Updated mutt/neomutt packages fix security vulnerability
Publication date: 19 Jul 2023Modification date: 19 Jul 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-32055 , CVE-2022-1328
Description
Out-of-bounds read in imap/util.c when an IMAP sequence set ends with a
comma. (CVE-2021-32055)
Overflow in uudecoder in Mutt allows read past end of input line
(CVE-2022-1328)
References
- https://bugs.mageia.org/show_bug.cgi?id=30292
- https://marc.info/?l=mutt-users&m=164979464612885&w=2
- https://gitlab.com/muttmua/mutt/-/issues/404
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DR7ZSOKFQZ5EIKQHLZ37AMGVPDGDIJ5W/
- https://ubuntu.com/security/notices/USN-5392-1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/35CD7NH4NFPF5OEG2PHI3CZ3UOK3ICXR/
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YAIJ2AOB7KV4ZEDS2ZHBBCKGSPYKSKDI/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32055
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1328
SRPMS
8/core
- mutt-2.0.7-1.1.mga8
- neomutt-20230517-1.mga8