diff --git a/SOURCES/mutt-1.5.13-nodotlock.patch b/SOURCES/mutt-1.5.13-nodotlock.patch
new file mode 100644
index 0000000..c4888f6
--- /dev/null
+++ b/SOURCES/mutt-1.5.13-nodotlock.patch
@@ -0,0 +1,10 @@
+--- mutt-1.5.13/configure.nodotlock 2007-02-06 15:14:03.000000000 +0100
++++ mutt-1.5.13/configure 2007-02-06 15:14:04.000000000 +0100
+@@ -12300,6 +12300,7 @@
+ {
+ struct stat s;
+
++ return 1;
+ stat ("$mutt_cv_mailpath", &s);
+ if (s.st_mode & S_IWGRP) exit (0);
+ exit (1);
diff --git a/SOURCES/mutt-1.5.18-manual.patch b/SOURCES/mutt-1.5.18-manual.patch
new file mode 100644
index 0000000..0230c18
--- /dev/null
+++ b/SOURCES/mutt-1.5.18-manual.patch
@@ -0,0 +1,12 @@
+diff -up mutt-1.5.18/doc/Makefile.in.manual mutt-1.5.18/doc/Makefile.in
+diff -up mutt-1.5.18/init.h.manual mutt-1.5.18/init.h
+--- mutt-1.5.18/init.h.manual 2008-01-30 05:26:50.000000000 +0100
++++ mutt-1.5.18/init.h 2008-05-19 11:05:02.000000000 +0200
+@@ -19,7 +19,6 @@
+
+ #ifdef _MAKEDOC
+ # include "config.h"
+-# include "doc/makedoc-defs.h"
+ #else
+ # include "sort.h"
+ #endif
diff --git a/SOURCES/mutt-1.5.18-muttrc.patch b/SOURCES/mutt-1.5.18-muttrc.patch
new file mode 100644
index 0000000..22d72b2
--- /dev/null
+++ b/SOURCES/mutt-1.5.18-muttrc.patch
@@ -0,0 +1,20 @@
+diff -up mutt-1.5.18/doc/Muttrc.head.muttrc mutt-1.5.18/doc/Muttrc.head
+--- mutt-1.5.18/doc/Muttrc.head.muttrc 2008-01-30 05:26:50.000000000 +0100
++++ mutt-1.5.18/doc/Muttrc.head 2008-05-19 10:58:21.000000000 +0200
+@@ -19,11 +19,15 @@ macro index,pager,attach,compose \cb "\
+
+ # Show documentation when pressing F1
+ macro generic,pager " less @docdir@/manual.txt" "show Mutt documentation"
++# and also F2, as some terminals use F1
++macro generic,pager " less @docdir@/manual.txt" "show Mutt documentation"
+
+ # show the incoming mailboxes list (just like "mutt -y") and back when pressing "y"
+ macro index,pager y "?" "show incoming mailboxes list"
+ bind browser y exit
+
++bind editor delete-char
++
+ # If Mutt is unable to determine your site's domain name correctly, you can
+ # set the default here.
+ #
+diff -up mutt-1.5.18/contrib/sample.muttrc mutt-1.5.18/contrib/sample
diff --git a/SOURCES/mutt-1.5.20-cve-2014-0467.patch b/SOURCES/mutt-1.5.20-cve-2014-0467.patch
new file mode 100644
index 0000000..1ea2906
--- /dev/null
+++ b/SOURCES/mutt-1.5.20-cve-2014-0467.patch
@@ -0,0 +1,11 @@
+diff -up mutt/copy.c.cve-2014-0467 mutt/copy.c
+--- mutt/copy.c.cve-2014-0467 2009-12-14 19:24:59.000000000 +0100
++++ mutt/copy.c 2014-03-13 10:29:13.844051152 +0100
+@@ -254,6 +254,7 @@ mutt_copy_hdr (FILE *in, FILE *out, LOFF
+ {
+ if (!address_header_decode (&this_one))
+ rfc2047_decode (&this_one);
++ this_one_len = mutt_strlen (this_one);
+ }
+
+ if (!headers[x])
diff --git a/SOURCES/mutt-1.5.20-domainname.patch b/SOURCES/mutt-1.5.20-domainname.patch
new file mode 100644
index 0000000..1511b80
--- /dev/null
+++ b/SOURCES/mutt-1.5.20-domainname.patch
@@ -0,0 +1,13 @@
+--- mutt/init.c 2009-12-14 19:24:59.000000000 +0100
++++ mutt/init.c.new 2016-10-19 16:00:26.065999981 +0200
+@@ -2928,9 +2928,8 @@ void mutt_init (int skip_sys_rc, LIST *c
+ #define DOMAIN buffer
+ if (!p && getdnsdomainname (buffer, sizeof (buffer)) == -1)
+ Fqdn = safe_strdup ("@");
+- else
+ #endif /* DOMAIN */
+- if (*DOMAIN != '@')
++ if (strlen(DOMAIN) > 0 && *DOMAIN != '@')
+ {
+ Fqdn = safe_malloc (mutt_strlen (DOMAIN) + mutt_strlen (Hostname) + 2);
+ sprintf (Fqdn, "%s.%s", NONULL(Hostname), DOMAIN); /* __SPRINTF_CHECKED__ */
diff --git a/SOURCES/mutt-1.5.20-system_certs.patch b/SOURCES/mutt-1.5.20-system_certs.patch
new file mode 100644
index 0000000..45f0bd2
--- /dev/null
+++ b/SOURCES/mutt-1.5.20-system_certs.patch
@@ -0,0 +1,12 @@
+diff -rup mutt-17a4f92e4a95-orig/init.h mutt-17a4f92e4a95-new/init.h
+--- mutt-17a4f92e4a95-orig/init.h 2015-06-07 22:59:32.000000000 +0200
++++ mutt-17a4f92e4a95-new/init.h 2015-06-25 15:28:56.095570332 +0200
+@@ -2989,7 +2989,7 @@ struct option_t MuttVars[] = {
+ */
+ #if defined(USE_SSL)
+ #ifdef USE_SSL_GNUTLS
+- { "ssl_ca_certificates_file", DT_PATH, R_NONE, UL &SslCACertFile, 0 },
++ { "ssl_ca_certificates_file", DT_PATH, R_NONE, UL &SslCACertFile, "/etc/pki/tls/certs/ca-bundle.crt" },
+ /*
+ ** .pp
+ ** This variable specifies a file containing trusted CA certificates.
diff --git a/SOURCES/mutt-1.5.21-cabundle.patch b/SOURCES/mutt-1.5.21-cabundle.patch
new file mode 100644
index 0000000..df8c225
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-cabundle.patch
@@ -0,0 +1,28 @@
+diff -up mutt-1.5.21/contrib/Makefile.am.cabundle mutt-1.5.21/contrib/Makefile.am
+--- mutt-1.5.21/contrib/Makefile.am.cabundle 2008-03-19 21:07:06.000000000 +0100
++++ mutt-1.5.21/contrib/Makefile.am 2011-11-02 12:47:34.143534053 +0100
+@@ -5,7 +5,7 @@ subdir = contrib
+ SAMPLES = Mush.rc Pine.rc gpg.rc pgp2.rc pgp5.rc pgp6.rc Tin.rc \
+ sample.muttrc sample.mailcap sample.muttrc-tlr \
+ colors.default colors.linux smime.rc \
+- ca-bundle.crt smime_keys_test.pl mutt_xtitle
++ smime_keys_test.pl mutt_xtitle
+
+ EXTRA_DIST = language.txt language50.txt \
+ patch.slang-1.2.2.keypad.1 \
+diff -up mutt-1.5.21/doc/smime-notes.txt.cabundle mutt-1.5.21/doc/smime-notes.txt
+--- mutt-1.5.21/doc/smime-notes.txt.cabundle 2011-11-02 12:53:56.808750080 +0100
++++ mutt-1.5.21/doc/smime-notes.txt 2011-11-02 12:57:46.225881970 +0100
+@@ -40,8 +40,10 @@ How to add use mutt's S/MIME capabilitie
+ - Edit the smime_sign_as line in your muttrc, replacing the keyid with your
+ own.
+
+-- You probably want to import the trusted roots in
+- contrib/ca-bundle.crt. This makes you trust anything that was ultimately
++- There is no more ca-bundle.crt file with the trusted roots to import shipped
++ in mutt. The upstream file is out-dated and user is encouraged to use
++ ca-bundle.crt from ca-certificate pacakge.
++ This makes you trust anything that was ultimately
+ signed by one of them. You can use "smime_keys add_root" to do so, or
+ just copy ca-bundle.crt into the place you point mutt's smime_ca_location
+ variable to.
diff --git a/SOURCES/mutt-1.5.21-certscomp.patch b/SOURCES/mutt-1.5.21-certscomp.patch
new file mode 100644
index 0000000..feb7024
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-certscomp.patch
@@ -0,0 +1,22 @@
+diff -up mutt-1.5.21/mutt_ssl_gnutls.c.testcert mutt-1.5.21/mutt_ssl_gnutls.c
+--- mutt-1.5.21/mutt_ssl_gnutls.c.testcert 2010-08-25 18:31:40.000000000 +0200
++++ mutt-1.5.21/mutt_ssl_gnutls.c 2013-11-04 14:15:33.956762683 +0100
+@@ -434,8 +434,16 @@ static int tls_compare_certificates (con
+ return 0;
+ }
+
+- ptr = (unsigned char *)strstr((char*)b64_data.data, CERT_SEP) + 1;
+- ptr = (unsigned char *)strstr((char*)ptr, CERT_SEP);
++ /* find start of cert, skipping junk */
++ ptr = (unsigned char *)strstr((char*)b64_data.data, CERT_SEP);
++ if (!ptr)
++ {
++ gnutls_free(cert.data);
++ FREE (&b64_data_data);
++ return 0;
++ }
++ /* find start of next cert */
++ ptr = (unsigned char *)strstr((char*)ptr + 1, CERT_SEP);
+
+ b64_data.size = b64_data.size - (ptr - b64_data.data);
+ b64_data.data = ptr;
diff --git a/SOURCES/mutt-1.5.21-cve-2018-14354_cve-2018-14357.patch b/SOURCES/mutt-1.5.21-cve-2018-14354_cve-2018-14357.patch
new file mode 100644
index 0000000..48036ac
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-cve-2018-14354_cve-2018-14357.patch
@@ -0,0 +1,128 @@
+From 185152818541f5cdc059cbff3f3e8b654fc27c1d Mon Sep 17 00:00:00 2001
+From: Kevin McCarthy
+Date: Sat, 7 Jul 2018 19:03:44 -0700
+Subject: [PATCH] Properly quote IMAP mailbox names when (un)subscribing.
+
+When handling automatic subscription (via $imap_check_subscribed), or
+manual subscribe/unsubscribe commands, mutt generating a "mailboxes"
+command but failed to properly escape backquotes.
+
+Thanks to Jeriko One for the detailed bug report and patch, which this
+commit is based upon.
