!62 Fix NULL dereference in crypt gpgme

From: @eaglegai 
Reviewed-by: @wk333 
Signed-off-by: @wk333

CVE-2020-14154-1.patch

@@ -1,188 +0,0 @@
-From bb0e6277a45a5d4c3a30d3b968eeb31d78124e95 Mon Sep 17 00:00:00 2001
-From: Kevin McCarthy <kevin@8t8.us>
-Date: Fri, 5 Jun 2020 15:21:03 -0700
-Subject: [PATCH] Fix GnuTLS tls_verify_peers() checking.
-
-* Change the function to pass the certstatus parameter by reference,
-and indicate success/failure of the function via the return value.  It
-was previously returning the certstatus, but was also returning 0 or
-the *unset* certstatus on error too.  Since a 0 certstatus means
-"success", this meant a gnutls_certificate_verify_peers2() failure
-would be regarded as a valid cert.
-
-* The gnutls_certificate_type_get() inside tls_verify_peers() checks
-the *client* certificate type.  Since it was only called if   gnutls_certificate_verify_peers2() failed, I assume was either a
-mistake, or perhaps an attempt to give a special error message if the
-client cert was OpenPGP.  In either case, the error message was not
-very informative, so just remove the call and special error message.
-
-* Fix GNUTLS_E_NO_CERTIFICATE_FOUND check to be against verify_ret
-instead of certstat.
-
-* Fix gnutls_strerror() call to use verify_ret instead of certstat.
-
-* gnutls_certificate_verify_peers2() already calls and checks gnutls_auth_get_type(), so remove call at the beginning of    tls_check_certificate().
-
-* gnutls_certificate_verify_peers2() also verifies the certificate
-type for the *server* is GNUTLS_CRT_X509.  Add a comment about that.
----
- mutt_ssl_gnutls.c | 100 +++++++++++++++++++++++++++-------------------
- 1 file changed, 60 insertions(+), 40 deletions(-)
-
-diff --git a/mutt_ssl_gnutls.c b/mutt_ssl_gnutls.c
-index 8fc6421..19d47b3 100644
---- a/mutt_ssl_gnutls.c
-+++ b/mutt_ssl_gnutls.c
-@@ -684,6 +684,9 @@ static int tls_check_stored_hostname (const gnutls_datum_t *cert,
-   return 0;
- }
- 
-+/* Returns 0 on success
-+ *        -1 on failure
-+ */
- static int tls_check_preauth (const gnutls_datum_t *certdata,
-                               gnutls_certificate_status_t certstat,
-                               const char *hostname, int chainidx, int* certerr,
-@@ -802,8 +805,8 @@ static int tls_check_preauth (const gnutls_datum_t *certdata,
-   return -1;
- }
- 
--/*
-- * Returns 0 on failure, nonzero on success.
-+/* Returns 1 on success.
-+ *         0 on failure.
-  */
- static int tls_check_one_certificate (const gnutls_datum_t *certdata,
-                                       gnutls_certificate_status_t certstat,
-@@ -1086,44 +1089,57 @@ static int tls_check_one_certificate (const gnutls_datum_t *certdata,
-   mutt_menuDestroy (&menu);
-   gnutls_x509_crt_deinit (cert);
- 
--  return (done == 2);
-+  return (done == 2) ? 1 : 0;
- }
- 
--/* sanity-checking wrapper for gnutls_certificate_verify_peers */
--static gnutls_certificate_status_t tls_verify_peers (gnutls_session_t tlsstate)
-+/* sanity-checking wrapper for gnutls_certificate_verify_peers.
-+ *
-+ * certstat is technically a bitwise-or of gnutls_certificate_status_t
-+ * values.
-+ *
-+ * Returns:
-+ *   - 0 if certstat was set. note: this does not mean success.
-+ *   - nonzero on failure.
-+ */
-+static int tls_verify_peers (gnutls_session_t tlsstate,
-+                             gnutls_certificate_status_t *certstat)
- {
-   int verify_ret;
--  unsigned int status;
- 
--  verify_ret = gnutls_certificate_verify_peers2 (tlsstate, &status);
-+  /* gnutls_certificate_verify_peers2() chains to
-+   * gnutls_x509_trust_list_verify_crt2().  That function's documentation says:
