[claws-mail] 3.8.1-3

[Andreas Bierfert]

commit 2ba4518c6441a9373b70e17881412d36293ac493
Author: Andreas Bierfert <andreas.bierfert at lowlatency.de>
Date:   Mon Oct 22 23:43:22 2012 +0200

    3.8.1-3
    
    - fix null-ptr crash (rhbz#862578, CVE-2012-4507)

 claws-mail-procmime.patch |   11 +++++++++++
 claws-mail.spec           |   10 +++++++++-
 2 files changed, 20 insertions(+), 1 deletions(-)
---
diff --git a/claws-mail-procmime.patch b/claws-mail-procmime.patch
new file mode 100644
index 0000000..2e61251
--- /dev/null
+++ b/claws-mail-procmime.patch
@@ -0,0 +1,11 @@
+--- claws-mail-3.8.1-orig/src/procmime.c	2012-06-27 11:05:22.000000000 +0200
++++ claws-mail-3.8.1-orig/src/procmime.c	2012-10-03 18:00:09.438577924 +0200
+@@ -1753,6 +1753,8 @@ 
+ 			continue;
+ 
+ 		charset = value;
++        if (charset == NULL)
++            continue;
+ 		lang = strchr(charset, '\'');
+ 		if (lang == NULL)
+ 			continue;
diff --git a/claws-mail.spec b/claws-mail.spec
index 6693868..e968764 100644
--- a/claws-mail.spec
+++ b/claws-mail.spec
@@ -2,13 +2,15 @@
 
 Name:           claws-mail
 Version:        3.8.1
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        Email client and news reader based on GTK+
 Group:          Applications/Internet
 License:        GPLv3+
 URL:            http://claws-mail.org
 Source0:        http://downloads.sourceforge.net/sylpheed-claws/%{name}-%{version}.tar.bz2
 
+Patch0:         claws-mail-procmime.patch
+
 BuildRequires:  flex, bison
 BuildRequires:  glib2-devel >= 2.6.2
 BuildRequires:  gtk2-devel >= 2.10.0
@@ -114,6 +116,8 @@ mails, verify signatures or sign and encrypt your own mails.
 %prep
 %setup -q
 
+%patch0 -p1 -b.procmime
+
 # guard for pluginapi
 SOURCEAPI=$(grep -A 1 VERSION_NUMERIC src/common/version.h | tr -d '\n' | perl -ne 's/[\\\s]//g; m/(\d+),(\d+),(\d+),(\d+)/; print("$1.$2.$3.$4");')
 [ "%pluginapi" == "$SOURCEAPI" ] || exit -1
@@ -228,6 +232,10 @@ fi
 %{_libdir}/claws-mail/plugins/smime.deps
 
 %changelog
+* Mon Oct 22 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
+- 3.8.1-3
+- fix null-ptr crash (rhbz#862578, CVE-2012-4507)
+
 * Wed Jul 18 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.8.1-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild