automatic post-release commit for mutt-1.10.1mutt-1-10-1-rel

3 files changed, 238 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index 3eb116dc..ee304c15 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,233 @@
+2018-07-13 14:25:28 -0700  Kevin McCarthy  <kevin@8t8.us> (3d9028fe)
+
+        * Check outbuf length in mutt_from_base64()
+        
+        The obuf can be overflowed in auth_cram.c, and possibly auth_gss.c.
+        
+        Thanks to Jeriko One for the bug report.
+
+M	base64.c
+M	imap/auth_cram.c
+M	imap/auth_gss.c
+M	protos.h
+
+2018-07-13 13:05:22 -0700  Kevin McCarthy  <kevin@8t8.us> (6962328c)
+
+        * Check destlen and truncate in url_pct_encode().
+        
+        Thanks to Jeriko One for the patch, which this commit is based upon.
+
+M	url.c
+
+2018-07-13 12:35:50 -0700  Kevin McCarthy  <kevin@8t8.us> (e57a8602)
+
+        * Verify IMAP status mailbox literal count size.
+        
+        Ensure the length isn't bigger than the idata->buf.
+        
+        Thanks to Jeriko One fo the bug report and patch, which this commit is
+        based upon.
+
+M	imap/command.c
+
+2018-07-13 12:24:58 -0700  JerikoOne  <jeriko.one@gmx.us> (9347b5c0)
+
+        * Handle NO response without message properly
+
+M	imap/command.c
+
+2018-07-13 12:15:00 -0700  Kevin McCarthy  <kevin@8t8.us> (3287534d)
+
+        * Don't overflow tmp in msg_parse_fetch.
+        
+        Ensure INTERNALDATE and RFC822.SIZE field sizes fit temp buffer.
+        
+        Thanks to Jeriko One for the bug report and patch, which this patch is
+        based upon.
+
+M	imap/message.c
+
+2018-07-13 11:33:16 -0700  Richard Russon  <rich@flatcap.org> (31eef6c7)
+
+        * Selectively cache headers.
+        
+        Thanks to NeoMutt and Jeriko One for the patch, which was slightly
+        modified to apply to the Mutt code.
+
+M	imap/util.c
+
+2018-07-13 11:16:33 -0700  Kevin McCarthy  <kevin@8t8.us> (6aed28b4)
+
+        * Sanitize POP bcache paths.
+        
+        Protect against bcache directory path traversal for UID values.
+        
+        Thanks for Jeriko One for the bug report and patch, which this commit
+        is based upon.
+
+M	pop.c
+
+2018-07-13 10:47:11 -0700  JerikoOne  <jeriko.one@gmx.us> (e154cba1)
+
+        * Ensure UID in fetch_uidl.
+
+M	pop.c
+
+2018-07-12 21:41:17 -0700  Kevin McCarthy  <kevin@8t8.us> (4d0cd265)
+
+        * Fix buffer size check in cmd_parse_lsub.
+        
+        The size parameter to url_ciss_tostring() was off by one.
+
+M	imap/command.c
+
+2018-07-12 20:46:37 -0700  Kevin McCarthy  <kevin@8t8.us> (e0131852)
+
+        * Fix imap_quote_string() length check errors.
+        
+        The function wasn't properly checking for dlen<2 before quoting, and
+        wasn't properly pre-adjusting dlen to include the initial quote.
+        
+        Thanks to Jeriko One for reporting these issues.
+
+M	imap/util.c
+
+2018-07-07 19:32:57 -0700  Kevin McCarthy  <kevin@8t8.us> (4ff007ca)
+
+        * Mention $pgp_decode_command for $pgp_check_gpg_decrypt_status_fd
+        
+        It scans $pgp_decode_command for inline and application/pgp mime
+        types.
+
+M	init.h
+
+2018-07-07 19:03:44 -0700  Kevin McCarthy  <kevin@8t8.us> (18515281)
+
+        * Properly quote IMAP mailbox names when (un)subscribing.
+        
+        When handling automatic subscription (via $imap_check_subscribed), or
+        manual subscribe/unsubscribe commands, mutt generating a "mailboxes"
+        command but failed to properly escape backquotes.
+        
+        Thanks to Jeriko One for the detailed bug report and patch, which this
+        commit is based upon.
+
+M	imap/command.c
+M	imap/imap.c
+M	imap/imap_private.h
+M	imap/util.c
+
+2018-06-18 11:21:38 +0200  Philipp Gesang  <philipp.gesang@intra2net.com> (df4affd1)
+
+        * crypt-gpgme: prevent crash on bad S/MIME signature