+---
+ imap/command.c | 5 +++--
+ imap/imap.c | 7 +++++--
+ imap/imap_private.h | 3 ++-
+ imap/util.c | 25 ++++++++++++++++++++-----
+ 4 files changed, 30 insertions(+), 10 deletions(-)
+
+diff --git a/imap/command.c b/imap/command.c
+index c8825981..c79d4f28 100644
+--- a/imap/command.c
++++ b/imap/command.c
+@@ -842,8 +842,9 @@ static void cmd_parse_lsub (IMAP_DATA* idata, char* s)
+
+ strfcpy (buf, "mailboxes \"", sizeof (buf));
+ mutt_account_tourl (&idata->conn->account, &url);
+- /* escape \ and " */
+- imap_quote_string(errstr, sizeof (errstr), list.name);
++ /* escape \ and ". Also escape ` because the resulting
++ * string will be passed to mutt_parse_rc_line. */
++ imap_quote_string_and_backquotes (errstr, sizeof (errstr), list.name);
+ url.path = errstr + 1;
+ url.path[strlen(url.path) - 1] = '\0';
+ if (!mutt_strcmp (url.user, ImapUser))
+diff --git a/imap/imap.c b/imap/imap.c
+index 668203b8..c3a8ffd0 100644
+--- a/imap/imap.c
++++ b/imap/imap.c
+@@ -1930,6 +1930,7 @@ int imap_subscribe (char *path, int subscribe)
+ char buf[LONG_STRING];
+ char mbox[LONG_STRING];
+ char errstr[STRING];
++ int mblen;
+ BUFFER err, token;
+ IMAP_MBOX mx;
+
+@@ -1951,8 +1952,10 @@ int imap_subscribe (char *path, int subscribe)
+ memset (&token, 0, sizeof (token));
+ err.data = errstr;
+ err.dsize = sizeof (errstr);
+- snprintf (mbox, sizeof (mbox), "%smailboxes \"%s\"",
+- subscribe ? "" : "un", path);
++ mblen = snprintf (mbox, sizeof (mbox), "%smailboxes ",
++ subscribe ? "" : "un");
++ imap_quote_string_and_backquotes (mbox + mblen, sizeof(mbox) - mblen,
++ path);
+ if (mutt_parse_rc_line (mbox, &token, &err))
+ dprint (1, (debugfile, "Error adding subscribed mailbox: %s\n", errstr));
+ FREE (&token.data);
+diff --git a/imap/imap_private.h b/imap/imap_private.h
+index 312fbfe4..349c5a49 100644
+--- a/imap/imap_private.h
++++ b/imap/imap_private.h
+@@ -301,7 +301,8 @@ char* imap_next_word (char* s);
+ time_t imap_parse_date (char* s);
+ void imap_make_date (char* buf, time_t timestamp);
+ void imap_qualify_path (char *dest, size_t len, IMAP_MBOX *mx, char* path);
+-void imap_quote_string (char* dest, size_t slen, const char* src);
++void imap_quote_string (char* dest, size_t dlen, const char* src);
++void imap_quote_string_and_backquotes (char *dest, size_t dlen, const char *src);
+ void imap_unquote_string (char* s);
+ void imap_munge_mbox_name (char *dest, size_t dlen, const char *src);
+ void imap_unmunge_mbox_name (char *s);
+diff --git a/imap/util.c b/imap/util.c
+index 914c93c3..3274a70c 100644
+--- a/imap/util.c
++++ b/imap/util.c
+@@ -608,11 +608,10 @@ void imap_qualify_path (char *dest, size_t len, IMAP_MBOX *mx, char* path)
+ }
+
+
+-/* imap_quote_string: quote string according to IMAP rules:
+- * surround string with quotes, escape " and \ with \ */
+-void imap_quote_string (char *dest, size_t dlen, const char *src)
++static void _imap_quote_string (char *dest, size_t dlen, const char *src,
++ const char *to_quote)
+ {
+- char quote[] = "\"\\", *pt;
++ char *pt;
+ const char *s;
+
+ pt = dest;
+@@ -625,7 +623,7 @@ void imap_quote_string (char *dest, size_t dlen, const char *src)
+
+ for (; *s && dlen; s++)
+ {
+- if (strchr (quote, *s))
++ if (strchr (to_quote, *s))
+ {
+ dlen -= 2;
+ if (!dlen)
+@@ -643,6 +641,23 @@ void imap_quote_string (char *dest, size_t dlen, const char *src)
+ *pt = 0;
+ }
+
++/* imap_quote_string: quote string according to IMAP rules:
++ * surround string with quotes, escape " and \ with \ */
++void imap_quote_string (char *dest, size_t dlen, const char *src)
++{
++ _imap_quote_string (dest, dlen, src, "\"\\");
++}
++
++/* imap_quote_string_and_backquotes: quote string according to IMAP rules:
++ * surround string with quotes, escape " and \ with \.
++ * Additionally, escape backquotes with \ to protect against code injection
++ * when using the resulting string in mutt_parse_rc_line().
++ */
++void imap_quote_string_and_backquotes (char *dest, size_t dlen, const char *src)
++{
++ _imap_quote_string (dest, dlen, src, "\"\\`");
++}
++
+ /* imap_unquote_string: equally stupid unquoting routine */
+ void imap_unquote_string (char *s)
+ {
+--
+2.18.0
+
diff --git a/SOURCES/mutt-1.5.21-cve-2018-14362.patch b/SOURCES/mutt-1.5.21-cve-2018-14362.patch
new file mode 100644
index 0000000..48ca2e0
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-cve-2018-14362.patch
@@ -0,0 +1,100 @@
+From 6aed28b40a0410ec47d40c8c7296d8d10bae7576 Mon Sep 17 00:00:00 2001
+From: Kevin McCarthy
+Date: Fri, 13 Jul 2018 11:16:33 -0700
+Subject: [PATCH] Sanitize POP bcache paths.
+
+Protect against bcache directory path traversal for UID values.
+
+Thanks for Jeriko One for the bug report and patch, which this commit
+is based upon.
+---
+ pop.c | 31 +++++++++++++++++++++++++------
+ 1 file changed, 25 insertions(+), 6 deletions(-)
+
+diff --git a/pop.c b/pop.c
+index d9d95fbe..288166de 100644
+--- a/pop.c
++++ b/pop.c
+@@ -40,6 +40,25 @@
+ #define HC_FEXT "hcache" /* extension for hcache as POP lacks paths */
+ #endif
+
++/**
++ * cache_id - Make a message-cache-compatible id
++ * @param id POP message id
++ * @retval ptr Sanitised string
++ *
++ * The POP message id may contain '/' and other awkward characters.
++ *
++ * @note This function returns a pointer to a static buffer.
++ */
++static const char *cache_id(const char *id)
++{
++ static char clean[SHORT_STRING];
++
++ strfcpy (clean, id, sizeof(clean));
++ mutt_sanitize_filename (clean, 1);
++
++ return clean;
++}
++
+ /* write line to file */
+ static int fetch_message (char *line, void *file)
+ {
+@@ -205,7 +224,7 @@ static int msg_cache_check (const char *id, body_cache_t *bcache, void *data)
+ /* message not found in context -> remove it from cache
+ * return the result of bcache, so we stop upon its first error
+ */
+- return mutt_bcache_del (bcache, id);
++ return mutt_bcache_del (bcache, cache_id (id));
+ }
+
+ #ifdef USE_HCACHE
+@@ -355,7 +374,7 @@ static int pop_fetch_headers (CONTEXT *ctx)
+ * - if we also have a body: read
+ * - if we don't have a body: new
+ */
+- bcached = mutt_bcache_exists (pop_data->bcache, ctx->hdrs[i]->data) == 0;
++ bcached = mutt_bcache_exists (pop_data->bcache, cache_id (ctx->hdrs[i]->data)) == 0;
+ ctx->hdrs[i]->old = 0;
+ ctx->hdrs[i]->read = 0;
+ if (hcached)
+@@ -531,7 +550,7 @@ static int pop_fetch_message (CONTEXT* ctx, MESSAGE* msg, int msgno)
+ unsigned short bcache = 1;
+
+ /* see if we already have the message in body cache */
+- if ((msg->fp = mutt_bcache_get (pop_data->bcache, h->data)))
++ if ((msg->fp = mutt_bcache_get (pop_data->bcache, cache_id (h->data))))
+ return 0;
+
+ /*
+@@ -578,7 +597,7 @@ static int pop_fetch_message (CONTEXT* ctx, MESSAGE* msg, int msgno)
+ M_PROGRESS_SIZE, NetInc, h->content->length + h->content->offset - 1);
+
+ /* see if we can put in body cache; use our cache as fallback */
+- if (!(msg->fp = mutt_bcache_put (pop_data->bcache, h->data, 1)))
++ if (!(msg->fp = mutt_bcache_put (pop_data->bcache, cache_id (h->data), 1)))
+ {
+ /* no */
+ bcache = 0;
+@@ -624,7 +643,7 @@ static int pop_fetch_message (CONTEXT* ctx, MESSAGE* msg, int msgno)
+ * portion of the headers, those required for the main display.
