Opened 3 years ago
Closed 3 years ago
#16406 closed enhancement (fixed)
mutt-2.2.3
| Reported by: | Bruce Dubbs | Owned by: | |
|---|---|---|---|
| Priority: | elevated | Milestone: | 11.2 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description ¶
New point version.
Change History (7)
comment:1 by , 3 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 3 years ago
| Priority: | normal → elevated |
|---|
comment:3 by , 3 years ago
This is a bug-fix release, addressing CVE-2022-1328: a buffer overread in the uuencoded decoder routine. For more details please see GitLab ticket 404: <https://gitlab.com/muttmua/mutt/-/issues/404>. The commit fixing this issue is at <https://gitlab.com/muttmua/mutt/-/commit/e5ed080c00e59701ca62ef9b2a6d2612ebf765a5> Also fixed were a possible integer overflow issue in the general iconv and rfc2047-conversion iconv functions. These are not believed to be exploitable. A huge thank you to Tavis Ormandy for reporting these issues, suggesting a patch for the iconv issue,
comment:4 by , 3 years ago
| Owner: | changed from to |
|---|---|
| Status: | assigned → new |
comment:5 by , 3 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:7 by , 3 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Security Advisory 11.1-032.
Note:
See TracTickets
for help on using tickets.
Grab security updates