-+   *
-+   *   When a certificate chain of cert_list_size with more than one
-+   *   certificates is provided, the verification status will apply to
-+   *   the first certificate in the chain that failed
-+   *   verification. The verification process starts from the end of
-+   *   the chain (from CA to end certificate). The first certificate
-+   *   in the chain must be the end-certificate while the rest of the
-+   *   members may be sorted or not.
-+   *
-+   * This is why tls_check_certificate() loops from CA to host in that order,
-+   * calling the menu, and recalling tls_verify_peers() for each approved
-+   * cert in the chain.
-+   */
-+  verify_ret = gnutls_certificate_verify_peers2 (tlsstate, certstat);
-+
-+  /* certstat was set */
-   if (!verify_ret)
--    return status;
-+    return 0;
- 
--  if (status == GNUTLS_E_NO_CERTIFICATE_FOUND)
--  {
-+  if (verify_ret == GNUTLS_E_NO_CERTIFICATE_FOUND)
-     mutt_error (_("Unable to get certificate from peer"));
--    mutt_sleep (2);
--    return 0;
--  }
--  if (verify_ret < 0)
--  {
-+  else
-     mutt_error (_("Certificate verification error (%s)"),
--                gnutls_strerror (status));
--    mutt_sleep (2);
--    return 0;
--  }
--
--  /* We only support X.509 certificates (not OpenPGP) at the moment */
--  if (gnutls_certificate_type_get (tlsstate) != GNUTLS_CRT_X509)
--  {
--    mutt_error (_("Certificate is not X.509"));
--    mutt_sleep (2);
--    return 0;
--  }
-+                gnutls_strerror (verify_ret));
- 
--  return status;
-+  mutt_sleep (2);
-+  return verify_ret;
- }
- 
-+/* Returns 1 on success.
-+ *         0 on failure.
-+ */
- static int tls_check_certificate (CONNECTION* conn)
- {
-   tlssockdata *data = conn->sockdata;
-@@ -1133,15 +1149,16 @@ static int tls_check_certificate (CONNECTION* conn)
-   gnutls_certificate_status_t certstat;
-   int certerr, i, preauthrc, savedcert, rc = 0;
-   int rcpeer = -1; /* the result of tls_check_preauth() on the peer's EE cert */
-+  int rcsettrust;
- 
--  if (gnutls_auth_get_type (state) != GNUTLS_CRD_CERTIFICATE)
--  {
--    mutt_error (_("Unable to get certificate from peer"));
--    mutt_sleep (2);
-+  /* tls_verify_peers() calls gnutls_certificate_verify_peers2(),
-+   * which verifies the auth_type is GNUTLS_CRD_CERTIFICATE
-+   * and that get_certificate_type() for the server is GNUTLS_CRT_X509.
-+   * If it returns 0, certstat will be set with failure codes for the first
-+   * cert in the chain (from CA to host) with an error.
-+   */
-+  if (tls_verify_peers (state, &certstat) != 0)
-     return 0;
--  }
--
--  certstat = tls_verify_peers (state);
- 
-   cert_list = gnutls_certificate_get_peers (state, &cert_list_size);
-   if (!cert_list)
-@@ -1184,12 +1201,15 @@ static int tls_check_certificate (CONNECTION* conn)
- 
-     /* add signers to trust set, then reverify */
-     if (i && rc) {
--      rc = gnutls_certificate_set_x509_trust_mem (data->xcred, &cert_list[i],
--                                                  GNUTLS_X509_FMT_DER);
--      if (rc != 1)
--        dprint (1, (debugfile, "error trusting certificate %d: %d\n", i, rc));
-+      rcsettrust = gnutls_certificate_set_x509_trust_mem (data->xcred,
-+		      					  &cert_list[i],
-+							  GNUTLS_X509_FMT_DER);
-+      if (rcsettrust != 1)
-+	dprint (1, (debugfile, "error trusting certificate %d: %d\n", i, rcsettrust));
-+
-+      if (tls_verify_peers (state, &certstat) != 0)
-+	return 0;
- 
--      certstat = tls_verify_peers (state);
-       /* If the cert chain now verifies, and the peer's cert was otherwise
-        * valid (rcpeer==0), we are done.
-        */
--- 
-2.27.0
-

