From c54a24508fae1f916bd5ac7f6c85ccd5d8b3ec71 Mon Sep 17 00:00:00 2001
From: josef radinger <cheese@nosuchhost.net>
Date: Mon, 22 Jun 2020 21:36:49 +0200
Subject: [PATCH 1/2] bump version

---
 .gitignore              |  1 +
 alpine-2.21-gcc10.patch | 31 -------------------------------
 alpine-2.23-gcc10.patch | 12 ++++++++++++
 alpine.spec             |  8 ++++++--
 sources                 |  2 +-
 5 files changed, 20 insertions(+), 34 deletions(-)
 delete mode 100644 alpine-2.21-gcc10.patch
 create mode 100644 alpine-2.23-gcc10.patch

diff --git a/.gitignore b/.gitignore
index a4d34d8..272cd63 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
 /alpine-2.21.tar.xz
 /alpine-2.22.tar.xz
+/alpine-2.23.tar.xz
diff --git a/alpine-2.21-gcc10.patch b/alpine-2.21-gcc10.patch
deleted file mode 100644
index 2c2726a..0000000
--- a/alpine-2.21-gcc10.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-diff -up alpine-2.21/alpine/alpine.c.me alpine-2.21/alpine/alpine.c
-diff -up alpine-2.21/pith/smime.c.me alpine-2.21/pith/smime.c
---- alpine-2.21/pith/smime.c.me	2020-02-13 16:54:36.842373446 +0100
-+++ alpine-2.21/pith/smime.c	2020-02-13 17:13:37.930022666 +0100
-@@ -45,6 +45,7 @@ static char rcsid[] = "$Id: smime.c 1176
- #ifdef PASSFILE
- #include "../pith/imap.h"
- #endif /* PASSFILE */
-+#include "../pith/options.h"
- 
- #include <openssl/buffer.h>
- #include <openssl/x509v3.h>
-diff -up alpine-2.21/pith/smkeys.c.me alpine-2.21/pith/smkeys.c
---- alpine-2.21/pith/smkeys.c.me	2020-02-13 16:54:29.930310541 +0100
-+++ alpine-2.21/pith/smkeys.c	2020-02-13 17:15:00.688801681 +0100
-@@ -34,6 +34,7 @@ static char rcsid[] = "$Id: smkeys.c 126
- #include "../pith/util.h"
- #include "../pith/mailindx.h"
- #include "../pith/readfile.h"
-+#include "../pith/options.h"
- #include "smkeys.h"
- 
- #ifdef APPLEKEYCHAIN
-@@ -50,7 +51,6 @@ static int       mem_add_extra_cacerts(c
- int		 compare_certs_by_name(const void *data1, const void *data2);
- int		 password_policy_check(char *);
- 
--int  (*pith_smime_enter_password)(char *, char *, size_t);
- 
- /* test if password passes a predetermined policy.
-  * return value: 0 - does not pass; 1 - it passes 
diff --git a/alpine-2.23-gcc10.patch b/alpine-2.23-gcc10.patch
new file mode 100644
index 0000000..fc72972
--- /dev/null
+++ b/alpine-2.23-gcc10.patch
@@ -0,0 +1,12 @@
+diff -up alpine-2.21/alpine/alpine.c.me alpine-2.21/alpine/alpine.c
+diff -up alpine-2.21/pith/smime.c.me alpine-2.21/pith/smime.c
+--- alpine-2.21/pith/smime.c.me	2020-02-13 16:54:36.842373446 +0100
++++ alpine-2.21/pith/smime.c	2020-02-13 17:13:37.930022666 +0100
+@@ -45,6 +45,7 @@ static char rcsid[] = "$Id: smime.c 1176
+ #ifdef PASSFILE
+ #include "../pith/imap.h"
+ #endif /* PASSFILE */
++#include "../pith/options.h"
+ 
+ #include <openssl/buffer.h>
+ #include <openssl/x509v3.h>
diff --git a/alpine.spec b/alpine.spec
index 3eda420..3f651c9 100644
--- a/alpine.spec
+++ b/alpine.spec
@@ -5,7 +5,7 @@
 
 Summary: powerful, easy to use console email client
 Name: alpine
-Version: 2.22
+Version: 2.23
 Release: 1%{?dist}
 
 License: ASL 2.0
@@ -14,7 +14,7 @@ Source0: http://alpine.x10host.com/alpine/patches/alpine-%{version}/alpine-%{ver
 Source1: README.fedora
 
 Patch1: alpine-2.21-useragent.patch
-Patch2: alpine-2.21-gcc10.patch
+Patch2: alpine-2.23-gcc10.patch
 
 # Using "Conflicts" instead of Obsoletes because while alpine is substantially
 # compatible with pine the change to Unicode breaks important user
@@ -123,6 +123,10 @@ touch $RPM_BUILD_ROOT%{_sysconfdir}/pine.conf.fixed
 
 
 %changelog
+* Mon Jun 22 2020 josef radinger <cheese@nosuchhost.net> - 2.23-1
+- bump version
+- update patch2 alpine-2.23-gcc10.patch
+
 * Tue Mar 24 2020 josef radinger <cheese@nosuchhost.net> - 2.22-1
 - bump version
 
diff --git a/sources b/sources
index aaa2210..646dc17 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (alpine-2.22.tar.xz) = cc020fd671f2b5ddb4a6a4bc307d8605c4311f25b82c9909ae05e38271f180fc871acdcab19c098f6259aa7ef5e711ca9650ed0ecfab2f20813578c317744eb3
+SHA512 (alpine-2.23.tar.xz) = a536d7016fbf848e3fe72e9f8d7e8b30bfbe2b4a657d97fb8ff8a3a2e65f05d002194afbcefc7605dd401eb7deac4b30f3c24388c8a349487b60361ddd8f81ae

From 9d6b023788c7487339a1c634bc6892f755e7e84f Mon Sep 17 00:00:00 2001
From: josef radinger <cheese@nosuchhost.net>
Date: Wed, 24 Jun 2020 09:08:24 +0200
Subject: [PATCH 2/2] add comment on CVE-2020-14929

---
 alpine.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/alpine.spec b/alpine.spec
index 3f651c9..9b6d70f 100644
--- a/alpine.spec
+++ b/alpine.spec
@@ -6,7 +6,7 @@
 Summary: powerful, easy to use console email client
 Name: alpine
 Version: 2.23
-Release: 1%{?dist}
+Release: 2%{?dist}
 
 License: ASL 2.0
 URL:     http://alpine.x10host.com/
@@ -123,6 +123,9 @@ touch $RPM_BUILD_ROOT%{_sysconfdir}/pine.conf.fixed
 
 
 %changelog
+* Tue Jun 23 2020 josef radinger <cheese@nosuchhost.net> - 2.23-2
+- 2.23 fixes CVE-2020-14929 (#1850048) and new version (#1848786)
+
 * Mon Jun 22 2020 josef radinger <cheese@nosuchhost.net> - 2.23-1
 - bump version
 - update patch2 alpine-2.23-gcc10.patch