diff -Nru mutt-1.13.2/debian/changelog mutt-1.13.2/debian/changelog
--- mutt-1.13.2/debian/changelog	2020-11-24 13:38:50.000000000 +0000
+++ mutt-1.13.2/debian/changelog	2021-01-21 16:04:42.000000000 +0000
@@ -1,3 +1,16 @@
+mutt (1.13.2-1ubuntu0.4) focal-security; urgency=medium
+
+  * SECURITY UPDATE: Denial of service
+    - debian/patches/CVE-2021-3181-1.patch: Fix memory leak parsing group addresses without a display name
+      in rfc822.c.
+    - debian/patches/CVE-2021-3181-2.patch: Don't allocate a group terminator unless we are in a group-list
+      in rfc822.c.
+    - debian/patches/CVE-2021-3181-3.patch: Add group terminator if it is left
+      off in rfc822.c.
+    - CVE-2021-3181
+
+ -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Thu, 21 Jan 2021 13:04:42 -0300
+
 mutt (1.13.2-1ubuntu0.3) focal-security; urgency=medium
 
   * SECURITY UPDATE: Sensitive information exposed
diff -Nru mutt-1.13.2/debian/patches/CVE-2021-3181-1.patch mutt-1.13.2/debian/patches/CVE-2021-3181-1.patch
--- mutt-1.13.2/debian/patches/CVE-2021-3181-1.patch	1970-01-01 00:00:00.000000000 +0000
+++ mutt-1.13.2/debian/patches/CVE-2021-3181-1.patch	2021-01-21 16:01:42.000000000 +0000
@@ -0,0 +1,36 @@
+From 4a2becbdb4422aaffe3ce314991b9d670b7adf17 Mon Sep 17 00:00:00 2001
+From: Kevin McCarthy <kevin@8t8.us>
+Date: Sun, 17 Jan 2021 10:40:37 -0800
+Subject: [PATCH] Fix memory leak parsing group addresses without a display
+ name.
+
+When there was a group address terminator with no previous
+addresses (including the group display-name), an address would be
+allocated but not attached to the address list.
+
+Change this to only allocate when last exists.
+
+It would be more correct to not allocate at all unless we are inside a
+group list, but I will address that in a separate commit to master.
+---
+ rfc822.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+Index: mutt-1.14.6/rfc822.c
+===================================================================
+--- mutt-1.14.6.orig/rfc822.c
++++ mutt-1.14.6/rfc822.c
+@@ -491,11 +491,10 @@ ADDRESS *rfc822_parse_adrlist (ADDRESS *
+ #endif
+ 
+       /* add group terminator */
+-      cur = rfc822_new_address ();
+       if (last)
+       {
+-	last->next = cur;
+-	last = cur;
++	last->next = rfc822_new_address ();
++	last = last->next;
+       }
+ 
+       phraselen = 0;
diff -Nru mutt-1.13.2/debian/patches/CVE-2021-3181-2.patch mutt-1.13.2/debian/patches/CVE-2021-3181-2.patch
--- mutt-1.13.2/debian/patches/CVE-2021-3181-2.patch	1970-01-01 00:00:00.000000000 +0000
+++ mutt-1.13.2/debian/patches/CVE-2021-3181-2.patch	2021-01-21 16:01:46.000000000 +0000
@@ -0,0 +1,49 @@
+From 939b02b33ae29bc0d642570c1dcfd4b339037d19 Mon Sep 17 00:00:00 2001
+From: Kevin McCarthy <kevin@8t8.us>
+Date: Sun, 17 Jan 2021 10:53:19 -0800
+Subject: [PATCH] Don't allocate a group terminator unless we are in a
+ group-list.
+
+This will reduce memory allocation for garbage/spam address lists.
+
+It also makes no sense to store a terminator when there wasn't a
+display-name indicating the start of a group.
+---
+ rfc822.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+Index: mutt-1.14.6/rfc822.c
+===================================================================
+--- mutt-1.14.6.orig/rfc822.c
++++ mutt-1.14.6/rfc822.c
+@@ -378,7 +378,7 @@ add_addrspec (ADDRESS **top, ADDRESS **l
+ 
+ ADDRESS *rfc822_parse_adrlist (ADDRESS *top, const char *s)
+ {
+-  int ws_pending, nl;
++  int ws_pending, nl, in_group = 0;
+ #ifdef EXACT_ADDRESS
+   const char *begin;
+ #endif
+@@ -455,6 +455,7 @@ ADDRESS *rfc822_parse_adrlist (ADDRESS *
+       terminate_buffer (phrase, phraselen);
+       cur->mailbox = safe_strdup (phrase);
+       cur->group = 1;
++      in_group = 1;
+ 
+       if (last)
+ 	last->next = cur;
+@@ -491,11 +492,12 @@ ADDRESS *rfc822_parse_adrlist (ADDRESS *
+ #endif
+ 
+       /* add group terminator */
+-      if (last)
++      if (last && in_group)
+       {
+ 	last->next = rfc822_new_address ();
+ 	last = last->next;
+       }
++      in_group = 0;
+ 
+       phraselen = 0;
+       commentlen = 0;
diff -Nru mutt-1.13.2/debian/patches/CVE-2021-3181-3.patch mutt-1.13.2/debian/patches/CVE-2021-3181-3.patch
--- mutt-1.13.2/debian/patches/CVE-2021-3181-3.patch	1970-01-01 00:00:00.000000000 +0000
+++ mutt-1.13.2/debian/patches/CVE-2021-3181-3.patch	2021-01-21 16:01:51.000000000 +0000
@@ -0,0 +1,26 @@
+From d4305208955c5cdd9fe96dfa61e7c1e14e176a14 Mon Sep 17 00:00:00 2001
+From: Kevin McCarthy <kevin@8t8.us>
+Date: Sun, 17 Jan 2021 11:05:36 -0800
+Subject: [PATCH] Add group terminator if it is left off.
+
+If there is no terminating ";" add one to the list, to make the text
+re-rendering correct.
+---
+ rfc822.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+Index: mutt-1.14.6/rfc822.c
+===================================================================
+--- mutt-1.14.6.orig/rfc822.c
++++ mutt-1.14.6/rfc822.c
+@@ -560,6 +560,10 @@ ADDRESS *rfc822_parse_adrlist (ADDRESS *
+     last->val = mutt_substrdup (begin, s - nl < begin ? begin : s - nl);
+ #endif
+ 
++  /* add group terminator, if it was left off */
++  if (last && in_group)
++    last->next = rfc822_new_address ();
++
+   return top;
+ }
+ 
diff -Nru mutt-1.13.2/debian/patches/series mutt-1.13.2/debian/patches/series
--- mutt-1.13.2/debian/patches/series	2020-11-24 13:38:40.000000000 +0000
+++ mutt-1.13.2/debian/patches/series	2021-01-21 16:01:51.000000000 +0000
@@ -15,3 +15,6 @@
 CVE-2020-14154-3.patch
 CVE-2020-14954.patch
 CVE-2020-28896.patch
+CVE-2021-3181-1.patch
+CVE-2021-3181-2.patch
+CVE-2021-3181-3.patch