CVE-2020-14154-2.patch

@@ -1,38 +0,0 @@
-From 5fccf603ebcf352ba783136d6b2d2600d811fb3b Mon Sep 17 00:00:00 2001
-From: Kevin McCarthy <kevin@8t8.us>
-Date: Fri, 5 Jun 2020 18:16:31 -0700
-Subject: [PATCH] Abort GnuTLS certificate check if a cert in the chain is
- rejected.
-
-GnuTLS is not checking dates because we disabled that in
-tls_negotiate().
-
-So if we don't do this, rejecting an expired intermediate cert will
-have no effect.  Certstat won't contain an expiration error, and
-tls_check_preauth() will only look at each subsequent cert in the
-chain's dates.
----
- mutt_ssl_gnutls.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/mutt_ssl_gnutls.c b/mutt_ssl_gnutls.c
-index 19d47b3..6f98f50 100644
---- a/mutt_ssl_gnutls.c
-+++ b/mutt_ssl_gnutls.c
-@@ -1199,8 +1199,12 @@ static int tls_check_certificate (CONNECTION* conn)
-     rc = tls_check_one_certificate (&cert_list[i], certstat, conn->account.host,
-                                     i, cert_list_size);
- 
-+    /* Stop checking if the menu cert is aborted or rejected. */
-+    if (!rc)
-+      break;
-+
-     /* add signers to trust set, then reverify */
--    if (i && rc) {
-+    if (i) {
-       rcsettrust = gnutls_certificate_set_x509_trust_mem (data->xcred,
- 		      					  &cert_list[i],
- 							  GNUTLS_X509_FMT_DER);
--- 
-2.27.0
-

CVE-2020-14154-3.patch

@@ -1,67 +0,0 @@
-From f64ec1deefb67d471a642004e102cd1c501a1db3 Mon Sep 17 00:00:00 2001
-From: Kevin McCarthy <kevin@8t8.us>
-Date: Sat, 6 Jun 2020 20:03:56 -0700
-Subject: [PATCH] Fix GnuTLS interactive prompt short-circuiting.
-
-tls_verify_peers() doesn't verify expiration dates.  So aborting early
-because of a 0 certstat and the leaf passing tls_check_preauth() does
-not mean subsequent intermediate certs are okay: they could beexpired.
-
-In the saved-cert preauth loop, instead of just noting the
-tls_check_preauth() rc for the leaf, note the highest cert that passes
-preauth.
-
-Then, in the interactive loop (which goes in the opposite order, from
-CA to leaf) check that value instead.  Since we are trusting certs one
-by one, anything that passed in the previous loop will certainly pass
-the preauth check at the beginning of tls_check_one_certificate().
----
- mutt_ssl_gnutls.c | 17 ++++++-----------
- 1 file changed, 6 insertions(+), 11 deletions(-)
-
-diff --git a/mutt_ssl_gnutls.c b/mutt_ssl_gnutls.c
-index 6f98f50..09d628a 100644
---- a/mutt_ssl_gnutls.c
-+++ b/mutt_ssl_gnutls.c
-@@ -1148,7 +1148,7 @@ static int tls_check_certificate (CONNECTION* conn)
-   unsigned int cert_list_size = 0;
-   gnutls_certificate_status_t certstat;
-   int certerr, i, preauthrc, savedcert, rc = 0;
--  int rcpeer = -1; /* the result of tls_check_preauth() on the peer's EE cert */
-+  int max_preauth_pass = -1;
-   int rcsettrust;
- 
-   /* tls_verify_peers() calls gnutls_certificate_verify_peers2(),
-@@ -1176,13 +1176,8 @@ static int tls_check_certificate (CONNECTION* conn)
-     rc = tls_check_preauth(&cert_list[i], certstat, conn->account.host, i,
-                            &certerr, &savedcert);
-     preauthrc += rc;
--    if (i == 0)
--    {
--      /* This is the peer's end-entity X.509 certificate.  Stash the result
--       * to check later in this function.
--       */
--      rcpeer = rc;
--    }
-+    if (!preauthrc)
-+      max_preauth_pass = i;
- 
-     if (savedcert)
-     {
-@@ -1214,10 +1209,10 @@ static int tls_check_certificate (CONNECTION* conn)
-       if (tls_verify_peers (state, &certstat) != 0)
- 	return 0;
- 
--      /* If the cert chain now verifies, and the peer's cert was otherwise
--       * valid (rcpeer==0), we are done.
-+      /* If the cert chain now verifies, and all lower certs already
-+       * passed preauth, we are done.
-        */
--      if (!certstat && !rcpeer)
-+      if (!certstat && (max_preauth_pass >= i - 1))
-         return 1;
-     }
-   }
--- 
-2.27.0
-