+ */
+ if (bcache)
+- mutt_bcache_commit (pop_data->bcache, h->data);
++ mutt_bcache_commit (pop_data->bcache, cache_id (h->data));
+ else
+ {
+ cache->index = h->index;
+@@ -704,7 +723,7 @@ static int pop_sync_mailbox (CONTEXT *ctx, int *index_hint)
+ snprintf (buf, sizeof (buf), "DELE %d\r\n", ctx->hdrs[i]->refno);
+ if ((ret = pop_query (pop_data, buf, sizeof (buf))) == 0)
+ {
+- mutt_bcache_del (pop_data->bcache, ctx->hdrs[i]->data);
++ mutt_bcache_del (pop_data->bcache, cache_id (ctx->hdrs[i]->data));
+ #if USE_HCACHE
+ mutt_hcache_delete (hc, ctx->hdrs[i]->data, strlen);
+ #endif
+--
+2.18.0
+
diff --git a/SOURCES/mutt-1.5.21-gpgme-1.2.0.patch b/SOURCES/mutt-1.5.21-gpgme-1.2.0.patch
new file mode 100644
index 0000000..90af39d
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-gpgme-1.2.0.patch
@@ -0,0 +1,26 @@
+diff -up mutt-1.5.21/init.c.gpgme-1.2.0 mutt-1.5.21/init.c
+--- mutt-1.5.21/init.c.gpgme-1.2.0 2010-08-25 18:31:40.000000000 +0200
++++ mutt-1.5.21/init.c 2011-10-26 10:29:12.166967476 +0200
+@@ -52,6 +52,10 @@
+ #include
+ #include
+
++#if defined(CRYPT_BACKEND_GPGME)
++#include
++#endif
++
+ #define CHECK_PAGER \
+ if ((CurrentMenu == MENU_PAGER) && (idx >= 0) && \
+ (MuttVars[idx].flags & R_RESORT)) \
+@@ -3143,6 +3147,11 @@ void mutt_init (int skip_sys_rc, LIST *c
+
+ mutt_read_histfile ();
+
++#ifdef CRYPT_BACKEND_GPGME
++ /* needed since version 1.2.0, ticket #3300 */
++ gpgme_check_version (NULL);
++#endif
++
+ #if 0
+ set_option (OPTWEED); /* turn weeding on by default */
+ #endif
diff --git a/SOURCES/mutt-1.5.21-hdrcnt.patch b/SOURCES/mutt-1.5.21-hdrcnt.patch
new file mode 100644
index 0000000..26bec5e
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-hdrcnt.patch
@@ -0,0 +1,59 @@
+diff -up mutt-1.5.21/imap/message.c.hdrcnt mutt-1.5.21/imap/message.c
+--- mutt-1.5.21/imap/message.c.hdrcnt 2010-08-24 18:34:21.000000000 +0200
++++ mutt-1.5.21/imap/message.c 2011-06-13 15:44:08.268380854 +0200
+@@ -65,7 +65,7 @@ int imap_read_headers (IMAP_DATA* idata,
+ char *hdrreq = NULL;
+ FILE *fp;
+ char tempfile[_POSIX_PATH_MAX];
+- int msgno, idx;
++ int msgno, idx = msgbegin - 1;
+ IMAP_HEADER h;
+ IMAP_STATUS* status;
+ int rc, mfhrc, oldmsgcount;
+@@ -185,7 +185,7 @@ int imap_read_headers (IMAP_DATA* idata,
+ continue;
+ }
+
+- idx = h.sid - 1;
++ idx++;
+ ctx->hdrs[idx] = imap_hcache_get (idata, h.data->uid);
+ if (ctx->hdrs[idx])
+ {
+@@ -211,6 +211,7 @@ int imap_read_headers (IMAP_DATA* idata,
+ dprint (3, (debugfile, "bad cache entry at %d, giving up\n", h.sid - 1));
+ imap_free_header_data((void**) (void*) &h.data);
+ evalhc = 0;
++ idx--;
+ }
+ }
+ while (rc != IMAP_CMD_OK && mfhrc == -1);
+@@ -273,18 +274,20 @@ int imap_read_headers (IMAP_DATA* idata,
+ {
+ dprint (2, (debugfile, "msg_fetch_header: ignoring fetch response with no body\n"));
+ mfhrc = -1;
++ msgend--;
+ continue;
+ }
+
+ /* make sure we don't get remnants from older larger message headers */
+ fputs ("\n\n", fp);
+
+- idx = h.sid - 1;
++ idx++;
+ if (idx > msgend)
+ {
+ dprint (1, (debugfile, "imap_read_headers: skipping FETCH response for "
+ "unknown message number %d\n", h.sid));
+ mfhrc = -1;
++ idx--;
+ continue;
+ }
+ /* May receive FLAGS updates in a separate untagged response (#2935) */
+@@ -292,6 +295,7 @@ int imap_read_headers (IMAP_DATA* idata,
+ {
+ dprint (2, (debugfile, "imap_read_headers: message %d is not new\n",
+ h.sid));
++ idx--;
+ continue;
+ }
+
diff --git a/SOURCES/mutt-1.5.21-manhelp.patch b/SOURCES/mutt-1.5.21-manhelp.patch
new file mode 100644
index 0000000..e6a0280
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-manhelp.patch
@@ -0,0 +1,284 @@
+diff -up mutt-1.5.21/doc/Makefile.in.manhelp mutt-1.5.21/doc/Makefile.in
+--- mutt-1.5.21/doc/Makefile.in.manhelp 2010-08-25 18:31:48.000000000 +0200
++++ mutt-1.5.21/doc/Makefile.in 2013-05-20 17:03:19.557439907 +0200
+@@ -218,6 +218,8 @@ EXTRA_DIST = dotlock.man \
+ smime_keys.man \
+ muttbug.man \
+ mutt.man \
++ pgpewrap.man \
++ pgpring.man \
+ PGP-Notes.txt \
+ applying-patches.txt \
+ devel-notes.txt \
+@@ -519,7 +521,7 @@ uninstall-am: uninstall-local
+
+ all: makedoc-all
+
+-makedoc-all: mutt.1 smime_keys.1 muttrc.man manual.html stamp-doc-rc stamp-doc-chunked manual.txt
++makedoc-all: mutt.1 smime_keys.1 muttrc.man manual.html stamp-doc-rc stamp-doc-chunked manual.txt pgpewrap.1 pgpring.1
+
+ install-data-local: makedoc-all instdoc
+ $(top_srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/man1
+@@ -527,6 +529,8 @@ install-data-local: makedoc-all instdoc
+ $(top_srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir)
+ ./instdoc mutt.1 $(DESTDIR)$(mandir)/man1/mutt.1
+ ./instdoc smime_keys.1 $(DESTDIR)$(mandir)/man1/smime_keys.1
++ ./instdoc pgpewrap.1 $(DESTDIR)$(mandir)/man1/pgpewrap.1
++ ./instdoc pgpring.1 $(DESTDIR)$(mandir)/man1/pgpring.1
+ ./instdoc $(srcdir)/muttbug.man $(DESTDIR)$(mandir)/man1/flea.1
+ ./instdoc $(srcdir)/muttbug.man $(DESTDIR)$(mandir)/man1/muttbug.1
+ test x@DOTLOCK_TARGET@ = x || ./instdoc $(srcdir)/dotlock.man \
+@@ -555,7 +559,7 @@ install-data-local: makedoc-all instdoc
+ fi
+
+ uninstall-local:
+- for f in mutt.1 mutt_dotlock.1 flea.1 muttbug.1 smime_keys.1; do \
++ for f in mutt.1 mutt_dotlock.1 flea.1 muttbug.1 smime_keys.1 pgpewrap.1 pgpring.1; do \
+ rm -f $(DESTDIR)$(mandir)/man1/$$f ; \
+ done
+ for f in muttrc.5 mbox.5 mmdf.5 ; do \
+@@ -620,7 +624,7 @@ sortcheck: manual.xml
+ rm -rf vars.tmp.1 vars.tmp.2
+
+ clean-local:
+- rm -f *~ *.html *.orig *.rej stamp-doc-* *.ps mutt.1 smime_keys.1 muttrc.man
++ rm -f *~ *.html *.orig *.rej stamp-doc-* *.ps mutt.1 smime_keys.1 muttrc.man pgpewrap.1 pgpring.1
+ rm -f *.aux *.log *.tex *.out
+
+ instdoc: instdoc.sh
+@@ -640,6 +644,12 @@ mutt.1: $(srcdir)/mutt.man
+ smime_keys.1: $(srcdir)/smime_keys.man
+ $(EDIT) $(srcdir)/smime_keys.man > $@
+
++pgpewrap.1: $(srcdir)/pgpewrap.man
++ $(EDIT) $(srcdir)/pgpewrap.man > $@
++
++pgpring.1: $(srcdir)/pgpring.man
++ $(EDIT) $(srcdir)/pgpring.man > $@
++
+ stamp-doc-xml: makedoc$(EXEEXT) $(top_srcdir)/init.h \
+ manual.xml.head $(top_srcdir)/functions.h $(top_srcdir)/OPS* manual.xml.tail \
+ $(srcdir)/gen-map-doc $(top_srcdir)/VERSION $(top_srcdir)/ChangeLog
+diff -up mutt-1.5.21/doc/manual.html.manhelp mutt-1.5.21/doc/manual.html
+--- mutt-1.5.21/doc/manual.html.manhelp 2013-05-20 17:01:07.570442214 +0200
++++ mutt-1.5.21/doc/manual.html 2013-05-20 17:01:13.082442117 +0200
+@@ -4171,7 +4171,7 @@ case-insensitivity).
+ Running mutt
with no arguments will make Mutt attempt
+ to read your spool mailbox. However, it is possible to read other
+ mailboxes and to send messages from the command line as well.
+-
Table 9.1. Command line options
Option | Description |
---|
-A | expand an alias |
-a | attach a file to a message |
-b | specify a blind carbon-copy (BCC) address |
-c | specify a carbon-copy (Cc) address |
-D | print the value of all Mutt variables to stdout |
-e | specify a config command to be run after initialization files are read |
-f | specify a mailbox to load |
-F | specify an alternate file to read initialization commands |
-h | print help on command line options |
-H | specify a draft file from which to read a header and body |
-i | specify a file to include in a message composition |
-m | specify a default mailbox type |
-n | do not read the system Muttrc |
-p | recall a postponed message |
-Q | query a configuration variable |
-R | open mailbox in read-only mode |
-s | specify a subject (enclose in quotes if it contains spaces) |
-v | show version number and compile-time definitions |
-x | simulate the mailx(1) compose mode |
-y | show a menu containing the files specified by the mailboxes command |
-z | exit immediately if there are no messages in the mailbox |
-Z | open the first folder with new message, exit immediately if none |
++
Table 9.1. Command line options
Option | Description |
---|
-A | expand an alias |
-a | attach a file to a message |
-b | specify a blind carbon-copy (BCC) address |
-c | specify a carbon-copy (Cc) address |
-D | print the value of all Mutt variables to stdout |
-d | log debugging output to ~/.muttdebug0 if complied with +DEBUG (level can be 1-5) |
-e | specify a config command to be run after initialization files are read |
-f | specify a mailbox to load |
-F | specify an alternate file to read initialization commands |
-h | print help on command line options |
-H | specify a draft file from which to read a header and body |
-i | specify a file to include in a message composition |
-m | specify a default mailbox type |
-n | do not read the system Muttrc |
-p | recall a postponed message |
-Q | query a configuration variable |
-R | open mailbox in read-only mode |
-s | specify a subject (enclose in quotes if it contains spaces) |
-v | show version number and compile-time definitions |
-x | simulate the mailx(1) compose mode |
-y | show a menu containing the files specified by the mailboxes command |
-z | exit immediately if there are no messages in the mailbox |
-Z | open the first folder with new message, exit immediately if none |
+ To read messages in a mailbox
+
mutt
[-nz
] [-F
+ muttrc
+diff -up mutt-1.5.21/doc/manual.txt.manhelp mutt-1.5.21/doc/manual.txt
+--- mutt-1.5.21/doc/manual.txt.manhelp 2013-05-20 17:01:07.935442207 +0200
++++ mutt-1.5.21/doc/manual.txt 2013-05-20 17:01:13.622442108 +0200
+@@ -6021,6 +6021,8 @@ Table 9.1. Command line options
+ |------+----------------------------------------------------------------------|
+ |-D |print the value of all Mutt variables to stdout |
+ |------+----------------------------------------------------------------------|
++|-d |log debugging output to ~/.muttdebug0 if complied with +DEBUG (1-5) |
++|------+----------------------------------------------------------------------|
+ |-e |specify a config command to be run after initialization files are read|
+ |------+----------------------------------------------------------------------|
+ |-f |specify a mailbox to load |
+diff -up mutt-1.5.21/doc/pgpewrap.man.manhelp mutt-1.5.21/doc/pgpewrap.man
+--- mutt-1.5.21/doc/pgpewrap.man.manhelp 2013-05-20 17:01:13.953442102 +0200
++++ mutt-1.5.21/doc/pgpewrap.man 2013-05-20 17:01:13.953442102 +0200
+@@ -0,0 +1,46 @@
++.\" -*-nroff-*-
++.\"
++.\" pgpewrap, a command line munging tool
++.\" Manpage Copyright (c) 2013 Honza Horak
++.\"
++.\" This program is free software; you can redistribute it and/or modify
++.\" it under the terms of the GNU General Public License as published by
++.\" the Free Software Foundation; either version 2 of the License, or
++.\" (at your option) any later version.
++.\"
++.\" This program is distributed in the hope that it will be useful,
++.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
++.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++.\" GNU General Public License for more details.
++.\"
++.\" You should have received a copy of the GNU General Public License
++.\" along with this program; if not, write to the Free Software
++.\" Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
++.\"
++.TH pgpewrap 1 "May 2013" Unix "User Manuals"
++.SH NAME
++pgpewrap \- Mutt command line munging tool
++
++.SH SYNTAX
++.PP
++\fBpgpewrap\fP [ \fBflags\fP ] \-\- \fBprefix\fP [ \fBrecipients\fP ]
++
++.SH DESCRIPTION
++.PP
++This is a little C program which does some command line munging: The
++first argument is a command to be executed. When \fBpgpewrap\fP
++encounters a "\-\-" (dash\-dash) argument, it will interpret the next
++argument as a prefix which is put in front of all following
++arguments.
