Fedora 37: libetpan 2022-f092bc8f7b | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-f092bc8f7b
2022-12-02 01:19:01.664504
--------------------------------------------------------------------------------

Name        : libetpan
Product     : Fedora 37
Version     : 1.9.4
Release     : 9.fc37
URL         : https://www.etpan.org/
Summary     : Portable, efficient middle-ware for different kinds of mail access
Description :
The purpose of this mail library is to provide a portable, efficient middle-ware
for different kinds of mail access. When using the drivers interface, the
interface is the same for all kinds of mail access, remote and local mailboxes.

--------------------------------------------------------------------------------
Update Information:

A potential bug is found on libetpan that when IMAP client receives invalid
STATUS response, an invalid free can occur on
mailimap_mailbox_data_status_free(). This bug is now assigned as CVE-2022-4121.
Although the formal fix is under discussion, this update rpm adds a quick fix
for this issue.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 23 2022 Mamoru TASAKA  - 1.9.4-9
- Workaround for CVE-2022-4121 (bug 2144914)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2144915 - libetpan: Null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2144915
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-f092bc8f7b' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 37: libetpan 2022-f092bc8f7b

December 2, 2022
A potential bug is found on libetpan that when IMAP client receives invalid STATUS response, an invalid free can occur on mailimap_mailbox_data_status_free()

Summary

The purpose of this mail library is to provide a portable, efficient middle-ware

for different kinds of mail access. When using the drivers interface, the

interface is the same for all kinds of mail access, remote and local mailboxes.

Update Information:

A potential bug is found on libetpan that when IMAP client receives invalid STATUS response, an invalid free can occur on mailimap_mailbox_data_status_free(). This bug is now assigned as CVE-2022-4121. Although the formal fix is under discussion, this update rpm adds a quick fix for this issue.

Change Log

* Wed Nov 23 2022 Mamoru TASAKA - 1.9.4-9 - Workaround for CVE-2022-4121 (bug 2144914)

References

[ 1 ] Bug #2144915 - libetpan: Null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2144915

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-f092bc8f7b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : libetpan
Product : Fedora 37
Version : 1.9.4
Release : 9.fc37
URL : https://www.etpan.org/
Summary : Portable, efficient middle-ware for different kinds of mail access

Related News

Important Linux Kernel DoS, Code Execution Bugs Fixed

Important Fix for c-ares DoS Bug Released

Linux Kernel DoS, Info Disclosure Bugs Fixed

Important Ruby ReDoS Vulns Discovered & Fixed

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy