Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Red Hat Linux 7.0 RHSA-2001:029-02 Critical Mutt Format Issue

red hat
Calendar Grey March 15, 2001
Dist Redhat Esm H88
New improvements to the fetchmail application address a critical buffer overflow issue identified in pop3 services, boosting both usability and protection for clients.
An example of a 'format string' vulnerability was present in the IMAP code in versions of mutt previous to 1.2.5.

Solution

To update all RPMs for your particular architecture, run:

rpm -Fvh

where is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directly *only* contains the desired RPMs.

Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed ( for more info):

19326 - Updated version of Mutt (1.2) has IMAP security hole fixed

6. RPMs required:

Red Hat Linux 5.2:

SRPMS:

alpha:

i386:

sparc:

Red Hat Linux 6.2:

SRPMS:

alpha:

i386:

sparc:

Red Hat Linux 7.0:

SRPMS:

alpha:

i386:



7. Verification:

MD5 sum Package Name 3ee2c329af45ffa655033498df170d7d 5.2/SRPMS/mutt-1.2.5i-8.5.src.rpm e51c9d9f1477e85a09b5f24086330099 5.2/alpha/mutt-1.2.5i-8.5.alpha.rpm 04dc128f557c060e6bca0a8d22bf2f95 5.2/i386/mutt-1.2.5i-8.5.i386.rpm 1236d1b376b493810cec113c108ac039 5.2/sparc/mutt-1.2.5i-8.5.sparc.rpm a14943ad1aa6fa508a9008ce72df0ccf 6.2/SRPMS/mutt-1.2.5i-8.6.src.rpm be6d299c37243967b4965562a542f583 6.2/alpha/mutt-1.2.5i-8.6.alpha.rpm 362d9fcec4018f1c59ef43be0a276807 6.2/i386/mutt-1.2.5i-8.6.i386.rpm 003e1a1a237e71f009e6425488b043d6 6.2/sparc/mutt-1.2.5i-8.6.sparc.rpm 909998195c995035deccf48fc6139bb6 7.0/SRPMS/mutt-1.2.5i-8.7.src.rpm 5c0775e332e70df1cba99f275490837d 7.0/alpha/mutt-1.2.5i-8.7.alpha.rpm 0d528824313b49c60a21a513e1056067 7.0/i386/mutt-1.2.5i-8.7.i386.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:

You can verify each package with the following command: rpm --checksig

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

Summary

References

Copyright(c) 2000, 2001 Red Hat, Inc. `

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2001:029-02
Issue date: 2001-03-09
Updated on: 2001-03-13
Product: Red Hat Linux
Keywords: mutt IMAP format string GSSAPI
Cross references:
Obsoletes:

Topic

Relevant Releases Architectures

Red Hat Linux 5.2 - alpha, i386, sparc

Red Hat Linux 6.2 - alpha, i386, sparc

Red Hat Linux 7.0 - alpha, i386

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here