++
++.SH EXAMPLE
++
++ pgpewrap pgpe file \-\- \-r a b c
++
++will execute:
++
++ pgpe file -r a -r b -r c
++
++This script is needed with PGP 5 and with GPG, since their command
++line interfaces can't be properly served by mutt's format mechanism.
++
+diff -up mutt-1.5.21/doc/PGP-Notes.txt.manhelp mutt-1.5.21/doc/PGP-Notes.txt
+--- mutt-1.5.21/doc/PGP-Notes.txt.manhelp 2008-03-19 21:07:06.000000000 +0100
++++ mutt-1.5.21/doc/PGP-Notes.txt 2013-05-20 17:01:14.335442095 +0200
+@@ -182,6 +182,10 @@ Command line options:
+
+ -s Dump the secret key ring.
+
++ -S Dump signatures.
++
++ -f Dump fingerprints.
++
+
+
+ 2. pgpewrap
+diff -up mutt-1.5.21/doc/pgpring.man.manhelp mutt-1.5.21/doc/pgpring.man
+--- mutt-1.5.21/doc/pgpring.man.manhelp 2013-05-20 17:01:14.685442089 +0200
++++ mutt-1.5.21/doc/pgpring.man 2013-05-20 17:01:14.685442089 +0200
+@@ -0,0 +1,58 @@
++.\" -*-nroff-*-
++.\"
++.\" pgpring, a key ring dumper
++.\" Manpage Copyright (c) 2004-2013 Matthew Wilcox, Honza Horak
++.\"
++.\" This program is free software; you can redistribute it and/or modify
++.\" it under the terms of the GNU General Public License as published by
++.\" the Free Software Foundation; either version 2 of the License, or
++.\" (at your option) any later version.
++.\"
++.\" This program is distributed in the hope that it will be useful,
++.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
++.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++.\" GNU General Public License for more details.
++.\"
++.\" You should have received a copy of the GNU General Public License
++.\" along with this program; if not, write to the Free Software
++.\" Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
++.\"
++.TH pgpring 1 "May 2013" Unix "User Manuals"
++.SH NAME
++pgpring \- Mutt key ring dumper
++
++.SH SYNTAX
++.PP
++\fBpgpring\fP [ \fB\-k\fP \fIkeyring\fP ] [ \fB\-2\fP | \fB\-5\fP ]
++[ \fB\-s\fP ] [ \fB\-S\fP ] [ \fB\-f\fP ]
++
++.SH DESCRIPTION
++.PP
++pgpring is a key ring dumper. It extracts information from PGP's
++binary key ring and emits it in an (almost) readable output format
++understood by mutt's key selection routines. This output format
++mimics the one used by the GNU Privacy Guard (GPG).
++
++.SH OPTIONS
++.TP
++.BI \-k " keyring"
++Dump the contents of the specified keyring.
++.TP
++.B \-2
++Use the default keyring for PGP 2.x.
++.TP
++.B \-5
++Use the default keyring for PGP 5.
++.TP
++.B \-s
++Dump the secret keyring.
++.TP
++.B \-S
++Dump signatures.
++.TP
++.B \-f
++Dump fingerprints.
++
++.SH AUTHORS
++Thomas Roessler
++
+diff -up mutt-1.5.21/doc/reference.html.manhelp mutt-1.5.21/doc/reference.html
+--- mutt-1.5.21/doc/reference.html.manhelp 2013-05-20 17:01:10.220442167 +0200
++++ mutt-1.5.21/doc/reference.html 2013-05-20 17:01:15.013442084 +0200
+@@ -31,7 +31,7 @@ tr { vertical-align: top; }
+ Running mutt
with no arguments will make Mutt attempt
+ to read your spool mailbox. However, it is possible to read other
+ mailboxes and to send messages from the command line as well.
+-
Table 9.1. Command line options
Option | Description |
---|
-A | expand an alias |
-a | attach a file to a message |
-b | specify a blind carbon-copy (BCC) address |
-c | specify a carbon-copy (Cc) address |
-D | print the value of all Mutt variables to stdout |
-e | specify a config command to be run after initialization files are read |
-f | specify a mailbox to load |
-F | specify an alternate file to read initialization commands |
-h | print help on command line options |
-H | specify a draft file from which to read a header and body |
-i | specify a file to include in a message composition |
-m | specify a default mailbox type |
-n | do not read the system Muttrc |
-p | recall a postponed message |
-Q | query a configuration variable |
-R | open mailbox in read-only mode |
-s | specify a subject (enclose in quotes if it contains spaces) |
-v | show version number and compile-time definitions |
-x | simulate the mailx(1) compose mode |
-y | show a menu containing the files specified by the mailboxes command |
-z | exit immediately if there are no messages in the mailbox |
-Z | open the first folder with new message, exit immediately if none |
++
Table 9.1. Command line options
Option | Description |
---|
-A | expand an alias |
-a | attach a file to a message |
-b | specify a blind carbon-copy (BCC) address |
-c | specify a carbon-copy (Cc) address |
-D | print the value of all Mutt variables to stdout |
-d | log debugging output to ~/.muttdebug0 if complied with +DEBUG (level can be 1-5) |
-e | specify a config command to be run after initialization files are read |
-f | specify a mailbox to load |
-F | specify an alternate file to read initialization commands |
-h | print help on command line options |
-H | specify a draft file from which to read a header and body |
-i | specify a file to include in a message composition |
-m | specify a default mailbox type |
-n | do not read the system Muttrc |
-p | recall a postponed message |
-Q | query a configuration variable |
-R | open mailbox in read-only mode |
-s | specify a subject (enclose in quotes if it contains spaces) |
-v | show version number and compile-time definitions |
-x | simulate the mailx(1) compose mode |
-y | show a menu containing the files specified by the mailboxes command |
-z | exit immediately if there are no messages in the mailbox |
-Z | open the first folder with new message, exit immediately if none |
+ To read messages in a mailbox
+
mutt
[-nz
] [-F
+ muttrc
+diff -up mutt-1.5.21/doc/Makefile.am.manhelp2 mutt-1.5.21/doc/Makefile.am
+--- mutt-1.5.21/doc/Makefile.am.manhelp2 2013-05-20 17:07:01.080436035 +0200
++++ mutt-1.5.21/doc/Makefile.am 2013-05-20 17:10:03.670432844 +0200
+@@ -13,6 +13,8 @@ EXTRA_DIST = dotlock.man \
+ smime_keys.man \
+ muttbug.man \
+ mutt.man \
++ pgpewrap.man \
++ pgpring.man \
+ PGP-Notes.txt \
+ applying-patches.txt \
+ devel-notes.txt \
+@@ -46,7 +48,7 @@ topsrcdir_DOCFILES = COPYRIGHT GPL INSTA
+
+ all: makedoc-all
+
+-makedoc-all: mutt.1 smime_keys.1 muttrc.man manual.html stamp-doc-rc stamp-doc-chunked manual.txt
++makedoc-all: mutt.1 smime_keys.1 muttrc.man manual.html stamp-doc-rc stamp-doc-chunked manual.txt pgpewrap.1 pgpring.1
+
+ install-data-local: makedoc-all instdoc
+ $(top_srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/man1
+@@ -54,6 +56,8 @@ install-data-local: makedoc-all instdoc
+ $(top_srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir)
+ ./instdoc mutt.1 $(DESTDIR)$(mandir)/man1/mutt.1
+ ./instdoc smime_keys.1 $(DESTDIR)$(mandir)/man1/smime_keys.1
++ ./instdoc pgpewrap.1 $(DESTDIR)$(mandir)/man1/pgpewrap.1
++ ./instdoc pgpring.1 $(DESTDIR)$(mandir)/man1/pgpring.1
+ ./instdoc $(srcdir)/muttbug.man $(DESTDIR)$(mandir)/man1/flea.1
+ ./instdoc $(srcdir)/muttbug.man $(DESTDIR)$(mandir)/man1/muttbug.1
+ test x@DOTLOCK_TARGET@ = x || ./instdoc $(srcdir)/dotlock.man \
+@@ -82,7 +86,7 @@ install-data-local: makedoc-all instdoc
+ fi
+
+ uninstall-local:
+- for f in mutt.1 mutt_dotlock.1 flea.1 muttbug.1 smime_keys.1; do \
++ for f in mutt.1 mutt_dotlock.1 flea.1 muttbug.1 smime_keys.1 pgpewrap.1 pgpring.1; do \
+ rm -f $(DESTDIR)$(mandir)/man1/$$f ; \
+ done
+ for f in muttrc.5 mbox.5 mmdf.5 ; do \
+@@ -147,7 +151,7 @@ sortcheck: manual.xml
+ rm -rf vars.tmp.1 vars.tmp.2
+
+ clean-local:
+- rm -f *~ *.html *.orig *.rej stamp-doc-* *.ps mutt.1 smime_keys.1 muttrc.man
++ rm -f *~ *.html *.orig *.rej stamp-doc-* *.ps mutt.1 smime_keys.1 muttrc.man pgpewrap.1 pgpring.1
+ rm -f *.aux *.log *.tex *.out
+
+ DISTCLEANFILES=manual.txt manual.html manual.xml manual.pdf html \
+@@ -171,6 +175,12 @@ EDIT = sed -e 's,@sysconfdir\@,$(sysconf
+ mutt.1: $(srcdir)/mutt.man
+ $(EDIT) $(srcdir)/mutt.man > $@
+
++pgpewrap.1: $(srcdir)/pgpewrap.man
++ $(EDIT) $(srcdir)/pgpewrap.man > $@
++
++pgpring.1: $(srcdir)/pgpring.man
++ $(EDIT) $(srcdir)/pgpring.man > $@
++
+ smime_keys.1: $(srcdir)/smime_keys.man
+ $(EDIT) $(srcdir)/smime_keys.man > $@
+
diff --git a/SOURCES/mutt-1.5.21-notation.patch b/SOURCES/mutt-1.5.21-notation.patch
new file mode 100644
index 0000000..ebdbdca
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-notation.patch
@@ -0,0 +1,13 @@
+diff -up mutt-1.5.21/crypt-gpgme.c.notation mutt-1.5.21/crypt-gpgme.c
+--- mutt-1.5.21/crypt-gpgme.c.notation 2012-04-25 10:26:20.589226791 +0200
++++ mutt-1.5.21/crypt-gpgme.c 2012-04-25 10:28:02.075915855 +0200
+@@ -72,7 +72,8 @@
+ #define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1))
+
+ #define PKA_NOTATION_NAME "pka-address@gnupg.org"
+-#define is_pka_notation(notation) (! strcmp ((notation)->name, \