CVE-2020-28896.patch

@@ -1,27 +0,0 @@
-From 7a0bd4a7535eba5a6c7893803091a7d6e07cc15d Mon Sep 17 00:00:00 2001
-From: Kevin McCarthy <kevin@8t8.us>
-Date: Thu, 7 Jan 2021 10:43:55 +0800
-Subject: [PATCH] Ensure IMAP connection is closed after a connection error.
-
----
- imap/imap.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/imap/imap.c b/imap/imap.c
-index 0c3b79d..5256035 100644
---- a/imap/imap.c
-+++ b/imap/imap.c
-@@ -508,9 +508,9 @@ int imap_open_connection (IMAP_DATA* idata)
- 
- #if defined(USE_SSL)
-  err_close_conn:
--  imap_close_connection (idata);
- #endif
-  bail:
-+  imap_close_connection (idata);
-   FREE (&idata->capstr);
-   return -1;
- }
--- 
-2.23.0
-

CVE-2021-3181.patch

@@ -1,39 +0,0 @@
-From 4a2becbdb4422aaffe3ce314991b9d670b7adf17 Mon Sep 17 00:00:00 2001
-From: Kevin McCarthy <kevin@8t8.us>
-Date: Sun, 17 Jan 2021 10:40:37 -0800
-Subject: [PATCH] Fix memory leak parsing group addresses without a display
- name.
-
-When there was a group address terminator with no previous
-addresses (including the group display-name), an address would be
-allocated but not attached to the address list.
-
-Change this to only allocate when last exists.
-
-It would be more correct to not allocate at all unless we are inside a
-group list, but I will address that in a separate commit to master.
----
- rfc822.c | 5 ++---
- 1 file changed, 2 insertions(+), 3 deletions(-)
-
-diff --git a/rfc822.c b/rfc822.c
-index 7ff4eaa3..ced619f2 100644
---- a/rfc822.c
-+++ b/rfc822.c
-@@ -587,11 +587,10 @@ ADDRESS *rfc822_parse_adrlist (ADDRESS *top, const char *s)
- #endif
- 
-       /* add group terminator */
--      cur = rfc822_new_address ();
-       if (last)
-       {
--	last->next = cur;
--	last = cur;
-+	last->next = rfc822_new_address ();
-+	last = last->next;
-       }
- 
-       phraselen = 0;
--- 
-GitLab
-

backport-CVE-2020-14093-1.patch

@@ -1,53 +0,0 @@
-From 3e88866dc60b5fa6aaba6fd7c1710c12c1c3cd01 Mon Sep 17 00:00:00 2001
-From: Kevin McCarthy <kevin@8t8.us>
-Date: Sun, 14 Jun 2020 11:30:00 -0700
-Subject: [PATCH] Prevent possible IMAP MITM via PREAUTH response.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This is similar to CVE-2014-2567 and CVE-2020-12398.  STARTTLS is not
-allowed in the Authenticated state, so previously Mutt would
-implicitly mark the connection as authenticated and skip any
-encryption checking/enabling.
-
-No credentials are exposed, but it does allow messages to be sent to
-an attacker, via postpone or fcc'ing for instance.
-
-Reuse the $ssl_starttls quadoption "in reverse" to prompt to abort the
-connection if it is unencrypted.
-
-Thanks very much to Damian Poddebniak and Fabian Ising from the
-Münster University of Applied Sciences for reporting this issue, and
-their help in testing the fix.
----
- imap/imap.c | 16 ++++++++++++++++
- 1 file changed, 16 insertions(+)
-
-diff --git a/imap/imap.c b/imap/imap.c
-index 63362176..3ca10df4 100644
---- a/imap/imap.c
-+++ b/imap/imap.c
-@@ -493,6 +493,22 @@ int imap_open_connection (IMAP_DATA* idata)
-   }
-   else if (ascii_strncasecmp ("* PREAUTH", idata->buf, 9) == 0)
-   {
-+#if defined(USE_SSL)
-+    /* An unencrypted PREAUTH response is most likely a MITM attack.
-+     * Require a confirmation. */
-+    if (!idata->conn->ssf)
-+    {
-+      if (option(OPTSSLFORCETLS) ||
-+          (query_quadoption (OPT_SSLSTARTTLS,
-+                             _("Abort unencrypted PREAUTH connection?")) != MUTT_NO))
-+      {
-+        mutt_error _("Encrypted connection unavailable");
-+        mutt_sleep (1);
-+        goto err_close_conn;
-+      }
-+    }
-+#endif
-+
-     idata->state = IMAP_AUTHENTICATED;
-     if (imap_check_capabilities (idata) != 0)
-       goto bail;

