Publishing details
-
Published
-
Copied from
ubuntu trusty in
Private PPA for Ubuntu Security Team
by Leonidas S. Barbosa
Changelog
mutt (1.5.21-6.4ubuntu2.2) trusty-security; urgency=medium
* SECURITY UPDATE: Mishandles a NO response without a msg
- debian/patches/ubuntu/mutt-CVE-2018-14349.patch: fix in
imap/command.c.
- CVE-2018-14349
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/ubuntu/mutt-CVE-2018-14350-CVE-2018-14358.patch:
fix in imap/message.c.
- CVE-2018-14350
- CVE-2018-14358
* SECURITY UPDATE: Mishandles a long IMAP status
- debian/patches/ubuntu/mutt-CVE-2018-14351.patch: fix in
imap/command.c.
- CVE-2018-14351
* SECURITY UPDATE: Integer underflow and stack-based buffer overflow
- debian/patches/ubuntu/mutt-CVE-2018-14352-CVE-2018-14353.patch:
fix in imap/util.c.
- CVE-2018-14352
- CVE-2018-14353
* SECURITY UPDATE: Remote arbitrary code execution
- debian/patches/ubuntu/mutt-CVE-2018-14354-CVE-2018-14357.patch:
fix in imap/command.c, imap/imap.c, imap/imap_private.h, imap/util.c.
- CVE-2018-14354
- CVE-2018-14357
* SECURITY UPDATE: Directory traversal
- debian/patches/ubuntu/mutt-CVE-2018-14355.patch: fix in
imap/util.c.
- CVE-2018-14355
* SECURITY UPDATE: Mishandles a zero-lenght UID
- debian/patches/ubuntu/mutt-CVE-2018-14356.patch: fix in
pop.c.
- CVE-2018-14356
* SECURITY UPDATE: Buffer overflow
- debian/patches/ubuntu/mutt-CVE-2018-14359.patch: fix in
base64.c, imap/auth_cram.c, imap/auth_gss.c, protos.h.
- CVE-2018-14359
* SECURITY UPDATE: Unsafe character interactions
- debian/patches/ubuntu/mutt-CVE-2018-14362.patch: fix in
pop.c.
- CVE-2018-14362
-- <email address hidden> (Leonidas S. Barbosa) Thu, 19 Jul 2018 09:35:37 -0300
Builds
Built packages
-
mutt
text-based mailreader supporting MIME, GPG, PGP and threading
-
mutt-dbg
debugging symbols for mutt
-
mutt-dbgsym
debug symbols for package mutt
-
mutt-patched
Mutt Mail User Agent with extra patches
-
mutt-patched-dbgsym
debug symbols for package mutt-patched
Package files