++#define is_pka_notation(notation) ((notation)->name && \
++ ! strcmp ((notation)->name, \
+ PKA_NOTATION_NAME))
+
+ /* Values used for comparing addresses. */
diff --git a/SOURCES/mutt-1.5.21-pophash.patch b/SOURCES/mutt-1.5.21-pophash.patch
new file mode 100644
index 0000000..5540e97
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-pophash.patch
@@ -0,0 +1,19 @@
+diff -up mutt/pop.c.pophash mutt/pop.c
+--- mutt/pop.c.pophash 2009-12-14 19:24:59.000000000 +0100
++++ mutt/pop.c 2011-10-04 16:51:23.307236908 +0200
+@@ -618,8 +618,15 @@ int pop_fetch_message (MESSAGE* msg, CON
+ }
+ rewind (msg->fp);
+ uidl = h->data;
++
++ /* we replace envelop, key in subj_hash has to be updated as well */
++ if (ctx->subj_hash && h->env->real_subj)
++ hash_delete (ctx->subj_hash, h->env->real_subj, h, NULL);
+ mutt_free_envelope (&h->env);
+ h->env = mutt_read_rfc822_header (msg->fp, h, 0, 0);
++ if (ctx->subj_hash && h->env->real_subj)
++ hash_insert (ctx->subj_hash, h->env->real_subj, h, 1);
++
+ h->data = uidl;
+ h->lines = 0;
+ fgets (buf, sizeof (buf), msg->fp);
diff --git a/SOURCES/mutt-1.5.21-syncdebug.patch b/SOURCES/mutt-1.5.21-syncdebug.patch
new file mode 100644
index 0000000..016e500
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-syncdebug.patch
@@ -0,0 +1,12 @@
+diff -up mutt-1.5.21/imap/imap.c.syncdebug mutt-1.5.21/imap/imap.c
+--- mutt-1.5.21/imap/imap.c.syncdebug 2012-03-27 10:05:44.978962551 +0200
++++ mutt-1.5.21/imap/imap.c 2012-03-27 10:05:54.223252267 +0200
+@@ -1128,7 +1128,7 @@ static int sync_helper (IMAP_DATA* idata
+
+ char buf[LONG_STRING];
+
+- if (!mutt_bit_isset (idata->ctx->rights, right))
++ if (!idata->ctx || !mutt_bit_isset (idata->ctx->rights, right))
+ return 0;
+
+ if (right == M_ACL_WRITE && !imap_has_flag (idata->flags, name))
diff --git a/SOURCES/mutt-1.5.21-testcert.patch b/SOURCES/mutt-1.5.21-testcert.patch
new file mode 100644
index 0000000..0d0c86d
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-testcert.patch
@@ -0,0 +1,30 @@
+diff -up mutt-1.5.21/mutt_ssl_gnutls.c.old mutt-1.5.21/mutt_ssl_gnutls.c
+--- mutt-1.5.21/mutt_ssl_gnutls.c.old 2011-03-23 11:46:28.760386765 +0100
++++ mutt-1.5.21/mutt_ssl_gnutls.c 2011-03-23 14:34:45.839456449 +0100
+@@ -978,6 +978,7 @@ static int tls_check_certificate (CONNEC
+ unsigned int cert_list_size = 0;
+ gnutls_certificate_status certstat;
+ int certerr, i, preauthrc, savedcert, rc = 0;
++ int rcpeer;
+
+ if (gnutls_auth_get_type (state) != GNUTLS_CRD_CERTIFICATE)
+ {
+@@ -1003,6 +1004,9 @@ static int tls_check_certificate (CONNEC
+ for (i = 0; i < cert_list_size; i++) {
+ rc = tls_check_preauth(&cert_list[i], certstat, conn->account.host, i,
+ &certerr, &savedcert);
++ if (i == 0)
++ rcpeer = rc;
++
+ preauthrc += rc;
+
+ if (savedcert)
+@@ -1028,7 +1032,7 @@ static int tls_check_certificate (CONNEC
+ dprint (1, (debugfile, "error trusting certificate %d: %d\n", i, rc));
+
+ certstat = tls_verify_peers (state);
+- if (!certstat)
++ if (!certstat && !rcpeer)
+ return 1;
+ }
+ }
diff --git a/SOURCES/mutt-1.5.21-tlsv1v2.patch b/SOURCES/mutt-1.5.21-tlsv1v2.patch
new file mode 100644
index 0000000..6e96f4c
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-tlsv1v2.patch
@@ -0,0 +1,146 @@
+Some servers have problem when connection uses TLS 1.0 or SSL 3.0.
+Since openssl offers TLS 1.1 and 1.2, we would like to use these
+when connecting to server, while having ability to disable these
+protocols if needed.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=957840
+
+Upstream related bug report:
+http://dev.mutt.org/trac/ticket/3571
+
+diff -up mutt-1.5.21/init.h.tlsv1v2 mutt-1.5.21/init.h
+--- mutt-1.5.21/init.h.tlsv1v2 2013-06-27 12:46:14.120389035 +0200
++++ mutt-1.5.21/init.h 2013-06-27 12:47:28.020387743 +0200
+@@ -2970,6 +2970,18 @@ struct option_t MuttVars[] = {
+ ** This variable specifies whether to attempt to use TLSv1 in the
+ ** SSL authentication process.
+ */
++ { "ssl_use_tlsv1_1", DT_BOOL, R_NONE, OPTTLSV1_1, 1 },
++ /*
++ ** .pp
++ ** This variable specifies whether to attempt to use TLSv1.1 in the
++ ** SSL authentication process.
++ */
++ { "ssl_use_tlsv1_2", DT_BOOL, R_NONE, OPTTLSV1_2, 1 },
++ /*
++ ** .pp
++ ** This variable specifies whether to attempt to use TLSv1.2 in the
++ ** SSL authentication process.
++ */
+ #ifdef USE_SSL_OPENSSL
+ { "ssl_usesystemcerts", DT_BOOL, R_NONE, OPTSSLSYSTEMCERTS, 1 },
+ /*
+diff -up mutt-1.5.21/mutt.h.tlsv1v2 mutt-1.5.21/mutt.h
+--- mutt-1.5.21/mutt.h.tlsv1v2 2010-09-13 19:19:55.000000000 +0200
++++ mutt-1.5.21/mutt.h 2013-06-27 12:47:28.020387743 +0200
+@@ -376,6 +376,8 @@ enum
+ # endif /* USE_SSL_GNUTLS */
+ OPTSSLV3,
+ OPTTLSV1,
++ OPTTLSV1_1,
++ OPTTLSV1_2,
+ OPTSSLFORCETLS,
+ OPTSSLVERIFYDATES,
+ OPTSSLVERIFYHOST,
+diff -up mutt-1.5.21/mutt_ssl.c.tlsv1v2 mutt-1.5.21/mutt_ssl.c
+--- mutt-1.5.21/mutt_ssl.c.tlsv1v2 2010-08-25 18:31:40.000000000 +0200
++++ mutt-1.5.21/mutt_ssl.c 2013-06-27 12:47:28.021387743 +0200
+@@ -106,6 +106,18 @@ int mutt_ssl_starttls (CONNECTION* conn)
+ dprint (1, (debugfile, "mutt_ssl_starttls: Error allocating SSL_CTX\n"));
+ goto bail_ssldata;
+ }
++#ifdef SSL_OP_NO_TLSv1_1
++ if (!option(OPTTLSV1_1))
++ {
++ SSL_CTX_set_options(ssldata->ctx, SSL_OP_NO_TLSv1_1);
++ }
++#endif
++#ifdef SSL_OP_NO_TLSv1_2
++ if (!option(OPTTLSV1_2))
++ {
++ SSL_CTX_set_options(ssldata->ctx, SSL_OP_NO_TLSv1_2);
++ }
++#endif
+
+ ssl_get_client_cert(ssldata, conn);
+
+@@ -303,6 +315,21 @@ static int ssl_socket_open (CONNECTION *
+ {
+ SSL_CTX_set_options(data->ctx, SSL_OP_NO_TLSv1);
+ }
++ /* TLSv1.1/1.2 support was added in OpenSSL 1.0.1, but some OS distros such
++ * as Fedora 17 are on OpenSSL 1.0.0.
++ */
++#ifdef SSL_OP_NO_TLSv1_1
++ if (!option(OPTTLSV1_1))
++ {
++ SSL_CTX_set_options(data->ctx, SSL_OP_NO_TLSv1_1);
++ }
++#endif
++#ifdef SSL_OP_NO_TLSv1_2
++ if (!option(OPTTLSV1_2))
++ {
++ SSL_CTX_set_options(data->ctx, SSL_OP_NO_TLSv1_2);
++ }
++#endif
+ if (!option(OPTSSLV2))
+ {
+ SSL_CTX_set_options(data->ctx, SSL_OP_NO_SSLv2);
+diff -up mutt-1.5.21/mutt_ssl_gnutls.c.tlsv1v2 mutt-1.5.21/mutt_ssl_gnutls.c
+--- mutt-1.5.21/mutt_ssl_gnutls.c.tlsv1v2 2013-06-27 12:46:14.123389035 +0200
++++ mutt-1.5.21/mutt_ssl_gnutls.c 2013-06-27 12:47:28.018387743 +0200
+@@ -238,7 +238,11 @@ err_crt:
+ gnutls_x509_crt_deinit (clientcrt);
+ }
+
+-static int protocol_priority[] = {GNUTLS_TLS1, GNUTLS_SSL3, 0};
++/* This array needs to be large enough to hold all the possible values support
++ * by Mutt. The initialized values are just placeholders--the array gets
++ * overwrriten in tls_negotiate() depending on the $ssl_use_* options.
++ */
++static int protocol_priority[] = {GNUTLS_TLS1_2, GNUTLS_TLS1_1, GNUTLS_TLS1, GNUTLS_SSL3, 0};
+
+ /* tls_negotiate: After TLS state has been initialised, attempt to negotiate
+ * TLS over the wire, including certificate checks. */
+@@ -246,6 +250,7 @@ static int tls_negotiate (CONNECTION * c
+ {
+ tlssockdata *data;
+ int err;
++ size_t nproto = 0; /* number of tls/ssl protocols */
+
+ data = (tlssockdata *) safe_calloc (1, sizeof (tlssockdata));
+ conn->sockdata = data;
+@@ -286,22 +291,22 @@ static int tls_negotiate (CONNECTION * c
+ /* set socket */
+ gnutls_transport_set_ptr (data->state, (gnutls_transport_ptr)conn->fd);
+
++ if (option(OPTTLSV1_2))
++ protocol_priority[nproto++] = GNUTLS_TLS1_2;
++ if (option(OPTTLSV1_1))
++ protocol_priority[nproto++] = GNUTLS_TLS1_1;
++ if (option(OPTTLSV1))
++ protocol_priority[nproto++] = GNUTLS_TLS1;
++ if (option(OPTSSLV3))
++ protocol_priority[nproto++] = GNUTLS_SSL3;
++ protocol_priority[nproto] = 0;
++
+ /* disable TLS/SSL protocols as needed */
+- if (!option(OPTTLSV1) && !option(OPTSSLV3))
++ if (nproto == 0)
+ {
+ mutt_error (_("All available protocols for TLS/SSL connection disabled"));
+ goto fail;
+ }
+- else if (!option(OPTTLSV1))
+- {
+- protocol_priority[0] = GNUTLS_SSL3;
+- protocol_priority[1] = 0;
+- }
+- else if (!option(OPTSSLV3))
+- {
+- protocol_priority[0] = GNUTLS_TLS1;
+- protocol_priority[1] = 0;
+- }
+ /*
+ else
+ use the list set above
diff --git a/SOURCES/mutt-1.5.21-tmpdir.patch b/SOURCES/mutt-1.5.21-tmpdir.patch
new file mode 100644
index 0000000..9256735
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-tmpdir.patch
@@ -0,0 +1,146 @@
+Subject: Changed tmpdir default to /var/tmp
+
+By default, mutt stores drafts in
+/tmp/mutt-$HOSTNAME-$UID-$PID-$REV. /tmp is designed to hold data
+that isn't guaranteed to be preserved between different invocations
+of programmes. For practical purposes, and on Debian at least, this
+translates to files being deleted on every boot, unless TMPTIME is
+amended in /etc/default/rcS and /tmp is not a tmpfs.
