CVE-2009-1390 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1390): Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) GnuTLS (mutt_ssl_gnutls.c), allows connections when only one TLS certificate in the chain is accepted instead of verifying the entire chain, which allows remote attackers to spoof trusted servers via a man-in-the-middle attack.
Patches are at http://dev.mutt.org/trac/changeset/5621:5db868a874b6/mutt_ssl.c http://dev.mutt.org/trac/changeset/5623:7d0583e0315d/mutt_ssl_gnutls.c
1.5.20 is not an option (yet). Feel free to apply the two patches to 1.5.19 if you need it very soon. I can only do it tonight.
(In reply to comment #1) > Patches are at > > http://dev.mutt.org/trac/changeset/5621:5db868a874b6/mutt_ssl.c > http://dev.mutt.org/trac/changeset/5623:7d0583e0315d/mutt_ssl_gnutls.c Those changesets are where the problem was introduced, not fixed. http://thread.gmane.org/gmane.comp.security.oss.general/1847
thanks Tomas. I added 1.5.19-r1 to the tree which has the needed patches.
-r1 does not compile for me (with use ssl, or use ssl+gnutls). With both: i686-pc-linux-gnu-gcc -DPKGDATADIR=\"/usr/share/mutt\" -DSYSCONFDIR=\"/etc/mutt\" -DBINDIR=\"/usr/bin\" -DMUTTL OCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H=1 -I. -I. -I. -I./imap -I/usr/include/gpgme -Iintl -I./intl -W all -pedantic -Wno-long-long -march=prescott -O2 -pipe -fomit-frame-pointer -MT mutt_ssl_gnutls.o -MD -MP -MF . deps/mutt_ssl_gnutls.Tpo -c -o mutt_ssl_gnutls.o mutt_ssl_gnutls.c i686-pc-linux-gnu-gcc -DPKGDATADIR=\"/usr/share/mutt\" -DSYSCONFDIR=\"/etc/mutt\" -DBINDIR=\"/usr/bin\" -DMUTTL OCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H=1 -I. -I. -I. -I./imap -I/usr/include/gpgme -Iintl -I./intl -W all -pedantic -Wno-long-long -march=prescott -O2 -pipe -fomit-frame-pointer -MT hcache.o -MD -MP -MF .deps/hcac he.Tpo -c -o hcache.o hcache.c mutt_ssl_gnutls.c: In function ‘tls_check_stored_hostname’: mutt_ssl_gnutls.c:516: error: too many arguments to function ‘mutt_read_line’ mutt_ssl_gnutls.c: In function ‘tls_check_preauth’: mutt_ssl_gnutls.c:569: error: ‘OPTSSLVERIFYDATES’ undeclared (first use in this function) mutt_ssl_gnutls.c:569: error: (Each undeclared identifier is reported only once mutt_ssl_gnutls.c:569: error: for each function it appears in.) mutt_ssl_gnutls.c:577: error: ‘OPTSSLVERIFYHOST’ undeclared (first use in this function) make[2]: *** [mutt_ssl_gnutls.o] Error 1 With ssl only: i686-pc-linux-gnu-gcc -DPKGDATADIR=\"/usr/share/mutt\" -DSYSCONFDIR=\"/etc/mutt\" -DBINDIR=\"/usr/bin\" -DMUTTLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H=1 -I. -I. -I. -I./imap -I/usr/include/gpgme -Iintl -I./intl -Wall -pedantic -Wno-long-long -march=prescott -O2 -pipe -fomit-frame-pointer -MT mutt_ssl.o -MD -MP -MF .deps/mutt_ssl.Tpo -c -o mutt_ssl.o mutt_ssl.c mv -f .deps/mutt_socket.Tpo .deps/mutt_socket.Po i686-pc-linux-gnu-gcc -DPKGDATADIR=\"/usr/share/mutt\" -DSYSCONFDIR=\"/etc/mutt\" -DBINDIR=\"/usr/bin\" -DMUTTLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H=1 -I. -I. -I. -I./imap -I/usr/include/gpgme -Iintl -I./intl -Wall -pedantic -Wno-long-long -march=prescott -O2 -pipe -fomit-frame-pointer -MT hcache.o -MD -MP -MF .deps/hcache.Tpo -c -o hcache.o hcache.c