[yellowdog-security] SECURITY: mutt email program

Subject: [yellowdog-security] SECURITY: mutt email program
From: Dan Burcaw (dburcaw@terraplex.com)
Date: Fri Oct 01 1999 - 17:54:48 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Dan Burcaw: "[yellowdog-security] UPDATE: pam (pluggable authentication modules)"

The Yellow Dog Linux Security Team has just released a version of the mutt
email program that fixes a buffer overflow.

Package: mutt
Date: October 1, 1999
Problem:
A buffer overflow was dicovered in the text/enriched handler which may be
exploited by an attacker suitably-formatted email messages.

Versions of mutt 0.95.6 and below are vulnerable. Yellow Dog Linux
Champion Server 1.0 and 1.1 ship with versions that are effected.

Thanks to the Mutt development team for releasing an update for this
problem.

Urgency: MEDIUM
Solution:
rpm -Uvh ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.1/RPMS/mutt-0.95-7us-1a.ppc.rpm

Users of mutt on Champion Server 1.0 or 1.1 are suggested to upgrade to
this newer version.

More information is available at:
http://www.yellowdoglinux.com/resources/errata.shml

Yellow Dog Linux Security Team
security@yellowdoglinux.com
http://www.yellowdoglinux.com/

• Next message: Dan Burcaw: "[yellowdog-security] UPDATE: pam (pluggable authentication modules)"

This archive was generated by hypermail 2a24 : Tue Nov 02 1999 - 16:21:15 MST