+
+This behaviour can cause loss of data, e.g. when the laptop dies or
+turns itself off due to low power; the user might not have a chance
+to commit the temporary mail draft s/he was working on to
+non-volatile storage.
+
+I suggest that mutt should use /var/tmp by default for its mail
+drafts, as that directory is also temporary in nature, but cleaned
+less frequently than /tmp. More specifically, the FHS dictates that
+"files and directories located in /var/tmp must not be deleted when
+the system is booted."
+
+This patch modifies all occurrences of $tmpdir, $TMPDIR and Tempdir, but
+not the documentation, which looks like it's generated from init.h.
+
+Patch created by: martin f. krafft , submitted to
+http://dev.mutt.org/trac/ticket/3236
+and repaired to be able to apply.
+
+Fedora related: Upstream is not willing to change defualt tmpdir,
+because they don't believe /var/tmp is on all supported platforms.
+However, they agree with changing it in distrubution packages.
+More info at http://dev.mutt.org/trac/ticket/3236
+
+diff -up mutt-1.5.21/doc/manual.html.tmpdir mutt-1.5.21/doc/manual.html
+--- mutt-1.5.21/doc/manual.html.tmpdir 2012-09-27 15:02:53.455915783 +0200
++++ mutt-1.5.21/doc/manual.html 2012-09-27 15:04:07.439427603 +0200
+@@ -3090,7 +3090,7 @@ information, notably the type, encoding
+
+ Attachments appear as follows by default:
+
+-- 1 [text/plain, 7bit, 1K] /tmp/mutt-euler-8082-0 <no description>
++- 1 [text/plain, 7bit, 1K] /var/tmp/mutt-euler-8082-0 <no description>
+ 2 [applica/x-gunzip, base64, 422K] ~/src/mutt-0.85.tar.gz <no description>
+
+ The “-” denotes that Mutt will delete the file after
+@@ -6944,7 +6944,7 @@ Default: (empty)
+ This variable allows you to specify where Mutt will place its
+ temporary files needed for displaying and composing messages. If
+ this variable is not set, the environment variable $TMPDIR
is
+-used. If $TMPDIR
is not set then “/tmp
” is used.
++used. If $TMPDIR
is not set then “/var/tmp
” is used.
+
Type: string
+ Default: “ +TCFL
”
+ Controls the character used to indicate mail addressed to you. The
+diff -up mutt-1.5.21/doc/manual.txt.tmpdir mutt-1.5.21/doc/manual.txt
+--- mutt-1.5.21/doc/manual.txt.tmpdir 2012-09-27 15:04:20.601518838 +0200
++++ mutt-1.5.21/doc/manual.txt 2012-09-27 15:04:50.154724683 +0200
+@@ -4524,7 +4524,7 @@ description.
+
+ Attachments appear as follows by default:
+
+-- 1 [text/plain, 7bit, 1K] /tmp/mutt-euler-8082-0
++- 1 [text/plain, 7bit, 1K] /var/tmp/mutt-euler-8082-0
+ 2 [applica/x-gunzip, base64, 422K] ~/src/mutt-0.85.tar.gz
+
+ The ?-? denotes that Mutt will delete the file after sending (or postponing, or
+@@ -9746,7 +9746,7 @@ Default: (empty)
+
+ This variable allows you to specify where Mutt will place its temporary files
+ needed for displaying and composing messages. If this variable is not set, the
+-environment variable $TMPDIR is used. If $TMPDIR is not set then ?/tmp? is
++environment variable $TMPDIR is used. If $TMPDIR is not set then ?/var/tmp? is
+ used.
+
+ 3.294. to_chars
+diff -up mutt-1.5.21/doc/Muttrc.tmpdir mutt-1.5.21/doc/Muttrc
+--- mutt-1.5.21/doc/Muttrc.tmpdir 2012-09-27 15:02:16.391661482 +0200
++++ mutt-1.5.21/doc/Muttrc 2012-09-27 15:02:33.822780695 +0200
+@@ -4515,7 +4515,7 @@ attachments -I message/external-body
+ # This variable allows you to specify where Mutt will place its
+ # temporary files needed for displaying and composing messages. If
+ # this variable is not set, the environment variable $TMPDIR is
+-# used. If $TMPDIR is not set then ``/tmp'' is used.
++# used. If $TMPDIR is not set then ``/var/tmp'' is used.
+ #
+ #
+ # set to_chars=" +TCFL"
+diff -up mutt-1.5.21/doc/reference.html.tmpdir mutt-1.5.21/doc/reference.html
+--- mutt-1.5.21/doc/reference.html.tmpdir 2012-09-27 15:05:12.288879110 +0200
++++ mutt-1.5.21/doc/reference.html 2012-09-27 15:05:51.130151344 +0200
+@@ -2804,7 +2804,7 @@ Default: (empty)
+ This variable allows you to specify where Mutt will place its
+ temporary files needed for displaying and composing messages. If
+ this variable is not set, the environment variable $TMPDIR
is
+-used. If $TMPDIR
is not set then “/tmp
” is used.
++used. If $TMPDIR
is not set then “/var/tmp
” is used.
+
Type: string
+ Default: “ +TCFL
”
+ Controls the character used to indicate mail addressed to you. The
+diff -up mutt-1.5.21/init.c.tmpdir mutt-1.5.21/init.c
+--- mutt-1.5.21/init.c.tmpdir 2012-09-27 14:59:10.099395476 +0200
++++ mutt-1.5.21/init.c 2012-09-27 14:59:23.292484023 +0200
+@@ -2992,7 +2992,7 @@ void mutt_init (int skip_sys_rc, LIST *c
+ MailcapPath = safe_strdup ("~/.mailcap:" PKGDATADIR "/mailcap:" SYSCONFDIR "/mailcap:/etc/mailcap:/usr/etc/mailcap:/usr/local/etc/mailcap");
+ }
+
+- Tempdir = safe_strdup ((p = getenv ("TMPDIR")) ? p : "/tmp");
++ Tempdir = safe_strdup ((p = getenv ("TMPDIR")) ? p : "/var/tmp");
+
+ p = getenv ("VISUAL");
+ if (!p)
+diff -up mutt-1.5.21/init.h.tmpdir mutt-1.5.21/init.h
+--- mutt-1.5.21/init.h.tmpdir 2012-09-27 14:59:46.214638908 +0200
++++ mutt-1.5.21/init.h 2012-09-27 15:00:21.541877784 +0200
+@@ -3178,7 +3178,7 @@ struct option_t MuttVars[] = {
+ ** This variable allows you to specify where Mutt will place its
+ ** temporary files needed for displaying and composing messages. If
+ ** this variable is not set, the environment variable \fC$$$TMPDIR\fP is
+- ** used. If \fC$$$TMPDIR\fP is not set then ``\fC/tmp\fP'' is used.
++ ** used. If \fC$$$TMPDIR\fP is not set then ``\fC/var/tmp\fP'' is used.
+ */
+ { "to_chars", DT_STR, R_BOTH, UL &Tochars, UL " +TCFL" },
+ /*
+diff -up mutt-1.5.21/install-sh.tmpdir mutt-1.5.21/install-sh
+--- mutt-1.5.21/install-sh.tmpdir 2012-09-27 15:00:32.246950740 +0200
++++ mutt-1.5.21/install-sh 2012-09-27 15:01:15.957247967 +0200
+@@ -332,7 +332,7 @@ do
+ # is incompatible with FreeBSD 'install' when (umask & 300) != 0.
+ ;;
+ *)
+- tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
++ tmpdir=${TMPDIR-/var/tmp}/ins$RANDOM-$$
+ trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0
+
+ if (umask $mkdir_umask &&
+diff -up mutt-1.5.21/muttbug.sh.in.tmpdir mutt-1.5.21/muttbug.sh.in
+--- mutt-1.5.21/muttbug.sh.in.tmpdir 2012-09-27 15:01:37.097392500 +0200
++++ mutt-1.5.21/muttbug.sh.in 2012-09-27 15:01:52.061494226 +0200
+@@ -85,7 +85,7 @@ esac
+ exec > /dev/tty
+ exec < /dev/tty
+
+-SCRATCH=${TMPDIR-/tmp}/`basename $0`.`hostname`.$$
++SCRATCH=${TMPDIR-/var/tmp}/`basename $0`.`hostname`.$$
+
+ mkdir ${SCRATCH} || \
+ {
diff --git a/SOURCES/mutt-1.5.21-updating.patch b/SOURCES/mutt-1.5.21-updating.patch
new file mode 100644
index 0000000..2d2b161
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-updating.patch
@@ -0,0 +1,24 @@
+# HG changeset patch
+# User Brendan Cully
+# Date 1284573211 25200
+# Branch HEAD
+# Node ID bd0afbb35c65a9e80c55636e214ca85890554ce1
+# Parent b42be44bb41a2bca21289aa10a490f58e6bbf044
+Belatedly update UPDATING
+
+diff -r b42be44bb41a -r bd0afbb35c65 UPDATING
+--- a/UPDATING Wed Sep 15 10:21:04 2010 -0700
++++ b/UPDATING Wed Sep 15 10:53:31 2010 -0700
+@@ -4,8 +4,11 @@
+ The keys used are:
+ !: modified feature, -: deleted feature, +: new feature
+
+-hg tip:
++1.5.21 (2010-09-15):
+
++ + $mail_check_recent controls whether all unread mail or only new mail
++ since the last mailbox visit will be reported as new
++ + %D format expando for $folder_format
+ ! $thorough_search defaults to yes
+ + imap-logout-all closes all open IMAP connections
+ ! header/body cache paths are always UTF-8
diff --git a/SOURCES/mutt-1.5.21-verpeers.patch b/SOURCES/mutt-1.5.21-verpeers.patch
new file mode 100644
index 0000000..6e2adb9
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-verpeers.patch
@@ -0,0 +1,48 @@
+Function gnutls_certificate_verify_peers is deprecated so we should
+rather use gnutls_certificate_verify_peers2. This is a fix applied
+by upstream.