mutt_ssl.c: In function ‘check_certificate_by_digest’:mv -f .deps/mutt_tunnel.Tpo .deps/mutt_tunnel.Po mutt_ssl.c:567: error: ‘OPTSSLVERIFYDATES’ undeclared (first use in this function) mutt_ssl.c:567: error: (Each undeclared identifier is reported only once mutt_ssl.c:567: error: for each function it appears in.) mutt_ssl.c: In function ‘ssl_check_preauth’: mutt_ssl.c:757: error: ‘OPTSSLVERIFYHOST’ undeclared (first use in this function) mutt_ssl.c: In function ‘interactive_check_cert’: mutt_ssl.c:879: error: ‘OPTSSLVERIFYDATES’ undeclared (first use in this function) make[2]: *** [mutt_ssl.o] Error 1 =================== emerge --info -v follows: ======================== Portage 2.2_rc33 (default/linux/x86/2008.0, gcc-4.3.2, glibc-2.8_p20080602-r1, 2.6.29.4 i686) ================================================================= System uname: Linux-2.6.29.4-i686-Genuine_Intel-R-_CPU_T2400_@_1.83GHz-with-glibc2.0 Timestamp of tree: Thu, 18 Jun 2009 10:30:01 +0000 distcc 3.1 i686-pc-linux-gnu [disabled] app-shells/bash: 3.2_p39 dev-java/java-config: 2.1.7 dev-lang/python: 2.5.4-r2 dev-util/cmake: 2.6.4 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.4.3-r3 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.13, 2.63 sys-devel/automake: 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.27-r2 ACCEPT_KEYWORDS="x86" ACCEPT_LICENSE="*" ALSA_CARDS="hda-intel usb-audio vxpocket virmidi indigoio" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" ANT_HOME="/usr/share/ant" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ARCH="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CCACHE_SIZE="2G" CCL_DEFAULT_DIRECTORY="/usr/lib/clozurecl" CFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CLEAN_DELAY="5" COLLISION_IGNORE="/lib/modules" COLORTERM="rxvt" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d" CVS_RSH="ssh" CXXFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer" DCCC_PATH="/usr/lib/distcc/bin" DISPLAY=":0.0" DISTCC_LOG="" DISTCC_VERBOSE="0" DISTDIR="/usr/portage/distfiles" EDITOR="/usr/bin/vim" ELIBC="glibc" EMERGE_DEFAULT_OPTS="--nospinner --keep-going --load-average 8" EMERGE_WARNING_DELAY="10" FEATURES="distlocks fixpackages parallel-fetch preserve-libs protect-owned sandbox sfperms strict unmerge-orphans userfetch" FETCHCOMMAND="/usr/bin/wget -t 5 -T 8 --passive-ftp -O ${DISTDIR}/${FILE} ${URI}" GCC_SPECS="" GDK_USE_XFT="1" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" GUILE_LOAD_PATH="/usr/share/guile/1.8" HG="/usr/bin/hg" HOME="/home/antoni" INFOPATH="/usr/share/info:/usr/share/binutils-data/i686-pc-linux-gnu/2.18/info:/usr/share/gcc-data/i686-pc-linux-gnu/4.3.2/info:/usr/share/info/emacs-23" INPUT_DEVICES="evdev keyboard mouse synaptics" KERNEL="linux" LADSPA_PATH="/usr/lib/ladspa" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LC_ALL="en_US.UTF-8" LDFLAGS="-Wl,-O1" LESS="-R -M --shift 5" LESSOPEN="|lesspipe.sh %s" LIBGL_DRIVERS_PATH="/usr/lib/dri" LINGUAS="en en_GB