it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4838-1] mutt security update

From: Salvatore Bonaccorso <carnil AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 4838-1] mutt security update
Date: Mon, 25 Jan 2021 20:47:55 +0000
List-archive: https://lists.debian.org/msgid-search/E1l48mB-00045l-3f AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version :Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=4x3+sOe59CcO1RABF6GyDKn9fEd3x3IkTy6t2Oybq84=; b=hj 038bk5PZLNRv5lZ6i+Jra2O1t/PXXI+ZIQBRYYZ8huO9yca7YhYXAGsZQjME6lxNUz7dDfRLRCtn8 0LS0aMc1JhtvViXaEtpzo+HPibBu2opydB6EZtvyonlR/fQqI8pZYVs/1B+Ao+jzubkexpx6n+CSc WFw/ye7vi5yR5XWqnR1NRtlSsvNWpikgmSmkCj2fqZKKXMPuFYvgeZ6jzs3gQdOzh5pE5Uo1wUJcS onjdGbRWN8VpkCWqvQoT0sji4VU2l8Cq6QoaD4OczWMqBnG9xkohGJhWKZRXJ7vtb/SAXT7ReM4BY 6PHp5PkUf/iey5eXL071SlbpE0wvtBKQ==;
Old-return-path: <carnil AT seger.debian.org>
Priority: urgent
Resent-date: Mon, 25 Jan 2021 20:48:12 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <c2q9sAo_wSN.A.KXE.L6yDgB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4838-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
January 25, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : mutt
CVE ID : CVE-2021-3181
Debian Bug : 980326

Tavis Ormandy discovered a memory leak flaw in the rfc822 group recipient
parsing in Mutt, a text-based mailreader supporting MIME, GPG, PGP and
threading, which could result in denial of service.

For the stable distribution (buster), this problem has been fixed in
version 1.10.1-2.1+deb10u5.

We recommend that you upgrade your mutt packages.

For the detailed security status of mutt please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/mutt

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAPLitfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0RiCg/+Lios0rfY/jmT8tpygOcRqMTrw8/WK7x8aV595U1zcnDDNt7LgeIuLKaH
U/hY8FvIRsJEhTSbwi63Y03U8ywZFseT8TPywvpEM6Ne260YB/hUA2sPp0gKZrcx
9FUfVhwxQNpykTBJHGIY+t+tb8tFOg2hFqd53vEFQwuhmIGotlvFcNCjSBl5fUjZ
CyNOO21gZWjgohZQZyhymDTTqlZK4rtYQ97PX5Z5IptvokO9CdeKMwfjAEpVe6j6
+MqltzSw8FuYsD+EMboS+FjshZSNQS+k/YGLX5WiZ6pf5a5u74VSPvBK/UqJWzsQ
QL0H/+7pC7i7YoeHy9VM7mnVYxpnfDeTQrUpE50UxhIV8W4ttiG15Xb1AkA+JGwj
wjZb0/VrBZgEbOAweIz7v4JxCsj8QCgKEGsmkFY6yG8P7Jj4t+zmdRSngbeaqTjp
q2j2KQFdYZqyM/cRVUnKR7cOeMitQFDvlt3tKnUM3MzXsc/H/k7X85JtvMIhlBgo
dysC3zAn8NO5xeCwQh3+HmBpJMVXs7q9VNP+7ElXQ++j//p5e5Fio3ZIb7bYsiKy
Fq6ex3yE+6wZ7atZmqybRrDNeAfQAdEkWA4TK8sx8tI7A9XeAUsWSnCOlab70n85
rF6S0KZX0Yw63cADAYAuQobEY5qE0i0L58sV4Jk6+zkoUohq0y8=
=WcYy
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 4838-1] mutt security update, Salvatore Bonaccorso, 25.01.2021

Archiv bereitgestellt durch MHonArc 2.6.24.