backport-CVE-2020-14093-2.patch

@@ -1,28 +0,0 @@
-From bfb4ba6e6e742d3ca1a23697228fdddc957819a6 Mon Sep 17 00:00:00 2001
-From: Kevin McCarthy <kevin@8t8.us>
-Date: Sat, 20 Jun 2020 06:35:35 -0700
-Subject: [PATCH] Don't check IMAP PREAUTH encryption if $tunnel is in use.
-
-$tunnel is used to create an external encrypted connection.  The default of $ssl_starttls is yes, meaning those kinds of connections will be broken by the CVE-2020-14093 fix.
----
- imap/imap.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/imap/imap.c b/imap/imap.c
-index 17d1411..a41ed46 100644
---- a/imap/imap.c
-+++ b/imap/imap.c
-@@ -495,8 +495,8 @@ int imap_open_connection (IMAP_DATA* idata)
-   {
- #if defined(USE_SSL)
-     /* An unencrypted PREAUTH response is most likely a MITM attack.
--     * Require a confirmation. */
--    if (!idata->conn->ssf)
-+     * Require a confirmation unless using $tunnel. */
-+    if (!idata->conn->ssf && !Tunnel)
-     {
-       if (option(OPTSSLFORCETLS) ||
-           (query_quadoption (OPT_SSLSTARTTLS,
--- 
-2.23.0
-

backport-crypt-gpgme-Fix-NULL-dereference.patch

@@ -0,0 +1,25 @@
+From 0af8a6fcdbe8550bababd51c4da1772c75f77912 Mon Sep 17 00:00:00 2001
+From: Alejandro Colomar <alx@kernel.org>
+Date: Fri, 19 Apr 2024 22:30:54 +0200
+Subject: [PATCH] crypt-gpgme.c: Fix NULL dereference
+
+Fixes: 1afaa74a19ee ("gpgme integration.  See documentation for $crypt_use_gpgme, and http://www.gnupg.org/aegypten2/.")
+---
+ crypt-gpgme.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/crypt-gpgme.c b/crypt-gpgme.c
+index fdf44af4..5313d6f2 100644
+--- a/crypt-gpgme.c
++++ b/crypt-gpgme.c
+@@ -2013,7 +2013,7 @@ restart:
+ 	  gpgme_decrypt_result_t result;
+ 
+ 	  result = gpgme_op_decrypt_result (ctx);
+-	  if (!result->unsupported_algorithm)
++	  if (result && !result->unsupported_algorithm)
+             {
+               maybe_signed = 1;
+               gpgme_data_release (plaintext);
+-- 
+GitLab

mutt-1.10.0-muttrc.patch

@@ -1,7 +1,7 @@
 diff -ur mutt-1.8.0.orig/doc/Muttrc.head mutt-1.8.0/doc/Muttrc.head
 --- mutt-1.8.0.orig/doc/Muttrc.head	2017-02-25 15:28:22.120997474 +0000
 +++ mutt-1.8.0/doc/Muttrc.head	2017-02-25 15:30:10.643079681 +0000
-@@ -24,12 +24,16 @@
+@@ -24,13 +24,17 @@
  
  # Show documentation when pressing F1
  macro generic,pager <F1> "<shell-escape> less @docdir@/manual.txt<Enter>" "show Mutt documentation"
@@ -9,8 +9,9 @@ diff -ur mutt-1.8.0.orig/doc/Muttrc.head mutt-1.8.0/doc/Muttrc.head
 +macro generic,pager <F2> "<shell-escape> less @docdir@/manual.txt<Enter>" "show Mutt documentation"
  
  # show the incoming mailboxes list (just like "mutt -y") and back when pressing "y"
- macro index y "<change-folder>?<toggle-mailboxes>" "show incoming mailboxes list"
- macro pager y "<exit><change-folder>?<toggle-mailboxes>" "show incoming mailboxes list"
+ # note: these macros have been subsumed by the <browse-mailboxes> function.
+ # macro index y "<change-folder>?<toggle-mailboxes>" "show incoming mailboxes list"
+ # macro pager y "<exit><change-folder>?<toggle-mailboxes>" "show incoming mailboxes list"
  bind browser y exit
  