pl" LOGNAME="root" LS_COLORS="no=00:fi=00:di=01;34:ln=01;36:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:su=37;41:sg=30;43:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.gz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.pdf=00;32:*.ps=00;32:*.txt=00;32:*.patch=00;32:*.diff=00;32:*.log=00;32:*.tex=00;32:*.doc=00;32:*.aac=00;36:*.au=00;36:*.flac=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:" MAKEOPTS="-j3" MANPATH="/usr/local/share/man:/usr/share/man:/usr/share/binutils-data/i686-pc-linux-gnu/2.18/man:/usr/share/gcc-data/i686-pc-linux-gnu/4.3.2/man:/etc/java-config/system-vm/man/:/usr/lib/php5/man/:/usr/kde/3.5/share/man:/usr/qt/3/doc/man:/opt/opera/share/man" NETBEANS="apisupport cnd groovy gsf harness ide identity j2ee java mobility nb php profiler soa visualweb webcommon websvccommon xml" NOCOLOR="true" OPENGL_PROFILE="xorg-x11" PAGER="/usr/bin/less" PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin:/usr/kde/3.5/sbin:/usr/kde/3.5/bin:/usr/qt/3/bin" PKGDIR="/usr/portage/packages" PKG_CONFIG_PATH="/usr/qt/3/lib/pkgconfig" PORTAGE_ARCHLIST="ppc s390 amd64 x86 ppc64 x86-fbsd m68k arm sparc sh mips ia64 alpha hppa amd64-fbsd sparc-fbsd" PORTAGE_BINHOST_CHUNKSIZE="3000" PORTAGE_BIN_PATH="/usr/lib/portage/bin" PORTAGE_COMPRESS_EXCLUDE_SUFFIXES="css gif htm[l]? jp[e]?g js pdf png" PORTAGE_CONFIGROOT="/" PORTAGE_DEBUG="0" PORTAGE_DEPCACHEDIR="/var/cache/edb/dep" PORTAGE_ECLASS_WARNING_ENABLE="0" PORTAGE_ELOG_CLASSES="log warn error" PORTAGE_ELOG_MAILFROM="portage@localhost" PORTAGE_ELOG_MAILSUBJECT="[portage] ebuild log for ${PACKAGE} on ${HOST}" PORTAGE_ELOG_MAILURI="root" PORTAGE_ELOG_SYSTEM="save_summary echo" PORTAGE_FETCH_CHECKSUM_TRY_MIRRORS="5" PORTAGE_FETCH_RESUME_MIN_SIZE="350K" PORTAGE_GID="250" PORTAGE_INST_GID="0" PORTAGE_INST_UID="0" PORTAGE_NICENESS="3" PORTAGE_PYM_PATH="/usr/lib/portage/pym" PORTAGE_RSYNC_EXTRA_OPTS="--progress" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_RSYNC_RETRIES="3" PORTAGE_TMPDIR="/var/tmp" PORTAGE_VERBOSE="1" PORTAGE_WORKDIR_MODE="0700" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/layman/lisp /usr/local/portage/layman/zen-overlay /usr/local/overlays/antoni" PORT_ENOTICE_DIR="/var/enotice" PRELINK_PATH_MASK="/usr/lib/klibc" PROFILE_ONLY_VARIABLES="ARCH ELIBC KERNEL USERLAND" QMAKESPEC="linux-g++" QTDIR="/usr/qt/3" RESUMECOMMAND="/usr/bin/wget -c -t 5 -T 8 --passive-ftp -O ${DISTDIR}/${FILE} ${URI}" ROOT="/" ROOTPATH="/opt/bin:/usr/i686-pc-linux-gnu/gcc-bin/4.3.2:/usr/kde/3.5/sbin:/usr/kde/3.5/bin:/usr/qt/3/bin" RPMDIR="/usr/portage/rpm" SBCL_HOME="/usr/lib/sbcl" SBCL_SOURCE_ROOT="/usr/lib/sbcl/src" SEARCH_DIRS_MASK="/usr/lib/gcc/i686-pc-linux-gnu/4.1.2" SGML_CATALOG_FILES="/etc/sgml/dsssl-docbook-stylesheets.cat:/etc/sgml/openjade-1.3.2.cat:/etc/sgml/sgml-docbook-3.1.cat:/etc/sgml/sgml-docbook.cat:/etc/sgml/sgml-ent.cat:/etc/sgml/sgml-lite.cat" SHELL="/bin/bash" SUDO_COMMAND="/usr/bin/emerge --info --verbose" SUDO_GID="1000" SUDO_UID="1000" SUDO_USER="antoni" SYNC="rsync://rsync.gentoo.org/gentoo-portage" TERM="screen" TKABBER_SITE_PLUGINS="/usr/share/tkabber/site-plugins" USE="7zip X a52 aac aalib acl acpi activefilter afs alsa amr amrnb amrwb ares atm bash-completion berkdb bluetooth bzip2 cairo caps cdparanoia cjk cleartype cli color-console cpudetection cracklib crypt cups curl cyrillic device-mapper djvu dri dv dvd dvdr dvdread eap-tls emacs exif fastcgi fat ffmpeg flac fortran gd gdbm gif gimp glitz gpgme gpgmeidn gpm gtk guile hal hdri hfs iconv idn imap inkjar iproute2 