+        
+        Inform the user about the fingerprint being unavailable instead
+        of crashing if the S/MIME signature is bad.
+
+M	crypt-gpgme.c
+
+2018-06-04 21:31:33 -0700  Kevin McCarthy  <kevin@8t8.us> (edb4ec84)
+
+        * Add GnuPG status fd checks for inline pgp.
+        
+        The difficulty is that "BEGIN PGP MESSAGE" could be a signed and
+        armored part, so we can't fail hard if it isn't encrypted.
+        
+        Change pgp_check_decryption_okay() to return more status codes, with
+        >=0 indicating an actual decryption; -2 and -1 indicating plaintext
+        found; and -3 indicating an actual DECRYPTION_FAILED status code seen.
+        
+        Fail hard on -3, but change the message for -2 and -1 to indicate the
+        message was not encrypted.
+
+M	pgp.c
+
+2018-06-04 15:40:57 -0700  Kevin McCarthy  <kevin@8t8.us> (8ec6d766)
+
+        * Add $pgp_check_gpg_decrypt_status_fd.
+        
+        If set (the default) mutt performs more thorough checking of the
+        $pgp_decrypt_command status output for GnuPG result codes.
+        
+        Ticket #39 revealed that GnuPG (currently) does not protect against
+        messages that have been manipulated to contain an empty encryption
+        packet followed by a plaintext packet.
+        
+        A huge thanks to Marcus Brinkmann for researching this issue, taking
+        the time to report it to us (and the GnuPG team), and taking even more
+        time to clarify exactly what needed to be checked for.   
+
+M	contrib/gpg.rc
+M	contrib/pgp2.rc
+M	contrib/pgp5.rc
+M	contrib/pgp6.rc
+M	init.h
+M	mutt.h
+M	pgp.c
+
+2018-06-03 14:52:37 -0700  Kevin McCarthy  <kevin@8t8.us> (cb2329ae)
+
+        * Revert showing real size for small files in mutt_pretty_size().
+        
+        I thought the change made in 0fa64ba9 was small enough not to matter,
+        but at least one long-time user took the time to track down the change
+        and request it be reverted.
+
+M	muttlib.c
+
+2018-06-03 14:40:31 -0700  Kevin McCarthy  <kevin@8t8.us> (33290d12)
+
+        * Switch build scripts to use `` instead of $()
+        
+        This is for older systems running Bourne shell as /bin/sh.
+
+M	mkchangelog.sh
+M	mkreldate.sh
+M	version.sh
+
+2013-01-06 19:24:18 +0100  Oswald Buddenhagen  <ossi@kde.org> (ec96f5f5)
+
+        * fix inappropriate use of FREE() in ssl init error path
+        
+        OpenSSL structures need to be freed with dedicated functions.
+
+M	mutt_ssl.c
+
+2018-05-19 10:57:10 -0700  Kevin McCarthy  <kevin@8t8.us> (d55950a8)
+
+        * automatic post-release commit for mutt-1.10.0
+
+M	ChangeLog
+M	VERSION
+M	po/bg.po
+M	po/ca.po
+M	po/cs.po
+M	po/da.po
+M	po/de.po
+M	po/el.po
+M	po/eo.po
+M	po/es.po
+M	po/et.po
+M	po/eu.po
+M	po/fr.po
+M	po/ga.po
+M	po/gl.po
+M	po/hu.po
+M	po/id.po
+M	po/it.po
+M	po/ja.po
+M	po/ko.po
+M	po/lt.po
+M	po/nl.po
+M	po/pl.po
+M	po/pt_BR.po
+M	po/ru.po
+M	po/sk.po
+M	po/sv.po
+M	po/tr.po
+M	po/uk.po
+M	po/zh_CN.po
+M	po/zh_TW.po
 2018-05-17 12:24:31 -0700  Ivan Vilata i Balaguer  <ivan@selidor.net> (70c9c89b)
 
         * Updated Catalan translation.
diff --git a/UPDATING b/UPDATING
index 0a16033b..c7c706f2 100644
--- a/UPDATING
+++ b/UPDATING
@@ -8,6 +8,13 @@ http://www.mutt.org/doc/manual/
 The keys used are:
   !: modified feature, -: deleted feature, +: new feature
 
+1.10.1 (2018-07-16):
+
+  ! Bug fix release.
+  + $pgp_check_gpg_decrypt_status_fd, when set (the default), checks
+    GnuPG status fd output more thoroughly for spooofed encrypted
+    messages.  Please see contrib/gpg.rc for suggested values.
+
 1.10.0 (2018-05-19):
 
   ! $reply_self is now respected for group-reply, even with $metoo unset.
diff --git a/VERSION b/VERSION
index 81c871de..4dae2985 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.10.0
+1.10.1