 +bind editor <delete> delete-char

mutt-1.12.1-optusegpgagent.patch

@@ -0,0 +1,12 @@
+diff -up mutt-1.12.1/init.h.optusegpgagent mutt-1.12.1/init.h
+--- mutt-1.12.1/init.h.optusegpgagent	2019-08-29 09:29:38.868810511 +0200
++++ mutt-1.12.1/init.h	2019-08-29 09:30:29.899395370 +0200
+@@ -2444,7 +2444,7 @@ struct option_t MuttVars[] = {
+   ** not used.
+   ** (PGP only)
+   */
+-  { "pgp_use_gpg_agent", DT_BOOL, R_NONE, {.l=OPTUSEGPGAGENT}, {.l=1} },
++  { "pgp_use_gpg_agent", DT_BOOL, R_NONE, {.l=OPTUSEGPGAGENT}, {.l=0} },
+   /*
+   ** .pp
+   ** If \fIset\fP, mutt expects a \fCgpg-agent(1)\fP process will handle

mutt-1.5.23-system_certs.patch

@@ -4,9 +4,9 @@ diff -rup mutt-17a4f92e4a95-orig/init.h mutt-17a4f92e4a95-new/init.h
 @@ -2989,7 +2989,7 @@ struct option_t MuttVars[] = {
    */
  #if defined(USE_SSL)
- #ifdef USE_SSL_GNUTLS
--  { "ssl_ca_certificates_file", DT_PATH, R_NONE, UL &SslCACertFile, 0 },
-+  { "ssl_ca_certificates_file", DT_PATH, R_NONE, UL &SslCACertFile, "/etc/ssl/certs/ca-bundle.crt" },
+ # ifdef USE_SSL_GNUTLS
+-  { "ssl_ca_certificates_file", DT_PATH, R_NONE, {.p=&SslCACertFile}, {.p=0} },
++  { "ssl_ca_certificates_file", DT_PATH, R_NONE, {.p=&SslCACertFile}, {.p="/etc/ssl/certs/ca-bundle.crt"} },
    /*
    ** .pp
    ** This variable specifies a file containing trusted CA certificates.

mutt-1.8.0-cabundle.patch

@@ -1,15 +1,15 @@
 diff -ur mutt-1.8.0.orig/contrib/Makefile.am mutt-1.8.0/contrib/Makefile.am
 --- mutt-1.8.0.orig/contrib/Makefile.am	2017-02-25 15:28:22.124997366 +0000
 +++ mutt-1.8.0/contrib/Makefile.am	2017-02-25 15:48:10.834036861 +0000
-@@ -5,7 +5,7 @@
- SAMPLES = Mush.rc Pine.rc gpg.rc pgp2.rc pgp5.rc pgp6.rc Tin.rc \
+@@ -6,7 +6,7 @@
  	sample.mailcap sample.muttrc sample.muttrc-sidebar sample.muttrc-tlr \
- 	sample.muttrc-compress sample.vimrc-sidebar colors.default colors.linux smime.rc \
--	ca-bundle.crt smime_keys_test.pl mutt_xtitle
-+	smime_keys_test.pl mutt_xtitle
+ 	sample.muttrc-compress sample.muttrc-starter \
+ 	sample.vimrc-sidebar colors.default colors.linux smime.rc \
+-	ca-bundle.crt smime_keys_test.pl mutt_xtitle markdown2html \
++	smime_keys_test.pl mutt_xtitle markdown2html \
+ 	bgedit-detectgui.sh bgedit-screen-tmux.sh \
+ 	mutt_oauth2.py mutt_oauth2.py.README
  
- EXTRA_DIST = language.txt language50.txt  \
- 	patch.slang-1.2.2.keypad.1	\
 diff -ur mutt-1.8.0.orig/doc/smime-notes.txt mutt-1.8.0/doc/smime-notes.txt
 --- mutt-1.8.0.orig/doc/smime-notes.txt	2017-02-25 15:28:22.119997501 +0000
 +++ mutt-1.8.0/doc/smime-notes.txt	2017-02-25 16:06:38.986242390 +0000

