Sicherheit: Denial of Service in mutt
Aktuelle Meldungen Distributionen
Name: Denial of Service in mutt
ID: FEDORA-2014-16494
Distribution: Fedora
Plattformen: Fedora 20
Datum: So, 15. Februar 2015, 11:27
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116
Applikationen: mutt


Name        : mutt
Product : Fedora 20
Version : 1.5.23
Release : 4.fc20
URL : http://www.mutt.org/
Summary : A text mode mail user agent
Description :
Mutt is a small but very powerful text-based MIME mail client. Mutt
is highly configurable, and is well suited to the mail power user with
advanced features like key bindings, keyboard macros, mail threading,
regular expression searches and a powerful pattern matching language
for selecting groups of messages.

Update Information:

Security fix for

* Sat Dec 6 2014 Matej Muzila <mmuzila@redhat.com> - 5:1.5.23-4
- resolves #1168464 (CVE-2014-9116)
* Mon May 26 2014 Jan Pacner <jpacner@redhat.com> - 5:1.5.23-3
- Resolves: #1096756 ([RFE] compile with --enable-debug by default)
* Thu May 15 2014 Dan Horák <dan[at]danny.cz> - 5:1.5.23-2
- update Makefile.am before running autoreconf
* Tue Apr 29 2014 Jan Pacner <jpacner@redhat.com> - 5:1.5.23-1
- Resolves: #1034263 (new version due to CVE)
- patch cleanup (upstream fixes)
- add html documentation (in addition to the current txt one)
* Mon Dec 2 2013 Jan Pacner <jpacner@redhat.com> - 5:1.5.22-1
- new release (Resolves: #1034263)
- use inline sed instead of nodotlock patch
- patches removed: testcert, hdrcnt, certscomp, updating, pophash,
notation, writehead, tmpdir, verpeers, tlsv1v2
- manhelp patch adjusted (only DEBUG logging capability was left)

[ 1 ] Bug #1168463 - CVE-2014-9116 mutt: incorrect use of mutt_substrdup() in

This update can be installed with the "yum" update program. Use
su -c 'yum update mutt' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Pro-Linux @Facebook
Neue Nachrichten