lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Sun, 15 Feb 2004 20:11:24 +0100
From: Vincenzo Ciaglia <ciaglia@...wosix.org>
To: bugtraq@...urityfocus.com
Subject: LNSA-#2004-0001: mutt remote crash


************************************************************************************
Netwosix Linux Security Advisory #2004-0001 <http://www.netwosix.org>
-----------------------------------------------------------------------------------

Package name:      mutt
Summary:           remote crash
Date:              2004-02-16
Affected versions: Netwosix 1.0
************************************************************************************

-> Package description:
------------------------
  Mutt is a small but very powerful text-based MIME mail client. It is highly configurable, 
  and is well-suited to the mail power user with advanced features like key bindings, 
  keyboard macros, mail threading, regular expression searches, and a powerful pattern 
  matching language for selecting groups of messages.

-> Problem description:
------------------------
  It was discovered that certain messages would cause mutt to crash.
  Mutt 1.4.2 fixes this bug.  See CAN-2004-0078.


-> Action:
------------------------
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


-> Location:
---------------------
  You can download the latest version of this package from:
  <http://download.netwosix.org/0001/mutt-1.4.2.1i.tar.gz>

  You can download the latest version of this package in NEPOTE format from:
  <http://download.netwosix.org/0001/nepote>

-> Nepote Update:
---------------------

See this instructions to update the port of this package:

        # cd /usr/ports/sysutils/mutt/
        # rm nepote
        # wget http://download.netwosix.org/0001/nepote 


-> About Linux Netwosix:
---------------------------------
  Linux Netwosix is a powerful and optimized Linux distribution for servers and 
  Network Security related jobs.  It can also be used for special operations such 
  as penetration testing with its big collection of security oriented software and 
  sources. It's a light distribution created for the requirements of every SysAdmin 
  and it's very portable and highly configurable. Our philosophy is to give greater 
  liberty for  configuration to the SysAdmin. Only in this way can he/she configure 
  a powerful and stable server machine. Linux Netwosix also has a powerful ports 
  system (Nepote) similar to the xBSD systems but more flexible and usable.


-> Questions?
---------------------
  Check out our mailing lists:
  <http://www.netwosix.org/mailing.html>


  The advisory itself is available at
  <http://www.netwosix.org/adv01.html>


MD5sums of the packages:
- --------------------------------------------------------------------------
bda59eb9eb6094c5d643ff0f89e1d566  0001/nepote
710bd56d3c4c4bcd1403bc4e053f7476  0001/mutt-1.4.2.1i.tar.gz
- --------------------------------------------------------------------------


Vincenzo Ciaglia - Linux Netwosix Security Advisories
<ciaglia@...wosix.org> - <http://www.netwosix.org>


Powered by blists - more mailing lists