mutt-1.9.0-ssl_ciphers.patch

@@ -5,28 +5,28 @@ diff -ur mutt-1.9.0.orig/init.h mutt-1.9.0/init.h
    */
  #  endif /* defined HAVE_SSL_PARTIAL_CHAIN */
  # endif /* defined USE_SSL_OPENSSL */
--  { "ssl_ciphers", DT_STR, R_NONE, UL &SslCiphers, UL 0 },
-+  { "ssl_ciphers", DT_STR, R_NONE, UL &SslCiphers, UL "@SYSTEM" },
+-  { "ssl_ciphers", DT_STR, R_NONE, {.p=&SslCiphers}, {.p=0} },
++  { "ssl_ciphers", DT_STR, R_NONE, {.p=&SslCiphers}, {.p="@SYSTEM"} },
    /*
    ** .pp
-   ** Contains a colon-seperated list of ciphers to use when using SSL.
+   ** Contains a colon-separated list of ciphers to use when using SSL.
 diff -ur mutt-1.9.0.orig/mutt_ssl_gnutls.c mutt-1.9.0/mutt_ssl_gnutls.c
 --- mutt-1.9.0.orig/mutt_ssl_gnutls.c	2017-09-04 16:48:21.403528134 +0200
 +++ mutt-1.9.0/mutt_ssl_gnutls.c	2017-09-04 16:51:16.081679141 +0200
 @@ -286,6 +286,8 @@
    else
-     safe_strcat (priority, priority_size, "NORMAL");
+     mutt_buffer_strcpy (priority, "NORMAL");
  
 +if (SslCiphers && strcmp(SslCiphers, "@SYSTEM"))
 +{
-   if (! option(OPTTLSV1_2))
+   if (!option (OPTTLSV1_3))
    {
      nproto--;
 @@ -313,6 +315,7 @@
-     FREE (&priority);
-     return -1;
+     mutt_error (_("All available protocols for TLS/SSL connection disabled"));
+     goto cleanup;
    }
 +}
  
-   if ((err = gnutls_priority_set_direct (data->state, priority, NULL)) < 0)
+   if ((err = gnutls_priority_set_direct (data->state, mutt_b2s (priority), NULL)) < 0)
    {

mutt-1.9.4-lynx_no_backscapes.patch

@@ -5,8 +5,8 @@ diff -up mutt-1.9.1/doc/Makefile.am.lynx_no_backscapes mutt-1.9.1/doc/Makefile.a
  
  check:
  manual.txt: manual.html
--	-LC_ALL=C lynx -dump -nolist -with_backspaces -display_charset=us-ascii manual.html > $@ || \
-+	-LC_ALL=C lynx -dump -nolist -display_charset=us-ascii manual.html > $@ || \
- 	LC_ALL=C w3m -dump manual.html > $@ || \
+-	-LC_ALL=C lynx -localhost -dump -nolist -nonumbers -with_backspaces -display_charset=us-ascii manual.html > $@ || \
++	-LC_ALL=C lynx -localhost -dump -nolist -display_charset=us-ascii manual.html > $@ || \
+ 	LC_ALL=C w3m -T text/html -I utf-8 -O utf-8 -dump < manual.html > $@ || \
  	LC_ALL=C elinks -dump -no-numbering -no-references manual.html | sed -e 's,\\001, ,g' > $@
  

mutt.spec

@@ -1,33 +1,28 @@
 Name:           mutt
-Version:        1.10.1
-Release:        7
+Version:        2.2.12
+Release:        2
 Epoch:          5
 Summary:        Text-based mail client
 License:        GPLv2+ and Public Domain
 URL:            http://www.mutt.org
-Source:         ftp://ftp.mutt.org/pub/%{name}/%{name}-%{version}.tar.gz
+Source0:        http://ftp.mutt.org/pub/%{name}/%{name}-%{version}.tar.gz
 Source1:        mutt_ldap_query
 
-Patch10:        mutt-1.9.4-lynx_no_backscapes.patch
-Patch12:        mutt-1.9.5-nodotlock.patch
-Patch1:         mutt-1.10.0-muttrc.patch
-Patch2:         mutt-1.8.0-cabundle.patch
-Patch3:         mutt-1.7.0-syncdebug.patch
-Patch8:         mutt-1.5.23-system_certs.patch
-Patch9:         mutt-1.9.0-ssl_ciphers.patch
-Patch13:        CVE-2020-28896.patch
-Patch14:        CVE-2021-3181.patch
-Patch15:        backport-CVE-2020-14093-1.patch
-Patch16:        backport-CVE-2020-14093-2.patch
-Patch17:        CVE-2020-14154-1.patch
-Patch18:        CVE-2020-14154-2.patch
-Patch19:        CVE-2020-14154-3.patch
+Patch1:         mutt-1.5.23-system_certs.patch
+Patch2:         mutt-1.7.0-syncdebug.patch
+Patch3:         mutt-1.8.0-cabundle.patch
+Patch4:         mutt-1.9.0-ssl_ciphers.patch
+Patch5:         mutt-1.9.4-lynx_no_backscapes.patch
+Patch6:         mutt-1.9.5-nodotlock.patch
+Patch7:         mutt-1.10.0-muttrc.patch
+Patch8:         mutt-1.12.1-optusegpgagent.patch
+Patch9:         backport-crypt-gpgme-Fix-NULL-dereference.patch
 