+Upstream bug report: http://dev.mutt.org/trac/ticket/3516
+
+diff -up mutt-1.5.21/mutt_ssl_gnutls.c.verpeers mutt-1.5.21/mutt_ssl_gnutls.c
+--- mutt-1.5.21/mutt_ssl_gnutls.c.verpeers 2013-03-04 15:19:56.144838094 +0100
++++ mutt-1.5.21/mutt_ssl_gnutls.c 2013-03-04 15:19:56.378838087 +0100
+@@ -946,22 +946,23 @@ static int tls_check_one_certificate (co
+ /* sanity-checking wrapper for gnutls_certificate_verify_peers */
+ static gnutls_certificate_status tls_verify_peers (gnutls_session tlsstate)
+ {
+- gnutls_certificate_status certstat;
++ int verify_ret;
++ unsigned int status;
+
+- certstat = gnutls_certificate_verify_peers (tlsstate);
+- if (!certstat)
+- return certstat;
++ verify_ret = gnutls_certificate_verify_peers2 (tlsstate, &status);
++ if (!verify_ret)
++ return status;
+
+- if (certstat == GNUTLS_E_NO_CERTIFICATE_FOUND)
++ if (status == GNUTLS_E_NO_CERTIFICATE_FOUND)
+ {
+ mutt_error (_("Unable to get certificate from peer"));
+ mutt_sleep (2);
+ return 0;
+ }
+- if (certstat < 0)
++ if (verify_ret < 0)
+ {
+ mutt_error (_("Certificate verification error (%s)"),
+- gnutls_strerror (certstat));
++ gnutls_strerror (status));
+ mutt_sleep (2);
+ return 0;
+ }
+@@ -974,7 +975,7 @@ static gnutls_certificate_status tls_ver
+ return 0;
+ }
+
+- return certstat;
++ return status;
+ }
+
+ static int tls_check_certificate (CONNECTION* conn)
diff --git a/SOURCES/mutt-1.5.21-writehead.patch b/SOURCES/mutt-1.5.21-writehead.patch
new file mode 100644
index 0000000..4c10170
--- /dev/null
+++ b/SOURCES/mutt-1.5.21-writehead.patch
@@ -0,0 +1,12 @@
+diff -up mutt-1.5.21/sendlib.c.writehead mutt-1.5.21/sendlib.c
+--- mutt-1.5.21/sendlib.c.writehead 2012-06-25 14:41:34.681483226 +0200
++++ mutt-1.5.21/sendlib.c 2012-06-25 14:41:44.485408610 +0200
+@@ -1799,7 +1799,7 @@ static int write_one_header (FILE *fp, i
+ else
+ {
+ t = strchr (start, ':');
+- if (t > end)
++ if (t == NULL || t > end)
+ {
+ dprint (1, (debugfile, "mwoh: warning: header not in "
+ "'key: value' format!\n"));
diff --git a/SPECS/mutt.spec b/SPECS/mutt.spec
index 6a91d3b..955486e 100644
--- a/SPECS/mutt.spec
+++ b/SPECS/mutt.spec
@@ -1,52 +1,60 @@
-%bcond_without debug
+%bcond_with debug
%bcond_without imap
%bcond_without pop
%bcond_without smtp
%bcond_without gnutls
%bcond_without gss
%bcond_without sasl
-%bcond_with idn
-%bcond_without idn2
+%bcond_without idn
%bcond_without hcache
%bcond_without tokyocabinet
%bcond_with bdb
%bcond_with qdbm
%bcond_with gdbm
%bcond_without gpgme
-%bcond_without sidebar
-
-%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}}
Summary: A text mode mail user agent
Name: mutt
-Version: 1.10.1
-Release: 1%{?dist}
+Version: 1.5.21
+Release: 28%{?dist}
Epoch: 5
# The entire source code is GPLv2+ except
# pgpewrap.c setenv.c sha1.c wcwidth.c which are Public Domain
License: GPLv2+ and Public Domain
Group: Applications/Internet
-# hg snapshot created from http://dev.mutt.org/hg/mutt
-Source: ftp://ftp.mutt.org/pub/%{name}/%{name}-%{version}.tar.gz
+Source: ftp://ftp.mutt.org/pub/mutt/devel/mutt-%{version}.tar.gz
Source1: mutt_ldap_query
-Patch1: mutt-1.10.0-muttrc.patch
-Patch2: mutt-1.8.0-cabundle.patch
-# https://dev.mutt.org/trac/ticket/3569
-Patch3: mutt-1.7.0-syncdebug.patch
-# FIXME make it to upstream
-Patch8: mutt-1.5.23-system_certs.patch
-Patch9: mutt-1.9.0-ssl_ciphers.patch
-Patch10: mutt-1.9.4-lynx_no_backscapes.patch
-Patch12: mutt-1.9.5-nodotlock.patch
-Url: http://www.mutt.org
-Requires: mailcap, urlview
-BuildRequires: gcc
-BuildRequires: ncurses-devel, gettext, automake
-# manual generation
-BuildRequires: /usr/bin/xsltproc, docbook-style-xsl
-#BuildRequires: perl-interpreter
-#BuildRequires: perl-generators
-BuildRequires: lynx
+Patch2: mutt-1.5.13-nodotlock.patch
+Patch3: mutt-1.5.18-muttrc.patch
+Patch4: mutt-1.5.18-manual.patch
+Patch5: mutt-1.5.21-updating.patch
+Patch6: mutt-1.5.21-hdrcnt.patch
+Patch7: mutt-1.5.21-testcert.patch
+Patch8: mutt-1.5.21-cabundle.patch
+Patch9: mutt-1.5.21-gpgme-1.2.0.patch
+Patch10: mutt-1.5.21-pophash.patch
+Patch11: mutt-1.5.21-certscomp.patch
+Patch12: mutt-1.5.21-notation.patch
+Patch13: mutt-1.5.21-syncdebug.patch
+Patch14: mutt-1.5.21-writehead.patch
+Patch15: mutt-1.5.21-tmpdir.patch
+Patch16: mutt-1.5.21-verpeers.patch
+Patch17: mutt-1.5.21-manhelp.patch
+Patch18: mutt-1.5.21-tlsv1v2.patch
+Patch19: mutt-1.5.20-cve-2014-0467.patch
+Patch20: mutt-1.5.20-domainname.patch
+Patch21: mutt-1.5.20-system_certs.patch
+Patch22: mutt-1.5.21-cve-2018-14354_cve-2018-14357.patch
+Patch23: mutt-1.5.21-cve-2018-14362.patch
+
+
+Url: http://www.mutt.org/
+Requires: mailcap urlview
+BuildRequires: ncurses-devel
+BuildRequires: gettext
+BuildRequires: automake
+# required to build documentation
+BuildRequires: docbook-style-xsl libxslt lynx
%if %{with hcache}
%{?with_tokyocabinet:BuildRequires: tokyocabinet-devel}
@@ -54,21 +62,16 @@ BuildRequires: lynx
%{?with_qdbm:BuildRequires: qdbm-devel}
%{?with_gdbm:BuildRequires: gdbm-devel}
%endif
-
%if %{with imap} || %{with pop} || %{with smtp}
%{?with_gnutls:BuildRequires: gnutls-devel}
%{?with_sasl:BuildRequires: cyrus-sasl-devel}
%endif
-
%if %{with imap}
%{?with_gss:BuildRequires: krb5-devel}
%endif
-
%{?with_idn:BuildRequires: libidn-devel}
-%{?with_idn2:BuildRequires: libidn2-devel}
%{?with_gpgme:BuildRequires: gpgme-devel}
-
%description
Mutt is a small but very powerful text-based MIME mail client. Mutt
is highly configurable, and is well suited to the mail power user with
@@ -76,123 +79,107 @@ advanced features like key bindings, keyboard macros, mail threading,
regular expression searches and a powerful pattern matching language
for selecting groups of messages.
-
%prep
-# unpack; cd
%setup -q
-# do not run ./prepare -V, because it also runs ./configure
-
-%patch10 -p1 -b .lynx_no_backscapes
-%patch12 -p1 -b .nodotlock
-
-autoreconf --install
-%patch1 -p1 -b .muttrc
-%patch2 -p1 -b .cabundle
-%patch3 -p1 -b .syncdebug
-%patch8 -p1 -b .system_certs
-%patch9 -p1 -b .ssl_ciphers
-
-sed -i -r 's/`$GPGME_CONFIG --libs`/"\0 -lgpg-error"/' configure
+#./prepare -V
+# Thou shalt use fcntl, and only fcntl
+%patch2 -p1 -b .nodl
+%patch3 -p1 -b .muttrc
+%patch4 -p1 -b .manual
+%patch5 -p1 -b .updating
+%patch6 -p1 -b .hdrcnt
+%patch7 -p1 -b .testcert
+%patch8 -p1 -b .cabundle
+%patch9 -p1 -b .gpgme-1.2.0
+%patch10 -p1 -b .pophash
+%patch11 -p1 -b .certscomp
+%patch12 -p1 -b .notation
+%patch13 -p1 -b .syncdebug
+%patch14 -p1 -b .writehead
+%patch15 -p1 -b .tmpdir
+%patch16 -p1 -b .verpeers
+%patch17 -p1 -b .manhelp
+%patch18 -p1 -b .tlsv1v2
+%patch19 -p1 -b .cve-2014-0467
+%patch20 -p1 -b .domainname
+%patch21 -p1 -b .system_certs
+%patch22 -p1 -b .cve-2018-14354_cve-2018-14357
+%patch23 -p1 -b .cve-2018-14362
+
+sed -i.gpgerror 's/`$GPGME_CONFIG --libs`/"\0 -lgpg-error"/' configure
install -p -m644 %{SOURCE1} mutt_ldap_query
%global hgreldate \\.(201[0-9])([0-1][0-9])([0-3][0-9])hg
if echo %{release} | grep -E -q '%{hgreldate}'; then
- echo -n 'const char *ReleaseDate = ' > reldate.h
- echo %{release} | sed -r 's/.*%{hgreldate}.*/"\1-\2-\3";/' >> reldate.h
+ echo -n 'const char *ReleaseDate = ' > reldate.h
+ echo %{release} | sed -r 's/.*%{hgreldate}.*/"\1-\2-\3";/' >> reldate.h
fi
-# remove mutt_ssl.c to be sure it won't be used because it violates
-# Packaging:CryptoPolicies
-# https://fedoraproject.org/wiki/Packaging:CryptoPolicies
-rm -f mutt_ssl.c
-
-
%build
%configure \
- SENDMAIL=%{_sbindir}/sendmail \
- ISPELL=%{_bindir}/hunspell \
- %{?with_debug: --enable-debug}\
- %{?with_pop: --enable-pop}\
- %{?with_imap: --enable-imap} \
- %{?with_smtp: --enable-smtp} \
-\
- %if %{with hcache}
- --enable-hcache \
- %{!?with_tokyocabinet: --without-tokyocabinet} \
- %{!?with_gdbm: --without-gdbm} \
- %{!?with_qdbm: --without-qdbm} \
- %endif
-\
- %if %{with imap} || %{with pop} || %{with smtp}
- %{?with_gnutls: --with-gnutls} \
- %{?with_sasl: --with-sasl} \
- %endif
-\
- %if %{with imap}
- %{?with_gss: --with-gss} \
- %endif
-\
- %{?with_idn: --with-idn} \
- %{!?with_idn: --without-idn} \
- %{?with_idn2: --with-idn2} \
- %{!?with_idn2: --without-idn2} \
-\
- %{?with_gpgme: --enable-gpgme} \
- %{?with_sidebar: --enable-sidebar} \
- --with-docdir=%{_pkgdocdir}
+ SENDMAIL=%{_sbindir}/sendmail \
+ ISPELL=%{_bindir}/hunspell \
+%{?with_debug: --enable-debug}\
+%{?with_pop: --enable-pop}\
+%{?with_imap: --enable-imap} \
