-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2874-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff March 12, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mutt CVE ID : CVE-2014-0467 Debian Bug : 708731 Beatrice Torracca and Evgeni Golov discovered a buffer overflow in the mutt mailreader. Malformed RFC2047 header lines could result in denial of service or potentially the execution of arbitrary code. For the oldstable distribution (squeeze), this problem has been fixed in version 1.5.20-9+squeeze3. For the stable distribution (wheezy), this problem has been fixed in version 1.5.21-6.2+deb7u2. For the unstable distribution (sid), this problem has been fixed in version 1.5.22-2. We recommend that you upgrade your mutt packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJTIIBQAAoJEBDCk7bDfE42lGQP+wXTo5lcib+GNUh4hkE4FMi7 BpB/RhIx5EfS8f3vUvGxQInn+usA61H17sBKLaMkpgT+4jksNbLo8n6IIt3uDik9 GyVE8tEsPXEJQ/qqurVBU7qEbrFbi1azRv0yQVcWdFA5K+1kFVzkejOFFKOxFxXI U7Wuix91hx+36dQm2gjY6/WjZtQ/ccyjAzxCeE2DX2SJGNLnmAPSaxuotUN+UWCn 5Ybin/arUglttiMXhfv12vHoibSKghShWE6r16NyoQRRcKePv8o6OnLKEyu8Vh8L oBd3MghG891kP9n3aFnj2lCAjwExx0d4AzL5CGmiAg1UoJUPGQRB6omR9+pOYpCB xsu3+zooh2/rq4M3cKg9e9FM5hyKF4JpwrQKOT55SXnnjviN7oFgi6mdSPPZGn4S uMcXA1mMRzJ1IdSlDskQ+w12sLrrP61C90ecsRJ9hDyI9Zjj5LPXlLUk0P6HeAvY hItFG9DqPVaSTbFTn2MyGeY455PCNstVciejaJDuI2pB1GEFcwtzXt6jQHYtd1Mb v2/PNaqjGiVcz6g58RdPiIUIrV71X+YEHiU8tjxvd8/tUGNmDriOKefcH+T4Ey6k 51BgyXH6gRbiow6XD45fcKEkxeewiV4YLnlSZn2McaGwGFplttQPTTRdUns3fbqx IkrdpnS3ekH3bMpFijcg =bmJF -----END PGP SIGNATURE-----