 BuildRequires:  gcc ncurses-devel gettext automake /usr/bin/xsltproc
 BuildRequires:  lynx docbook-style-xsl perl-interpreter perl-generators
-BuildRequires:  tokyocabinet-devel gnutls-devel cyrus-sasl-devel
+BuildRequires:  gdbm-devel gnutls-devel cyrus-sasl-devel
 BuildRequires:  krb5-devel libidn2-devel gpgme-devel
-Requires:       mailcap urlview
+Requires:       mailcap
 
 %description
 Mutt is a small but very powerful text-based mail client for Unix operating systems.
@@ -59,7 +54,7 @@ rm -f mutt_ssl.c
     --enable-imap \
     --enable-smtp \
     --enable-hcache \
-    --without-gdbm \
+    --without-tokyocabinet \
     --without-qdbm \
     --with-gnutls \
     --with-sasl \
@@ -90,6 +85,8 @@ EOF
 echo "# Local configuration for Mutt." > \
       %{buildroot}%{_sysconfdir}/Muttrc.local
 
+rm %{buildroot}%{_infodir}/dir
+
 ln -sf ./muttrc.5 %{buildroot}%{_mandir}/man5/muttrc.local.5
 
 %find_lang %{name}
@@ -103,7 +100,7 @@ ln -sf ./muttrc.5 %{buildroot}%{_mandir}/man5/muttrc.local.5
 %config(noreplace) %{_sysconfdir}/Muttrc
 %config(noreplace) %{_sysconfdir}/Muttrc.local
 %{_bindir}/mutt
-%{_bindir}/pgpring
+%{_bindir}/mutt_pgpring
 %{_bindir}/pgpewrap
 %{_bindir}/smime_keys
 %exclude %{_sysconfdir}/*.dist
@@ -121,15 +118,34 @@ ln -sf ./muttrc.5 %{buildroot}%{_mandir}/man5/muttrc.local.5
 %files help
 %{_mandir}/man1/mutt.*
 %{_mandir}/man1/smime_keys.*
-%{_mandir}/man1/pgpring.*
+%{_mandir}/man1/mutt_pgpring.*
 %{_mandir}/man1/pgpewrap.*
 %{_mandir}/man5/muttrc.*
+%{_infodir}/mutt.info.*
 
 %changelog
-- Fri Oct 15 2021 yaoxin<yaoxin30@huawei.com> - 1.10.1-7
+* Wed Jul 31 2024 gaihuiying <eaglegai@163.com> - 5:2.2.12-2
+- Fix NULL dereference in crypt gpgme
+
+* Thu Sep 14 2023 yaoxin <yao_xin001@hoperun.com> - 5:2.2.12-1
+- Update to 2.2.12 for fix CVE-2023-4874 and CVE-2023-4875
+
+* Wed May 10 2023 liyanan <thistleslyn@163.com> - 5:2.2.10-1
+- Update package to version 2.2.10
+
+* Sun Apr 24 2022 yaoxin <yaoxin30@h-partners.com> - 2.1.3-2
+- Fix CVE-2022-1328
+
+* Tue Dec 28 2021 gaihuiying1<gaihuiying@huawei.com> - 2.1.3-1
+- Type:requirement
+- Id:NA
+- SUG:NA
+- DESC:update mutt to 2.1.3
+
+* Fri Oct 15 2021 yaoxin<yaoxin30@huawei.com> - 1.10.1-7
 - fix CVE-2020-14154
 
-- Tue Jul 27 2021 wangyue<wangyue92@huawei.com> - 1.10.1-6
+* Tue Jul 27 2021 wangyue<wangyue92@huawei.com> - 1.10.1-6
 - fix CVE-2020-14093
 
 * Fri Jul 23 2021 yaoxin<yaoxin30@huawei.com> - 1.10.1-5