+%{?with_smtp: --enable-smtp} \
+%if %{with hcache}
+ --enable-hcache \
+%{!?with_tokyocabinet: --without-tokyocabinet} \
+%{!?with_gdbm: --without-gdbm} \
+%{!?with_qdbm: --without-qdbm} \
+%endif
+%if %{with imap} || %{with pop} || %{with smtp}
+%{?with_gnutls: --with-gnutls} \
+%{?with_sasl: --with-sasl} \
+%endif
+%if %{with imap}
+%{?with_gss: --with-gss} \
+%endif
+%{!?with_idn: --without-idn} \
+%{?with_gpgme: --enable-gpgme} \
+ --with-docdir=%{_docdir}/%{name}-%{version}
make %{?_smp_mflags}
# remove unique id in manual.html because multilib conflicts
-sed -i -r 's///g' doc/manual.html
-
+sed -i -e 's///g' doc/manual.html
%install
-make install DESTDIR=%{buildroot}
+make install DESTDIR=$RPM_BUILD_ROOT
# we like GPG here
cat contrib/gpg.rc >> \
- %{buildroot}%{_sysconfdir}/Muttrc
+ $RPM_BUILD_ROOT%{_sysconfdir}/Muttrc
grep -5 "^color" contrib/sample.muttrc >> \
- %{buildroot}%{_sysconfdir}/Muttrc
+ $RPM_BUILD_ROOT%{_sysconfdir}/Muttrc
-cat >> %{buildroot}%{_sysconfdir}/Muttrc <<\EOF
+cat >> $RPM_BUILD_ROOT%{_sysconfdir}/Muttrc < \
- %{buildroot}%{_sysconfdir}/Muttrc.local
+echo "# Local configuration for Mutt." > $RPM_BUILD_ROOT%{_sysconfdir}/Muttrc.local
# remove unpackaged files from the buildroot
-rm -f %{buildroot}%{_sysconfdir}/*.dist
-rm -f %{buildroot}%{_sysconfdir}/mime.types
-# disable mutt_dotlock program - remove the compiled binary
-rm -f %{buildroot}%{_bindir}/mutt_dotlock
-rm -f %{buildroot}%{_bindir}/muttbug
-rm -f %{buildroot}%{_bindir}/flea
-rm -f %{buildroot}%{_mandir}/man1/mutt_dotlock.1*
-rm -f %{buildroot}%{_mandir}/man1/muttbug.1*
-rm -f %{buildroot}%{_mandir}/man1/flea.1*
-rm -f %{buildroot}%{_mandir}/man5/mbox.5*
-rm -f %{buildroot}%{_mandir}/man5/mmdf.5*
-rm -rf %{buildroot}%{_pkgdocdir}
+rm -f $RPM_BUILD_ROOT%{_sysconfdir}/{*.dist,mime.types}
+rm -f $RPM_BUILD_ROOT%{_bindir}/{flea,muttbug}
+rm -f $RPM_BUILD_ROOT%{_mandir}/man1/{flea,muttbug,mutt_dotlock}.1*
+rm -f $RPM_BUILD_ROOT%{_mandir}/man5/{mbox,mmdf}.5*
+rm -f $RPM_BUILD_ROOT%{_docdir}/%{name}-%{version}/INSTALL
# provide muttrc.local(5): the same as muttrc(5)
-ln -sf ./muttrc.5 %{buildroot}%{_mandir}/man5/muttrc.local.5
+ln -sf ./muttrc.5 $RPM_BUILD_ROOT%{_mandir}/man5/muttrc.local.5
%find_lang %{name}
-
%files -f %{name}.lang
-%{!?_licensedir:%global license %doc}
-%license COPYRIGHT GPL
-%doc ChangeLog NEWS README* UPDATING mutt_ldap_query
-%doc contrib/*.rc contrib/sample.* contrib/colors.*
-%doc doc/manual.html doc/manual.txt doc/smime-notes.txt
%config(noreplace) %{_sysconfdir}/Muttrc
%config(noreplace) %{_sysconfdir}/Muttrc.local
+%doc COPYRIGHT ChangeLog GPL NEWS README* UPDATING mutt_ldap_query
+%doc contrib/*.rc contrib/sample.* contrib/colors.*
+%doc doc/manual.txt doc/smime-notes.txt
%{_bindir}/mutt
%{_bindir}/pgpring
%{_bindir}/pgpewrap
@@ -203,155 +190,28 @@ ln -sf ./muttrc.5 %{buildroot}%{_mandir}/man5/muttrc.local.5
%{_mandir}/man1/pgpewrap.*
%{_mandir}/man5/muttrc.*
-
%changelog
-* Tue Jul 17 2018 Matej Mužila - 5:1.10.1-1
-- Upgrade to 1.10.1
-
-* Fri Jul 13 2018 Fedora Release Engineering - 5:1.10.0-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Thu May 24 2018 Matej Mužila - 5:1.10.0-2
-- Disable post-install mutt_dotlock checking by patch, not by sed.
-
-* Tue May 22 2018 Matej Mužila - 5:1.10.0-1
-- Upgrade to 1.10.0
-
-* Thu Apr 19 2018 Matej Mužila - 5:1.9.5-4
-- Disable dotlock by patch instead of sed
-- Resolves: #1568597
-
-* Wed Apr 18 2018 Matej Mužila - 5:1.9.5-3
-- Apply patches of autoreconf related configuration files before running
- autoreconf
-
-* Mon Apr 16 2018 Matej Mužila - 5:1.9.5-2
-- Use libidn2 instead of libidn
-
-* Mon Apr 16 2018 Matej Mužila - 5:1.9.5-1
-- Upgrade to 1.9.5
-
-* Fri Apr 13 2018 Matej Mužila - 5:1.9.4-2
-- Use lynx to generate documentation
-
-* Mon Apr 09 2018 Matej Mužila - 5:1.9.4-1
-- Upgrade to 1.9.4
-
-* Tue Feb 13 2018 Matej Mužila - 5:1.9.3-1
-- Upgrade to 1.9.3
-
-* Thu Feb 08 2018 Fedora Release Engineering - 5:1.9.2-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
-
-* Wed Dec 20 2017 Matej Mužila - 5:1.9.2-1
-- Upgrade to 1.9.2
-
-* Sun Sep 24 2017 Fabio Alessandro Locati - 5:1.9.1-1
-- Upgrade to 1.9.1
-
-* Mon Sep 04 2017 Fabio Alessandro Locati - 5:1.9.0-1
-- Upgrade to 1.9.0
-- Rebase mutt-1.5.23-ssl_ciphers.patch to mutt-1.9.0-ssl_ciphers.patch
-
-* Thu Aug 03 2017 Fedora Release Engineering - 5:1.8.3-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
-
-* Wed Jul 26 2017 Fedora Release Engineering - 5:1.8.3-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
-
-* Wed Jun 21 2017 Fabio Alessandro Locati - 5:1.8.3-1
-- Upgrade to 1.8.3
-
-* Mon Apr 24 2017 Matej Mužila - 5:1.8.2-1
-- Update to 1.8.2
-
-* Sat Feb 25 2017 Fabio Alessandro Locati - 5:1.8.0-1
-- Upgrade to 1.8.0
-- Rebase muttrc patch
-- Rebase cabundle patch
-
-* Fri Feb 10 2017 Fedora Release Engineering - 5:1.7.2-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
-
-* Sat Dec 10 2016 Igor Gnatenko - 5:1.7.2-2
-- Rebuild for gpgme 1.18
-
-* Mon Dec 05 2016 Fabio Alessandro Locati - 5:1.7.2-1
-- Upgrade to 1.7.2
-
-* Sun Oct 09 2016 Fabio Alessandro Locati - 5:1.7.1-1
-- Upgrade to 1.7.1
-- Rebase cabundle patch
-
-* Sat Aug 20 2016 Fabio Alessandro Locati - 5:1.7.0-1
-- Upgrade to 1.7.0
-
-* Thu Jul 07 2016 Jon Ciesla - 5:1.6.2-1
-- Upgrade to 1.6.2
-
-* Mon May 02 2016 Fabio Alessandro Locati - 5:1.6.1-1
-- Upgrade to 1.6.1
-
-* Mon Apr 18 2016 Fabio Alessandro Locati - 5:1.6.0-1
-- Upgrade to 1.6.0
-- Drop patch domainname since it should not be needed any more
-
-* Thu Feb 04 2016 Fedora Release Engineering - 5:1.5.24-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
-
-* Fri Sep 04 2015 Matej Muzila - 5:1.5.24-1
-- Updated to 1.5.24 (Resolves: rhbz#1259332)
-- Utilize system-wide crypto-policies (Resolves: rhbz#1179324)
-
-* Thu Jun 25 2015 Matej Muzila - 5:1.5.23-9
-- Make system CA bundle default in mutt
-- Resolves: #1069778
-
-* Tue Jun 02 2015 Matej Muzila - 5:1.5.23-8
-- Resolves #1227288
-- Do not send "From" header without the host part (eg. )
-
-* Wed Dec 03 2014 Matej Muzila - 5:1.5.23-7
-- added patch file forgotten in last commit
-
-* Wed Dec 03 2014 Matej Muzila - 5:1.5.23-6
-- resolves #1168464 (CVE-2014-9116)
-
-* Sun Aug 17 2014 Fedora Release Engineering - 5:1.5.23-5
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
-
-* Sat Jun 07 2014 Fedora Release Engineering - 5:1.5.23-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
-
-* Mon May 26 2014 Jan Pacner - 5:1.5.23-3
-- Resolves: #1096756 ([RFE] compile with --enable-debug by default)
-
-* Thu May 15 2014 Dan Horák - 5:1.5.23-2
-- update Makefile.am before running autoreconf
-
-* Tue Apr 29 2014 Jan Pacner - 5:1.5.23-1
-- Resolves: #1034263 (new version due to CVE)
-- patch cleanup (upstream fixes)
-- add html documentation (in addition to the current txt one)
+* Thu Jul 26 2018 Matej Mužila - 5:1.5.21-28
+- Resolves: CVE-2018-14354 CVE-2018-14357 CVE-2018-14362
-* Mon Dec 02 2013 Jan Pacner - 5:1.5.22-1
-- new release (Resolves: #1034263)
-- use inline sed instead of nodotlock patch
-- patches removed: testcert, hdrcnt, certscomp, updating, pophash,
- notation, writehead, tmpdir, verpeers, tlsv1v2
-- manhelp patch adjusted (only DEBUG logging capability was left)
+* Mon Feb 27 2017 Matej Muzila - 5:1.5.21-27
+- Resolves #1388511 (System default CA bundle not set as default in compiled-in
+ default or config)
+- Resolves #1388512 (mutt sends e-mail with broken "From" header, which has no
+ host part)
-* Mon Oct 21 2013 Honza Horak - 5:1.5.21-26
-- Fixed patch for certificates comparison
+* Fri Mar 14 2014 Jan Pacner - 5:1.5.21-26
+- Resolves: #1075866 (CVE-2014-0467 heap-based buffer overflow when parsing
+ certain headers)
-* Mon Sep 23 2013 Miroslav Lichvar - 5:1.5.21-25
-- Revert to packaging only selected doc files
+* Fri Jan 24 2014 Daniel Mach - 5:1.5.21-25
+- Mass rebuild 2014-01-24
-* Thu Aug 8 2013 Ville Skyttä - 5:1.5.21-24
-- Fix FTBFS with unversioned %%{_docdir_fmt} (#992311), drop duplicate docs.
+* Fri Dec 27 2013 Daniel Mach - 5:1.5.21-24
+- Mass rebuild 2013-12-27
-* Sat Aug 03 2013 Fedora Release Engineering - 5:1.5.21-23
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+* Mon Nov 04 2013 Jan Pacner - 5:1.5.21-23
+- fix #1021464 (Improper fix for SIGSEGV Crash while parsing certificates file)
* Thu Jul 18 2013 Petr Pisar - 5:1.5.21-22
- Perl 5.18 rebuild