Advisories » MGASA-2025-0070

Updated neomutt packages fix security vulnerabilities

Publication date: 24 Feb 2025
Modification date: 24 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-49393 , CVE-2024-49394

Description

The To and Cc email header fields are not protected by cryptographic
signing. (CVE-2024-49393)
The In-reply-to email header field is not protected by cryptographic signing.
(CVE-2024-49394)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33814
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ZYFPGXOX4Q4I4UNPEGXP2N372IN2YSAS/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49393
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49394

SRPMS

9/core

• neomutt-20241002-1.mga9