From: Rob Browning <rlb@defaultvalue.org>
Date: Sun, 26 Mar 2023 17:21:08 +0000 (-0500)
Subject: Fix gnus nnml crash on some invalid headers
X-Git-Tag: archive/raspbian/1%29.2+1-2+rpi1~1^2~40
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=1bd8d03047aba856e311e63366b3ae93e87b0c75;p=emacs.git

Fix gnus nnml crash on some invalid headers

Add 0026-Gnus-nnml-should-avoid-crashing-on-some-invalid-head.patch to
address the issue.

Closes: 1033397
---

1bd8d03047aba856e311e63366b3ae93e87b0c75
diff --cc debian/.git-dpm
index 8e6ac622189,00000000000..9c05d91ed5f
mode 100644,000000..100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@@ -1,8 -1,0 +1,8 @@@
 +# see git-dpm(1) from git-dpm package
- 4e6971c25c27c9a3f34cc69b51db894105362d08
- 4e6971c25c27c9a3f34cc69b51db894105362d08
++cf3c2037c3531b756fbb443b8ab2f6873f10930e
++cf3c2037c3531b756fbb443b8ab2f6873f10930e
 +279b82e64e15b5e2df3cb522636c6db85a8ee659
 +279b82e64e15b5e2df3cb522636c6db85a8ee659
 +emacs_28.2+1.orig.tar.xz
 +d7f49858bdec2d47110c2ed7b1d0005f157e20c3
 +26988304
diff --cc debian/patches/0026-Gnus-nnml-should-avoid-crashing-on-some-invalid-head.patch
index 00000000000,00000000000..cb4bc34e1de
new file mode 100644
--- /dev/null
+++ b/debian/patches/0026-Gnus-nnml-should-avoid-crashing-on-some-invalid-head.patch
@@@ -1,0 -1,0 +1,52 @@@
++From cf3c2037c3531b756fbb443b8ab2f6873f10930e Mon Sep 17 00:00:00 2001
++From: Eli Zaretskii <eliz@gnu.org>
++Date: Mon, 19 Dec 2022 19:01:04 +0200
++Subject: Gnus nnml should avoid crashing on some invalid headers
++
++This upstream patch has been incorporated to fix the problem:
++
++  Fix storing email into nnmail by Gnus
++
++  * lisp/gnus/nnml.el (nnml--encode-headers): Wrap
++  'rfc2047-encode-string' calls with 'ignore-errors', to avoid
++  disrupting email workflows due to possibly-invalid headers.
++  Reported by Florian Weimer <fweimer@redhat.com>.
++
++Origin: upstream, commit: 23f7c9c2a92e4619b7c4d2286d4249f812cd695d
++Bug-Debian: https://bugs.debian.org/1033397
++Forwarded: not-needed
++---
++ lisp/gnus/nnml.el | 13 +++++++++----
++ 1 file changed, 9 insertions(+), 4 deletions(-)
++
++diff --git a/lisp/gnus/nnml.el b/lisp/gnus/nnml.el
++index afdb0c780a5..258c5efc79f 100644
++--- a/lisp/gnus/nnml.el
+++++ b/lisp/gnus/nnml.el
++@@ -775,17 +775,22 @@ nnml-parse-head
++ 	(nnml--encode-headers headers)
++ 	headers))))
++ 
+++;; RFC2047-encode Subject and From, but leave invalid headers unencoded.
++ (defun nnml--encode-headers (headers)
++   (let ((subject (mail-header-subject headers))
++ 	(rfc2047-encoding-type 'mime))
++     (unless (string-match "\\`[[:ascii:]]*\\'" subject)
++-      (setf (mail-header-subject headers)
++-	    (mail-encode-encoded-word-string subject t))))
+++      (let ((encoded-subject
+++             (ignore-errors (mail-encode-encoded-word-string subject t))))
+++        (if encoded-subject
+++            (setf (mail-header-subject headers) encoded-subject)))))
++   (let ((from (mail-header-from headers))
++ 	(rfc2047-encoding-type 'address-mime))
++     (unless (string-match "\\`[[:ascii:]]*\\'" from)
++-      (setf (mail-header-from headers)
++-	    (rfc2047-encode-string from t)))))
+++      (let ((encoded-from
+++             (ignore-errors (rfc2047-encode-string from t))))
+++        (if encoded-from
+++            (setf (mail-header-from headers) encoded-from))))))
++ 
++ (defun nnml-get-nov-buffer (group &optional incrementalp)
++   (let ((buffer (gnus-get-buffer-create
diff --cc debian/patches/series
index 1bf62a48800,00000000000..1a612b473f1
mode 100644,000000..100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@@ -1,25 -1,0 +1,26 @@@
 +0001-Prefer-usr-share-info-emacs.patch
 +0002-Run-debian-startup-and-set-debian-emacs-flavor.patch
 +0003-Remove-files-that-appear-to-be-incompatible-with-the.patch
 +0004-Adjust-documentation-references-for-Debian.patch
 +0005-Modify-the-output-of-version-to-indicate-Debian-modi.patch
 +0006-Don-t-try-to-build-src-macuvs.h-via-IVD_Sequences.tx.patch
 +0007-Kill-gpg-agent-in-package-test.el-to-avoid-a-race.patch
 +0008-Mark-vc-bzr-test-fauilt-bzr-autoloads-as-unstable-fo.patch
 +0009-pdumper-set-DUMP_RELOC_ALIGNMENT_BITS-1-for-m68k.patch
 +0010-Avoid-fork-bomb-caused-by-native-compilation.patch
 +0011-Avoid-fork-bomb-caused-by-native-compilation-trampol.patch
 +0012-Fix-eln-files-not-being-generated-when-native-comp-a.patch
 +0013-Fix-large-core-dumps-from-background-processes.patch
 +0014-Mark-test-undo-region-as-unstable.patch
 +0015-Mark-flaky-test-process-tests-multiple-threads-waiti.patch
 +0016-Fix-ctags-local-command-execution-vulnerability-CVE-.patch
 +0017-Add-inhibit-native-compilation.patch
 +0018-Rename-to-inhibit-automatic-native-compilation.patch
 +0019-Fix-copyright-tests-for-2023-onwards.patch
 +0020-Fix-htmlfontify.el-command-injection-vulnerability-C.patch
 +0021-Fix-ruby-mode.el-command-injection-vulnerability-CVE.patch
 +0022-Fix-etags-local-command-injection-vulnerability-CVE-.patch
 +0023-Fix-memory-leak-in-etags.c.patch
 +0024-Fix-quoted-argument-in-emacsclient-mail.desktop-CVE-.patch
 +0025-Fix-code-injection-vulnerability-CVE-2023-27986.patch
++0026-Gnus-nnml-should-avoid-crashing-on-some-invalid-head.patch