ipv6 isdnlog iso14755 ithreads jabber jfs jpeg kpathsea ladspa lcms libsamplerate loop-aes mad maildir mbox midi mjpeg mmx mmxext mng monolithic-build mp3 mplayer mudflap musepack ncurses net nethack networking nls nodrm nptl nptlonly ntfs offensive openct opengl openmp pam pcre pcsc-lite pdf perl pg-intdatetime plotutils png ppds pppd python quicktime radeon radius readline reflection reiser4 reiserfs rle rtc ruby samba sbcl session skey slang slp smartcard smime smp sndfile socks5 spl srt sse sse2 ssl subtitles svg sysfs tcl tcpd theora thread threads tiff tk tkimg toolkit-scroll-bars truetype unicode urandom usb v4l v4l2 vcd video vim vim-syntax win32codecs wmf x264 x86 xattr xetex xfs xft xinerama xmp xorg xv xvid zlib zsh-completion" ALSA_CARDS="hda-intel usb-audio vxpocket virmidi indigoio" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev keyboard mouse synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_GB pl" USERLAND="GNU" VIDEO_CARDS="radeon radeonhd vesa" USER="root" USERLAND="GNU" USERNAME="root" USE_EXPAND="ALSA_CARDS ALSA_PCM_PLUGINS APACHE2_MODULES APACHE2_MPMS CAMERAS CROSSCOMPILE_OPTS DVB_CARDS ELIBC FCDSL_CARDS FOO2ZJS_DEVICES FRITZCAPI_CARDS INPUT_DEVICES KERNEL LCD_DEVICES LINGUAS LIRC_DEVICES MISDN_CARDS NETBEANS_MODULES QEMU_SOFTMMU_TARGETS QEMU_USER_TARGETS USERLAND VIDEO_CARDS" USE_EXPAND_HIDDEN="CROSSCOMPILE_OPTS ELIBC KERNEL USERLAND" USE_ORDER="env:pkg:conf:defaults:pkginternal:env.d" VIDEO_CARDS="radeon radeonhd vesa" VISUAL="/usr/bin/vim" XDG_CONFIG_DIRS="/etc/xdg" XDG_DATA_DIRS="/usr/local/share:/usr/kde/3.5/share:/usr/share"
(In reply to comment #5) > -r1 does not compile for me (with use ssl, or use ssl+gnutls). > My emerge --info follows: Portage 2.1.6.13 (default/linux/amd64/2008.0, gcc-4.3.2, glibc-2.8_p20080602-r1, 2.6.29-gentoo-r5 x86_64) ================================================================= System uname: Linux-2.6.29-gentoo-r5-x86_64-Intel-R-_Core-TM-2_Quad_CPU_Q9300_@_2.50GHz-with-glibc2.2.5 Timestamp of tree: Thu, 18 Jun 2009 11:00:01 +0000 app-shells/bash: 3.2_p39 dev-java/java-config: 2.1.7 dev-lang/python: 2.5.4-r2 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.4.3-r3 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.13, 2.63 sys-devel/automake: 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.27-r2 ABI="amd64" ACCEPT_KEYWORDS="amd64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" ANT_HOME="/usr/share/ant" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ARCH="amd64" ASFLAGS_x86="--32" AUTOCLEAN="yes" CAMERAS="ptp2 sierra" CBUILD="x86_64-pc-linux-gnu" CDEFINE_amd64="__x86_64__" CDEFINE_x86="__i386__" CFLAGS="-march=core2 -O2 -pipe" CFLAGS_x86="-m32" CHECKREQS_ACTION="error" CHOST="x86_64-pc-linux-gnu" CHOST_amd64="x86_64-pc-linux-gnu" CHOST_x86="i686-pc-linux-gnu" CLEAN_DELAY="5" COLLISION_IGNORE="/lib/modules" COLORTERM="rxvt" CONFIG_PROTECT="/etc /var/bind /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d" CVS_RSH="ssh" CXXFLAGS="-march=core2 -O2 -pipe" DEFAULT_ABI="amd64" DISPLAY=":0.0" DISTDIR="/usr/portage/distfiles" EDITOR="/usr/bin/vim" ELIBC="glibc" EMERGE_DEFAULT_OPTS="--verbose --ask" EMERGE_WARNING_DELAY="10" FEATURES="collision-protect distlocks fixpackages metadata-transfer