Source: mutt Version: 1.7.2-1 Severity: grave Tags: security upstream Justification: user security hole
Hi, The following vulnerabilities were published for mutt. CVE-2018-14362[0]: | An issue was discovered in Mutt before 1.10.1 and NeoMutt before | 2018-07-16. pop.c does not forbid characters that may have unsafe | interaction with message-cache pathnames, as demonstrated by a '/' | character. CVE-2018-14359[1]: | An issue was discovered in Mutt before 1.10.1 and NeoMutt before | 2018-07-16. They have a buffer overflow via base64 data. CVE-2018-14358[2]: | An issue was discovered in Mutt before 1.10.1 and NeoMutt before | 2018-07-16. imap/message.c has a stack-based buffer overflow for a | FETCH response with a long RFC822.SIZE field. CVE-2018-14357[3]: | An issue was discovered in Mutt before 1.10.1 and NeoMutt before | 2018-07-16. They allow remote IMAP servers to execute arbitrary | commands via backquote characters, related to the mailboxes command | associated with an automatic subscription. CVE-2018-14356[4]: | An issue was discovered in Mutt before 1.10.1 and NeoMutt before | 2018-07-16. pop.c mishandles a zero-length UID. CVE-2018-14355[5]: | An issue was discovered in Mutt before 1.10.1 and NeoMutt before | 2018-07-16. imap/util.c mishandles ".." directory traversal in a | mailbox name. CVE-2018-14354[6]: | An issue was discovered in Mutt before 1.10.1 and NeoMutt before | 2018-07-16. They allow remote IMAP servers to execute arbitrary | commands via backquote characters, related to the mailboxes command | associated with a manual subscription or unsubscription. CVE-2018-14353[7]: | An issue was discovered in Mutt before 1.10.1 and NeoMutt before | 2018-07-16. imap_quote_string in imap/util.c has an integer underflow. CVE-2018-14352[8]: | An issue was discovered in Mutt before 1.10.1 and NeoMutt before | 2018-07-16. imap_quote_string in imap/util.c does not leave room for | quote characters, leading to a stack-based buffer overflow. CVE-2018-14351[9]: | An issue was discovered in Mutt before 1.10.1 and NeoMutt before | 2018-07-16. imap/command.c mishandles a long IMAP status mailbox | literal count size. CVE-2018-14350[10]: | An issue was discovered in Mutt before 1.10.1 and NeoMutt before | 2018-07-16. imap/message.c has a stack-based buffer overflow for a | FETCH response with a long INTERNALDATE field. CVE-2018-14349[11]: | An issue was discovered in Mutt before 1.10.1 and NeoMutt before | 2018-07-16. imap/command.c mishandles a NO response without a message. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-14362 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362 [1] https://security-tracker.debian.org/tracker/CVE-2018-14359 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359 [2] https://security-tracker.debian.org/tracker/CVE-2018-14358 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358 [3] https://security-tracker.debian.org/tracker/CVE-2018-14357 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357 [4] https://security-tracker.debian.org/tracker/CVE-2018-14356 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356 [5] https://security-tracker.debian.org/tracker/CVE-2018-14355 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355 [6] https://security-tracker.debian.org/tracker/CVE-2018-14354 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354 [7] https://security-tracker.debian.org/tracker/CVE-2018-14353 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353 [8] https://security-tracker.debian.org/tracker/CVE-2018-14352 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352 [9] https://security-tracker.debian.org/tracker/CVE-2018-14351 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351 [10] https://security-tracker.debian.org/tracker/CVE-2018-14350 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350 [11] https://security-tracker.debian.org/tracker/CVE-2018-14349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
