FEDORA-2018-502e31a658 — security update for mutt

stable

mutt-1.9.2-2.fc27

FEDORA-2018-502e31a658 created by mmuzila 5 years ago for Fedora 27

Security fix for CVE-2018-14358, CVE-2018-14352, CVE-2018-14353, CVE-2018-14356, CVE-2018-14359, CVE-2018-14354, CVE-2018-14355, CVE-2018-14362, CVE-2018-14357, CVE-2018-14350, CVE-2018-14349, CVE-2018-14351

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2018-502e31a658

This update has been submitted for testing by mmuzila.

5 years ago

This update has been pushed to testing.

5 years ago

mmuzila edited this update.

5 years ago

mmuzila edited this update.

5 years ago

mmuzila edited this update.

5 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

5 years ago

This update has been submitted for batched by mmuzila.

5 years ago

This update has been submitted for stable by mmuzila.

5 years ago

This update has been pushed to stable.

5 years ago

Please login to add feedback.

Metadata

Type

security

Karma

Signed

Content Type

RPM

Test Gating

ignored

Builds

mutt-1.9.2-2.fc27

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

5 years ago

in testing

5 years ago

in stable

5 years ago

modified

5 years ago

BZ#1602069 CVE-2018-14354 mutt: Remote code injection vulnerability to an IMAP mailbox

BZ#1602079 CVE-2018-14362 mutt: POP body caching path traversal vulnerability

BZ#1602081 CVE-2018-14355 mutt: IMAP header caching path traversal vulnerability

BZ#1602082 CVE-2018-14354 CVE-2018-14355 CVE-2018-14362 mutt: various flaws [fedora-all]

BZ#1602915 CVE-2018-14357 mutt: Remote Code Execution via backquote characters

BZ#1602916 CVE-2018-14357 mutt: Remote Code Execution via backquote characters [fedora-all]

BZ#1602922 CVE-2018-14350 mutt: stack-based buffer overflow in imap/message.c

BZ#1602923 CVE-2018-14350 mutt: stack-based buffer overflow in imap/message.c [fedora-all]

BZ#1602934 CVE-2018-14349 mutt: Heap Overflow in imap/command.c

BZ#1602935 CVE-2018-14349 mutt: Heap Overflow in imap/command.c [fedora-all]

BZ#1602953 CVE-2018-14351 mutt: IMAP status mailbox literal mishandled in imap/command.c

BZ#1602954 CVE-2018-14351 mutt: IMAP status mailbox literal mishandled in imap/command.c [fedora-all]

BZ#1604034 CVE-2018-14352 mutt: stack-based buffer overflow in imap/util.c

BZ#1604035 CVE-2018-14352 mutt: stack-based buffer overflow in imap/util.c [fedora-all]

BZ#1604040 CVE-2018-14353 mutt: integer underflow in imap/util.c

BZ#1604041 CVE-2018-14353 mutt: integer underflow in imap/util.c [fedora-all]

BZ#1604047 CVE-2018-14356 mutt: mishandles a zero-length UID in pop.c

BZ#1604048 CVE-2018-14356 mutt: mishandles a zero-length UID in pop.c [fedora-all]

BZ#1604064 CVE-2018-14358 mutt: stack-based buffer overflow in imap/message.c

BZ#1604067 CVE-2018-14358 mutt: stack-based buffer overflow in imap/message.c [fedora-all]

BZ#1604084 CVE-2018-14359 mutt: buffer overflow via base64 data

BZ#1604086 CVE-2018-14359 mutt: buffer overflow via base64 data [fedora-all]

mutt-1.9.2-2.fc27

Automated Test Results

ignored