parallel-fetch protect-owned sandbox sfperms strict test unmerge-orphans userfetch userpriv usersandbox" FETCHCOMMAND="/usr/bin/wget -t 5 -T 60 --passive-ftp -O "${DISTDIR}/${FILE}" "${URI}"" GCC_SPECS="" GDK_USE_XFT="1" GENERATION="2" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" GUILE_LOAD_PATH="/usr/share/guile/1.8" HOME="/root" INFOPATH="/usr/share/info:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.18/info:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.3.2/info" INPUT_DEVICES="keyboard mouse" JAVAC="/opt/blackdown-jdk-1.4.2.03/bin/javac" JAVA_HOME="/opt/blackdown-jdk-1.4.2.03" JDK_HOME="/opt/blackdown-jdk-1.4.2.03" KERNEL="linux" LANG="en_GB.utf8" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LC_ADDRESS="en_US.utf8" LC_ALL="" LC_COLLATE="en_US.utf8" LC_CTYPE="en_US.utf8" LC_IDENTIFICATION="en_US.utf8" LC_MEASUREMENT="en_US.utf8" LC_MESSAGES="en_GB.utf8" LC_MONETARY="en_US.utf8" LC_NAME="en_US.utf8" LC_NUMERIC="en_US.utf8" LC_PAPER="en_US.utf8" LC_TELEPHONE="en_US.utf8" LC_TIME="en_US.utf8" LDFLAGS="-Wl,-O1" LDFLAGS_x86="-m elf_i386" LESS="-R -M --shift 5" LESSOPEN="|lesspipe.sh %s" LIBDIR_amd64="lib64" LIBDIR_amd64_fbsd="lib64" LIBDIR_ppc="lib32" LIBDIR_ppc64="lib64" LIBDIR_sparc32="lib32" LIBDIR_sparc64="lib64" LIBDIR_x86="lib32" LIBDIR_x86_fbsd="lib32" LINGUAS="en en_GB en_US es es_MX hi hi_IN ja ja_JP" LIRC_DEVICES="livedrive_midi" LOGNAME="root" MAKEOPTS="-j5" MANPATH="/usr/local/share/man:/usr/share/man:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.18/man:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.3.2/man:/opt/blackdown-jdk-1.4.2.03/man:/etc/java-config/system-vm/man/:/usr/lib64/php5/man/:/usr/qt/3/doc/man:/opt/opera/share/man" MULTILIB_ABIS="amd64 x86" MULTILIB_STRICT_DENY="64-bit.*shared object" MULTILIB_STRICT_DIRS="/lib32 /lib /usr/lib32 /usr/lib /usr/kde/*/lib32 /usr/kde/*/lib /usr/qt/*/lib32 /usr/qt/*/lib /usr/X11R6/lib32 /usr/X11R6/lib" MULTILIB_STRICT_EXEMPT="(perl5|gcc|gcc-lib|binutils|eclipse-3|debug|portage)" NETBEANS="apisupport cnd groovy gsf harness ide identity j2ee java mobility nb php profiler soa visualweb webcommon websvccommon xml" OPENGL_PROFILE="nvidia" PAGER="/usr/bin/less" PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin:/opt/blackdown-jdk-1.4.2.03/bin:/opt/blackdown-jdk-1.4.2.03/jre/bin:/usr/qt/3/bin" PKGDIR="/usr/portage/packages" PKG_CONFIG_PATH="/usr/qt/3/lib64/pkgconfig" PORTAGE_ARCHLIST="ppc s390 amd64 x86 ppc64 x86-fbsd m68k arm sparc sh mips ia64 alpha hppa amd64-fbsd sparc-fbsd" PORTAGE_BINHOST_CHUNKSIZE="3000" PORTAGE_BIN_PATH="/usr/lib64/portage/bin" PORTAGE_COMPRESS_EXCLUDE_SUFFIXES="css gif htm[l]? jp[e]?g js pdf png" PORTAGE_CONFIGROOT="/" PORTAGE_DEBUG="0" PORTAGE_DEPCACHEDIR="/var/cache/edb/dep" PORTAGE_ELOG_CLASSES="info warn error log qa" PORTAGE_ELOG_MAILSUBJECT="package ${PACKAGE} merged on ${HOST} with notice" PORTAGE_ELOG_SYSTEM="save mail" PORTAGE_FETCH_CHECKSUM_TRY_MIRRORS="5" PORTAGE_FETCH_RESUME_MIN_SIZE="350K" PORTAGE_GID="250" PORTAGE_INST_GID="0" PORTAGE_INST_UID="0" PORTAGE_PYM_PATH="/usr/lib64/portage/pym" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_RSYNC_RETRIES="3" PORTAGE_TMPDIR="/var/tmp" PORTAGE_TMPFS="/dev/shm" PORTAGE_VERBOSE="1" PORTAGE_WORKDIR_MODE="0700" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" PRELINK_PATH_MASK="/usr/lib64/klibc" PROFILE_ONLY_VARIABLES="ARCH