Back
    Linux Security
    Linux Security
    Linux Security

    Slackware: 2020-329-01: mutt Security Update

    Date 24 Nov 2020
    Category Slackware Linux Distribution - Security Advisories
    1934
    Posted By LinuxSecurity Advisories
    New mutt packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. 
    
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  mutt (SSA:2020-329-01)

New mutt packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix a security issue.


Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mutt-1.10.1-i586-2_slack14.2.txz:  Rebuilt.
  Mutt had incorrect error handling when initially connecting to an IMAP
  server, which could result in an attempt to authenticate without enabling TLS.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28896
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on https://slackware.com for
additional mirror sites near you.

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/mutt-1.10.1-i486-2_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/mutt-1.10.1-x86_64-2_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mutt-1.10.1-i486-2_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mutt-1.10.1-x86_64-2_slack14.1.txz

Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/mutt-1.10.1-i586-2_slack14.2.txz

Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/mutt-1.10.1-x86_64-2_slack14.2.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/mutt-2.0.2-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/mutt-2.0.2-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 14.0 package:
0757390b5c35d6df301bc18d58cad386  mutt-1.10.1-i486-2_slack14.0.txz

Slackware x86_64 14.0 package:
f054bf948e12e6ebea96ca5af6786880  mutt-1.10.1-x86_64-2_slack14.0.txz

Slackware 14.1 package:
8852e9368a2d1f15c31062d115125201  mutt-1.10.1-i486-2_slack14.1.txz

Slackware x86_64 14.1 package:
52467e39f92a4bbb3667ffc427f21783  mutt-1.10.1-x86_64-2_slack14.1.txz

Slackware 14.2 package:
a5597fd597f990e1d95b4f51f7c86dbd  mutt-1.10.1-i586-2_slack14.2.txz

Slackware x86_64 14.2 package:
55098bd701e18229fcfadd695a1a3ace  mutt-1.10.1-x86_64-2_slack14.2.txz

Slackware -current package:
c0ab7d3ff0b437adf87109cd4041ef1c  n/mutt-2.0.2-i586-1.txz

Slackware x86_64 -current package:
5f4723ea14e2a79f1312d13fecc0b107  n/mutt-2.0.2-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg mutt-1.10.1-i586-2_slack14.2.txz


+-----+

    Get the Latest News & Insights

    Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox

    Related News

    SolarWinds defense: How to stop similar attacks
    SolarWinds defense: How to stop similar attacks
    CloudLinux readies CentOS Linux replacement: AlmaLinux
    CloudLinux readies CentOS Linux replacement: AlmaLinux
    This Decade's Most Significant Security Vulnerabilities at a Glance
    This Decade's Most Significant Security Vulnerabilities at a Glance
    What must be done to bring Linux to the Apple M1 chip
    What must be done to bring Linux to the Apple M1 chip

    Advisories

    Debian LTS: DLA-2527-1: snapd security update
    Date 17 Jan 2021 @ 22:20
    Fedora 33: glibc 2021-6feb090c97
    Date 17 Jan 2021 @ 15:35
    openSUSE: 2021:0101-1 moderate: php7
    Date 17 Jan 2021 @ 14:18
    openSUSE: 2021:0102-1 moderate: openldap2
    Date 17 Jan 2021 @ 14:16

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/49-tis-the-season-of-giving-how-have-you-given-back-to-the-open-source-community?task=poll.vote&format=json
    49
    radio
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"8","type":"x","order":"1","pct":27.59,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":20.69,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":51.72,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200
    Phishing Is The #1 Cybersecurity Threat Businesses Face

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

    Our Cookie Policy