• [SECURITY] [DSA 5494-1] mutt security update

    From Salvatore Bonaccorso@21:1/5 to All on Sun Sep 10 21:00:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5494-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 10, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : mutt
    CVE ID : CVE-2023-4874 CVE-2023-4875
    Debian Bug : 1051563

    Several NULL pointer dereference flaws were discovered in Mutt, a
    text-based mailreader supporting MIME, GPG, PGP and threading, which may
    result in denial of service (application crash) when viewing a specially crafted email or when composing from a specially crafted draft message.

    For the oldstable distribution (bullseye), these problems have been fixed
    in version 2.0.5-4.1+deb11u3.

    For the stable distribution (bookworm), these problems have been fixed in version 2.2.9-1+deb12u1.

    We recommend that you upgrade your mutt packages.

    For the detailed security status of mutt please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/mutt

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmT+D8dfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SSRw/9FWka9wnMAzBxcNsxoGxyRD8fWiFitW/MuwDy/29mlPjW+jR1GZsl841e LX6dUHCJYveoo2yccLuj68pTeIVmv9gHh6pHazxCrnMlMq3/677wrT/mJKZZQZzh mAg27I3jUqgUyZPSkS8mXVIA9zLY0qg1Yt5OJx/TJgKdXjHf6xne7ZeCgNo+ESf9 Dtx5fkYSS3yIYPOBRMRJK9kB+4ppsmy5hpSWlsWFrbulKiFEO3nwjcBA6SG6pqJO NmHBp4t5Z1qgSoI5W0WgcL6BzK4Ewz/Jcnh18wCMearITnrpl4TXzeAcPK3jajzg jeUwcu2sPilkOdDq3qXdm58Y5pQDft3gjaDS2XsYuJxyLURrzU4eDAJYGiT4vl1R DPGIwon+0RY1fygtN5Nl6ybAhJ8AMp4JChzhI7RZl//5H+Im3juYymGRj2POG8jp 6uQwyIcC14bvDN9/ZBjJbMqkwhtZPJy/SkteipEVK7LW7J0Hw6jMpDJfbKrttTur BwxuNYdf/NVcLu4jvPNinuxKc4UsJ62HBS8R9i+Ffa96GlHjvuUK2neKuxdhA2m/ /nANosFHK9Wyxg6z9MvoSHsJZY3OjLa3nOfByzTGKKDV4rf8iPqgeg1mv0IWYv0i d3idQbkP65GcT1UgoNBreoO4R3JD07djIQqC1tAa5Rqmb0O7rgQ=
    =Jqb0
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)