SECURITY: mutt email program

Subject: SECURITY: mutt email program
From: Dan Burcaw (dburcaw@terraplex.com)
Date: Fri Oct 01 1999 - 16:36:18 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Jason Knight: "Re: ydl1.1 & pmac 7200 woes"
• Previous message: benjamin kline lowengard: "Re: ydl1.1 & pmac 7200 woes"

The Yellow Dog Linux Security Team has just released a version of the mutt
email program that fixes a buffer overflow.

Package: mutt
Date: October 1, 1999
Problem:
A buffer overflow was dicovered in the text/enriched handler which may be
exploited by an attacker suitably-formatted email messages.

Versions of mutt 0.95.6 and below are vulnerable. Yellow Dog Linux
Champion Server 1.0 and 1.1 ship with versions that are effected.

Thanks to the Mutt development team for releasing an update for this
problem.

Urgency: MEDIUM
Solution:
rpm -Uvh ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.1/RPMS/mutt-0.95-7us-1a.ppc.rpm

Users of mutt on Champion Server 1.0 or 1.1 are suggested to upgrade to
this newer version.

More information is available at:
http://www.yellowdoglinux.com/resources/errata.shml

Mailing List Notes:
This is most likely the last security advisory posted to this list.
yellowdog-security and yellowdog-devel mailing lists will be activated
this weekend. There will be less formal, "there are new updates" type
messages to yellowdog-general in the future with the formal messages sent
to yellowdog-security.

Yellow Dog Linux Security Team
security@yellowdoglinux.com
http://www.yellowdoglinux.com/

• Next message: Jason Knight: "Re: ydl1.1 & pmac 7200 woes"
• Previous message: benjamin kline lowengard: "Re: ydl1.1 & pmac 7200 woes"

This archive was generated by hypermail 2a24 : Tue Nov 02 1999 - 16:20:57 MST