This patch solves the issue raised by CVE-2014-9116 in bug 771125. We correctly redefine what are the whitespace characters as per RFC5322; by doing so we prevent mutt_substrdup from being used in a way that could lead to a segfault. The lib.c part was written by Antonio Radici <antonio@debian.org> to prevent crashes due to this kind of bugs from happening again. The wheezy version of this patch is slightly different, therefore this patch has -jessie prefixed in its name. Index: mutt/lib.c =================================================================== --- mutt.orig/lib.c +++ mutt/lib.c @@ -815,6 +815,9 @@ char *mutt_substrdup (const char *begin, size_t len; char *p; + if (end != NULL && end < begin) + return NULL; + if (end) len = end - begin; else Index: mutt/lib.h =================================================================== --- mutt.orig/lib.h +++ mutt/lib.h @@ -98,7 +98,7 @@ on some systems */ # define SKIPWS(c) while (*(c) && isspace ((unsigned char) *(c))) c++; -#define EMAIL_WSP " \t\r\n" +#define EMAIL_WSP " \t\r" /* skip over WSP as defined by RFC5322. This is used primarily for parsing * header fields. */