You are here
Home > Preporuke > Ranjivost programskog paketa mutt

Ranjivost programskog paketa mutt

  • Detalji os-a: FED
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2014-5880
2014-05-01 21:43:06
——————————————————————————–

Name : mutt
Product : Fedora 20
Version : 1.5.23
Release : 1.fc20
URL : http://www.mutt.org/
Summary : A text mode mail user agent
Description :
Mutt is a small but very powerful text-based MIME mail client. Mutt
is highly configurable, and is well suited to the mail power user with
advanced features like key bindings, keyboard macros, mail threading,
regular expression searches and a powerful pattern matching language
for selecting groups of messages.

——————————————————————————–
Update Information:

fix: CVE-2014-0467 heap-based buffer overflow when parsing certain headers
——————————————————————————–
ChangeLog:

* Tue Apr 29 2014 Jan Pacner <jpacner@redhat.com> – 5:1.5.23-1
– Resolves: #1034263 (new version due to CVE)
– patch cleanup (upstream fixes)
– add html documentation (in addition to the current txt one)
* Mon Dec 2 2013 Jan Pacner <jpacner@redhat.com> – 5:1.5.22-1
– new release (Resolves: #1034263)
– use inline sed instead of nodotlock patch
– patches removed: testcert, hdrcnt, certscomp, updating, pophash,
notation, writehead, tmpdir, verpeers, tlsv1v2
– manhelp patch adjusted (only DEBUG logging capability was left)
——————————————————————————–
References:

[ 1 ] Bug #1075860 – CVE-2014-0467 mutt: heap-based buffer overflow when parsing certain headers
https://bugzilla.redhat.com/show_bug.cgi?id=1075860
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update mutt’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

AutorTomislav Protega
Cert idNCERT-REF-2014-05-0005-ADV
CveCVE-2014-0467
ID izvornikaFEDORA-2014-5880
Proizvodmutt
Izvorhttp://www.redhat.com
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa openjdk-7

Otkriveni su sigurnosni nedostaci u programskom paketu openjdk-7 za operacijski sustav Debian. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje napada uskraćivanja...

Close