor output
+   ** If \fIset\fP, mutt expects a \fCgpg-agent(1)\fP process will handle

mutt-1.8.0-cabundle.patch

@@ -26,4 +26,3 @@ diff -ur mutt-1.8.0.orig/doc/smime-notes.txt mutt-1.8.0/doc/smime-notes.txt
    signed by one of them. You can use "smime_keys add_root" to do so, or
    just copy ca-bundle.crt into the place you point mutt's smime_ca_location
    variable to.
-

mutt.spec

@@ -1,6 +1,6 @@
 Name:           mutt
-Version:        2.1.3
-Release:        2
+Version:        2.2.10
+Release:        1
 Epoch:          5
 Summary:        Text-based mail client
 License:        GPLv2+ and Public Domain
@@ -16,8 +16,6 @@ Patch5:         mutt-1.9.4-lynx_no_backscapes.patch
 Patch6:         mutt-1.9.5-nodotlock.patch
 Patch7:         mutt-1.10.0-muttrc.patch
 Patch8:         mutt-1.12.1-optusegpgagent.patch
-#https://gitlab.com/muttmua/mutt/-/commit/e5ed080c00e59701ca62ef9b2a6d2612ebf765a5.patch
-Patch9:         CVE-2022-1328.patch
 
 BuildRequires:  gcc ncurses-devel gettext automake /usr/bin/xsltproc
 BuildRequires:  lynx docbook-style-xsl perl-interpreter perl-generators
@@ -125,6 +123,9 @@ ln -sf ./muttrc.5 %{buildroot}%{_mandir}/man5/muttrc.local.5
 %{_infodir}/mutt.info.*
 
 %changelog
+* Wed May 10 2023 liyanan <thistleslyn@163.com> - 5:2.2.10-1
+- Update package to version 2.2.10
+
 * Sun Apr 24 2022 yaoxin <yaoxin30@h-partners.com> - 2.1.3-2
 - Fix CVE-2022-1328