What Are You Looking For?

Popular Tags

Sign Up
MGASA-2023-0232 - Updated mutt/neomutt packages fix security vulnerability

Publication date: 19 Jul 2023
URL: https://advisories.mageia.org/MGASA-2023-0232.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-32055,
     CVE-2022-1328

Out-of-bounds read in imap/util.c when an IMAP sequence set ends with a
comma. (CVE-2021-32055)
Overflow in uudecoder in Mutt allows read past end of input line
(CVE-2022-1328)

References:
- https://bugs.mageia.org/show_bug.cgi?id=30292
- https://marc.info/?l=mutt-users&m=164979464612885&w=2
- https://gitlab.com/muttmua/mutt/-/issues/404
- https://lists.opensuse.org/archives/list/[email protected]/thread/DR7ZSOKFQZ5EIKQHLZ37AMGVPDGDIJ5W/
- https://ubuntu.com/security/notices/USN-5392-1
- https://lists.fedoraproject.org/archives/list/[email protected]/thread/35CD7NH4NFPF5OEG2PHI3CZ3UOK3ICXR/
- https://lists.opensuse.org/archives/list/[email protected]/thread/YAIJ2AOB7KV4ZEDS2ZHBBCKGSPYKSKDI/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32055
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1328

SRPMS:
- 8/core/mutt-2.0.7-1.1.mga8
- 8/core/neomutt-20230517-1.mga8

Mageia 2023-0232: mutt/neomutt security update

Out-of-bounds read in imap/util.c when an IMAP sequence set ends with a comma

Summary

Out-of-bounds read in imap/util.c when an IMAP sequence set ends with a comma. (CVE-2021-32055) Overflow in uudecoder in Mutt allows read past end of input line (CVE-2022-1328)

References

- https://bugs.mageia.org/show_bug.cgi?id=30292

- https://marc.info/?l=mutt-users&m=164979464612885&w=2

- https://gitlab.com/muttmua/mutt/-/issues/404

- https://lists.opensuse.org/archives/list/security-anno[email protected]/thread/DR7ZSOKFQZ5EIKQHLZ37AMGVPDGDIJ5W/

- https://ubuntu.com/security/notices/USN-5392-1

- https://lists.fedoraproject.org/archives/list/[email protected]/thread/35CD7NH4NFPF5OEG2PHI3CZ3UOK3ICXR/

- https://lists.opensuse.org/archives/list/security-anno[email protected]/thread/YAIJ2AOB7KV4ZEDS2ZHBBCKGSPYKSKDI/

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32055

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1328

Resolution

MGASA-2023-0232 - Updated mutt/neomutt packages fix security vulnerability

SRPMS

- 8/core/mutt-2.0.7-1.1.mga8

- 8/core/neomutt-20230517-1.mga8

Severity
Publication date: 19 Jul 2023
URL: https://advisories.mageia.org/MGASA-2023-0232.html
Type: security
CVE: CVE-2021-32055, CVE-2022-1328

Related News

Nitrux Devs Make It Easier to Upgrade Your Immutable Nitrux OS Installations

Jun 20, 2023

X.Org DoS, Code Execution Vulns Fixed

Aug 3, 2023

Linux Kernel DoS, Code Execution, Info Disclosure Vulns Fixed

Jul 6, 2023

Hackers Deploy Open-Source Tool Sliver C2, Replacing Cobalt Strike, Metasploit

Jan 24, 2023

News

Advisories

HOWTOs

Features

The Unseen Potential of Wake-on-LAN
Linux Vulnerabilities: The Antidote to This Linux Security Poison
Preventing Linux DDoS Attacks with Minimal Cybersecurity Knowledge
Navigating Software Scalability: A Practical Guide to Building Scalable Systems with Linux
Unlocking the Secrets of Linux Security: An Expert Analysis

About Us

Powered By

Footer Logo

Feedback