[ubuntu/xenial-security] mutt 1.5.24-1ubuntu0.1 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Mon Jul 23 13:21:14 UTC 2018
mutt (1.5.24-1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: Mishandles a NO response without a msg
- debian/patches/ubuntu/mutt-CVE-2018-14349.patch: fix in
imap/command.c.
- CVE-2018-14349
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/ubuntu/mutt-CVE-2018-14350-CVE-2018-14358.patch:
fix in imap/message.c.
- CVE-2018-14350
- CVE-2018-14358
* SECURITY UPDATE: Mishandles a long IMAP status
- debian/patches/ubuntu/mutt-CVE-2018-14351.patch: fix in
imap/command.c.
- CVE-2018-14351
* SECURITY UPDATE: Integer underflow and stack-based buffer overflow
- debian/patches/ubuntu/mutt-CVE-2018-14352-CVE-2018-14353.patch:
fix in imap/util.c.
- CVE-2018-14352
- CVE-2018-14353
* SECURITY UPDATE: Remote arbitrary code execution
- debian/patches/ubuntu/mutt-CVE-2018-14354-CVE-2018-14357.patch:
fix in imap/command.c, imap/imap.c, imap/imap_private.h, imap/util.c.
- CVE-2018-14354
- CVE-2018-14357
* SECURITY UPDATE: Directory traversal
- debian/patches/ubuntu/mutt-CVE-2018-14355.patch: fix in
imap/util.c.
- CVE-2018-14355
* SECURITY UPDATE: Mishandles a zero-lenght UID
- debian/patches/ubuntu/mutt-CVE-2018-14356.patch: fix in
pop.c.
- CVE-2018-14356
* SECURITY UPDATE: Buffer overflow
- debian/patches/ubuntu/mutt-CVE-2018-14359.patch: fix in
base64.c, imap/auth_cram.c, imap/auth_gss.c, protos.h.
- CVE-2018-14359
* SECURITY UPDATE: Unsafe character interactions
- debian/patches/ubuntu/mutt-CVE-2018-14362.patch: fix in
pop.c.
- CVE-2018-14362
Date: 2018-07-19 13:54:13.571266+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/mutt/1.5.24-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list