ELIBC KERNEL USERLAND" PYTHONDOCS="/usr/share/doc/python-docs-2.5.4/html/lib" QMAKESPEC="linux-g++" QTDIR="/usr/qt/3" RESUMECOMMAND="/usr/bin/wget -c -t 5 -T 60 --passive-ftp -O "${DISTDIR}/${FILE}" "${URI}"" ROOT="/" ROOTPATH="/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.3.2:/opt/blackdown-jdk-1.4.2.03/bin:/opt/blackdown-jdk-1.4.2.03/jre/bin:/usr/qt/3/bin" RPMDIR="/usr/portage/rpm" SANE_BACKENDS="hp" SANE_CONFIG_DIR="/etc/sane.d" SCHEME_LIBRARY_PATH="/usr/share/slib/" SHELL="/bin/zsh" STAGE1_USE="multilib nptl nptlonly unicode" SYMLINK_LIB="yes" SYNC="rsync://rsync.gentoo.org/gentoo-portage" TERM="rxvt-unicode" TEXINPUTS="/usr/lib64/ocaml/ocamldoc:" USB_DEVFS_PATH="/dev/bus/usb" USE="X a52 aac acl acpi aim alsa amd64 apache2 bash-completion berkdb branding bzip2 caps cdparanoia cdr cjk cracklib crypt cscope css cups dga doc dri dts dvd dvdr dvdread exif fam flac fontconfig foomaticdb ftp gif gimp gnutls gphoto2 gpm gtk iconv icq ieee1394 imap java javascript jikes jpeg latex lcms ldap lirc lm_sensors mad maildir matroska mbox midi mime mmx mp3 mpeg mplayer msn multilib ncurses nls nntp nptl nptlonly nsplugin ogg opengl pam pdf png posix postgres ppds rdesktop readline rss samba scanner sharedmem source spell sse sse2 ssl svg sysfs syslog tcpd tiff truetype unicode urandom usb vhosts vim-syntax vorbis x264 xattr xcomposite xine xorg xpm xscreensaver xulrunner xv xvid yahoo zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" CAMERAS="ptp2 sierra" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_GB en_US es es_MX hi hi_IN ja ja_JP" LIRC_DEVICES="livedrive_midi" USERLAND="GNU" VIDEO_CARDS="nvidia" USER="root" USERLAND="GNU" USERNAME="root" USE_EXPAND="ALSA_CARDS ALSA_PCM_PLUGINS APACHE2_MODULES APACHE2_MPMS CAMERAS CROSSCOMPILE_OPTS DVB_CARDS ELIBC FCDSL_CARDS FOO2ZJS_DEVICES FRITZCAPI_CARDS INPUT_DEVICES KERNEL LCD_DEVICES LINGUAS LIRC_DEVICES MISDN_CARDS NETBEANS_MODULES QEMU_SOFTMMU_TARGETS QEMU_USER_TARGETS USERLAND VIDEO_CARDS" USE_EXPAND_HIDDEN="CROSSCOMPILE_OPTS ELIBC KERNEL USERLAND" USE_ORDER="env:pkg:conf:defaults:pkginternal:env.d" VIDEO_CARDS="nvidia" VMHANDLE="blackdown-jdk-1.4.2" XDG_CONFIG_DIRS="/etc/xdg" XDG_DATA_DIRS="/usr/local/share:/usr/share" XSESSION="fluxbox"
hmmm, I just compiled it successfully on an ~amd64 system. For those who have it failing, please provide your USE flags for mutt. emerge -pv mutt output will do.
(In reply to comment #7) > For those who have it failing, please provide your USE flags for mutt. emerge > -pv mutt output will do. You have those flags in our emerge --info (sans ssl/gnutls which I tested via package.use), but here you go: USE="berkdb crypt gdbm gpgme idn imap mbox nls smime ssl -debug -gnutls -nntp -pop -qdbm -sasl -sidebar -smtp -vanilla"
USE=imap is the problematic one. I'll look into it. @security: perhaps it's better to create a new bug to avoid bugspam here?
(In reply to comment #9) > @security: perhaps it's better to create a new bug to avoid bugspam here? > Very good idea. Another user just filed one. I CC'd everyone that was CC'd here.
fixed in tree, closing since it only affected ~arch package.
