Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Slackware Mutt Significant Buffer Overflow Patch 2026-186-01

slackware
Calendar Grey July 5, 2026
Dist Slackware Esm H88
Mutt packages for Slackware 15.0 fix a buffer overflow issue due to unsigned int overflow in imap command processing.
New mutt packages are available for Slackware 15.0 and -current to fix a security issue.

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mutt-2.4.1-i586-1_slack15.0.txz: Upgraded. This update fixes a security issue: Prevent unsigned int overflow in imap_cmd_step buffer growth. The idata->blen field is unsigned int (32-bit) while the companion variable len is size_t (64-bit on LP64). When a malicious IMAP server sends a response line longer than UINT_MAX bytes without newline, the expression wraps to a small value, causing safe_realloc() to shrink the buffer while len retains its original huge value. The subsequent mutt_socket_readln() then writes far past the shrunken allocation. Fix by changing idata->blen from unsigned int to size_t, matching the type of len and preventing the overflow on all platforms. (* Security fix *)

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mutt-2.4.1-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mutt-2.4.1-x86_64-1_slack15.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/mutt-2.4.1-i686-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/mutt-2.4.1-x86_64-1.txz

MD5 Signatures

Slackware 15.0 package: f11f2ee43019a8d4dfe091b9847edb26 mutt-2.4.1-i586-1_slack15.0.txz
Slackware x86_64 15.0 package: 4ec2b1a46429b01ba5cd0802ade731f2 mutt-2.4.1-x86_64-1_slack15.0.txz
Slackware -current package: 2118fea459aa2b9f2189234c4d915606 n/mutt-2.4.1-i686-1.txz
Slackware x86_64 -current package: e6718228d75941323740361ca6a90114 n/mutt-2.4.1-x86_64-1.txz

Severity
important
Lowest
Low
Medium
High
Critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg mutt-2.4.1-i586-1_slack15.0.txz

Your message here