[ubuntu/bionic-updates] mutt 1.9.4-3ubuntu0.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Jul 23 14:28:11 UTC 2018

mutt (1.9.4-3ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Mishandles a NO response without a msg
    - debian/patches/ubuntu/mutt-CVE-2018-14349.patch: fix in
    - CVE-2018-14349
  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/ubuntu/mutt-CVE-2018-14350-CVE-2018-14358.patch:
      fix in imap/message.c.
    - CVE-2018-14350
    - CVE-2018-14358
  * SECURITY UPDATE: Mishandles a long IMAP status
    - debian/patches/ubuntu/mutt-CVE-2018-14351.patch: fix in
    - CVE-2018-14351
  * SECURITY UPDATE: Integer underflow and stack-based buffer overflow
    - debian/patches/ubuntu/mutt-CVE-2018-14352-CVE-2018-14353.patch:
      fix in imap/util.c.
    - CVE-2018-14352
    - CVE-2018-14353
  * SECURITY UPDATE: Remote arbitrary code execution
    - debian/patches/ubuntu/mutt-CVE-2018-14354-CVE-2018-14357.patch:
      fix in imap/command.c, imap/imap.c, imap/imap_private.h, imap/util.c.
    - CVE-2018-14354
    - CVE-2018-14357
  * SECURITY UPDATE: Directory traversal
    - debian/patches/ubuntu/mutt-CVE-2018-14355.patch: fix in
    - CVE-2018-14355
  * SECURITY UPDATE: Mishandles a zero-lenght UID
    - debian/patches/ubuntu/mutt-CVE-2018-14356.patch: fix in
    - CVE-2018-14356
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/ubuntu/mutt-CVE-2018-14359.patch: fix in
      base64.c, imap/auth_cram.c, imap/auth_gss.c, protos.h.
    - CVE-2018-14359
  * SECURITY UPDATE: Unsafe character interactions
    - debian/patches/ubuntu/mutt-CVE-2018-14362.patch: fix in
    - CVE-2018-14362

Date: 2018-07-19 16:54:19.578354+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list