FEDORA-2018-f1438c5833

security update in Fedora 28 for mutt

Status: stable 4 months ago

Upgrade to 1.10.1

Security fix for CVE-2018-14358, CVE-2018-14352, CVE-2018-14353, CVE-2018-14356, CVE-2018-14359, CVE-2018-14354, CVE-2018-14355, CVE-2018-14362, CVE-2018-14357, CVE-2018-14350, CVE-2018-14349, CVE-2018-14351

Comments 9

This update has been submitted for testing by mmuzila.

mmuzila edited this update.

This update has been pushed to testing.

mmuzila edited this update.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

Works

karma: +1

This update has been submitted for batched by mmuzila.

This update has been submitted for stable by mmuzila.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1602069 CVE-2018-14354 mutt: Remote code injection vulnerability to an IMAP mailbox
#1602079 CVE-2018-14362 mutt: POP body caching path traversal vulnerability
#1602081 CVE-2018-14355 mutt: IMAP header caching path traversal vulnerability
#1602082 CVE-2018-14354 CVE-2018-14355 CVE-2018-14362 mutt: various flaws [fedora-all]
#1602915 CVE-2018-14357 mutt: Remote Code Execution via backquote characters
#1602916 CVE-2018-14357 mutt: Remote Code Execution via backquote characters [fedora-all]
#1602922 CVE-2018-14350 mutt: stack-based buffer overflow in imap/message.c
#1602923 CVE-2018-14350 mutt: stack-based buffer overflow in imap/message.c [fedora-all]
#1602934 CVE-2018-14349 mutt: Heap Overflow in imap/command.c
#1602935 CVE-2018-14349 mutt: Heap Overflow in imap/command.c [fedora-all]
#1602953 CVE-2018-14351 mutt: IMAP status mailbox literal mishandled in imap/command.c
#1602954 CVE-2018-14351 mutt: IMAP status mailbox literal mishandled in imap/command.c [fedora-all]
#1604034 CVE-2018-14352 mutt: stack-based buffer overflow in imap/util.c
#1604035 CVE-2018-14352 mutt: stack-based buffer overflow in imap/util.c [fedora-all]
#1604040 CVE-2018-14353 mutt: integer underflow in imap/util.c
#1604041 CVE-2018-14353 mutt: integer underflow in imap/util.c [fedora-all]
#1604047 CVE-2018-14356 mutt: mishandles a zero-length UID in pop.c
#1604048 CVE-2018-14356 mutt: mishandles a zero-length UID in pop.c [fedora-all]
#1604064 CVE-2018-14358 mutt: stack-based buffer overflow in imap/message.c
#1604067 CVE-2018-14358 mutt: stack-based buffer overflow in imap/message.c [fedora-all]
#1604084 CVE-2018-14359 mutt: buffer overflow via base64 data
#1604086 CVE-2018-14359 mutt: buffer overflow via base64 data [fedora-all]
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+1
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 4 months ago
in testing 4 months ago
in stable 4 months ago
modified 4 months ago

Related Bugs 22

00 #1602069 CVE-2018-14354 mutt: Remote code injection vulnerability to an IMAP mailbox
00 #1602079 CVE-2018-14362 mutt: POP body caching path traversal vulnerability
00 #1602081 CVE-2018-14355 mutt: IMAP header caching path traversal vulnerability
00 #1602082 CVE-2018-14354 CVE-2018-14355 CVE-2018-14362 mutt: various flaws [fedora-all]
00 #1602915 CVE-2018-14357 mutt: Remote Code Execution via backquote characters
00 #1602916 CVE-2018-14357 mutt: Remote Code Execution via backquote characters [fedora-all]
00 #1602922 CVE-2018-14350 mutt: stack-based buffer overflow in imap/message.c
00 #1602923 CVE-2018-14350 mutt: stack-based buffer overflow in imap/message.c [fedora-all]
00 #1602934 CVE-2018-14349 mutt: Heap Overflow in imap/command.c
00 #1602935 CVE-2018-14349 mutt: Heap Overflow in imap/command.c [fedora-all]
00 #1602953 CVE-2018-14351 mutt: IMAP status mailbox literal mishandled in imap/command.c
00 #1602954 CVE-2018-14351 mutt: IMAP status mailbox literal mishandled in imap/command.c [fedora-all]
00 #1604034 CVE-2018-14352 mutt: stack-based buffer overflow in imap/util.c
00 #1604035 CVE-2018-14352 mutt: stack-based buffer overflow in imap/util.c [fedora-all]
00 #1604040 CVE-2018-14353 mutt: integer underflow in imap/util.c
00 #1604041 CVE-2018-14353 mutt: integer underflow in imap/util.c [fedora-all]
00 #1604047 CVE-2018-14356 mutt: mishandles a zero-length UID in pop.c
00 #1604048 CVE-2018-14356 mutt: mishandles a zero-length UID in pop.c [fedora-all]
00 #1604064 CVE-2018-14358 mutt: stack-based buffer overflow in imap/message.c
00 #1604067 CVE-2018-14358 mutt: stack-based buffer overflow in imap/message.c [fedora-all]
00 #1604084 CVE-2018-14359 mutt: buffer overflow via base64 data
00 #1604086 CVE-2018-14359 mutt: buffer overflow via base64 data [fedora-all]

Automated Test Results