-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5494-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
September 10, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : mutt
CVE ID : CVE-2023-4874 CVE-2023-4875
Debian Bug : 1051563
Several NULL pointer dereference flaws were discovered in Mutt, a
text-based mailreader supporting MIME, GPG, PGP and threading, which may
result in denial of service (application crash) when viewing a specially
crafted email or when composing from a specially crafted draft message.
For the oldstable distribution (bullseye), these problems have been fixed
in version 2.0.5-4.1+deb11u3.
For the stable distribution (bookworm), these problems have been fixed in
version 2.2.9-1+deb12u1.
We recommend that you upgrade your mutt packages.
For the detailed security status of mutt please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/mutt
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmT+D8dfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SSRw/9FWka9wnMAzBxcNsxoGxyRD8fWiFitW/MuwDy/29mlPjW+jR1GZsl841e
LX6dUHCJYveoo2yccLuj68pTeIVmv9gHh6pHazxCrnMlMq3/677wrT/mJKZZQZzh
mAg27I3jUqgUyZPSkS8mXVIA9zLY0qg1Yt5OJx/TJgKdXjHf6xne7ZeCgNo+ESf9
Dtx5fkYSS3yIYPOBRMRJK9kB+4ppsmy5hpSWlsWFrbulKiFEO3nwjcBA6SG6pqJO
NmHBp4t5Z1qgSoI5W0WgcL6BzK4Ewz/Jcnh18wCMearITnrpl4TXzeAcPK3jajzg
jeUwcu2sPilkOdDq3qXdm58Y5pQDft3gjaDS2XsYuJxyLURrzU4eDAJYGiT4vl1R
DPGIwon+0RY1fygtN5Nl6ybAhJ8AMp4JChzhI7RZl//5H+Im3juYymGRj2POG8jp
6uQwyIcC14bvDN9/ZBjJbMqkwhtZPJy/SkteipEVK7LW7J0Hw6jMpDJfbKrttTur
BwxuNYdf/NVcLu4jvPNinuxKc4UsJ62HBS8R9i+Ffa96GlHjvuUK2neKuxdhA2m/
/nANosFHK9Wyxg6z9MvoSHsJZY3OjLa3nOfByzTGKKDV4rf8iPqgeg1mv0IWYv0i
d3idQbkP65GcT1UgoNBreoO4R3JD07djIQqC1tAa5Rqmb0O7rgQ=
=Jqb0
-----END PGP SIGNATURE-----