Your message dated Sun, 24 Jan 2021 19:28:32 +0100
with message-id <[email protected]>
and subject line [[email protected]: Accepted mutt 2.0.5-1
(source) into unstable]
has caused the Debian Bug report #980326,
regarding mutt: CVE-2021-3181: mutt recipient parsing memory leak
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
980326: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980326
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: mutt
Version: 2.0.2-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
This was reported at
https://www.openwall.com/lists/oss-security/2021/01/17/2 and upstream
apparently at https://gitlab.com/muttmua/mutt/-/issues/323 (not
public).
Upstream fix:
https://gitlab.com/muttmua/mutt/-/commit/c059e20ea4c7cb3ee9ffd3500ffe313ae84b2545
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: mutt
Source-Version: 2.0.5-1
----- Forwarded message from Debian FTP Masters
<[email protected]> -----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 24 Jan 2021 09:58:18 +0100
Source: mutt
Architecture: source
Version: 2.0.5-1
Distribution: unstable
Urgency: medium
Maintainer: Mutt maintainers <[email protected]>
Changed-By: Antonio Radici <[email protected]>
Changes:
mutt (2.0.5-1) unstable; urgency=medium
.
* Latest upstream release
+ contains fix for CVE-2021-3181.
* debian/patches: all refreshed.
Checksums-Sha1:
f778c78c988c5f4a5f6448d43fa64ec568968897 2307 mutt_2.0.5-1.dsc
5254653d11f03e59d6a733f696076f4cebfa7324 5294710 mutt_2.0.5.orig.tar.gz
0ea5fe0ef496229bea4f2f71cf23fee8372ca4c0 833 mutt_2.0.5.orig.tar.gz.asc
60fa4002ffffa26316b12f6c0b7ca3ee3a9c05a4 60568 mutt_2.0.5-1.debian.tar.xz
93747c4f9ed70b3af6f8be3304a0c82716d2b694 7968 mutt_2.0.5-1_amd64.buildinfo
Checksums-Sha256:
66661e187a4a3924dff8a15f594bd7e078d34edb37a79a3251ddac1b6c6e48fa 2307
mutt_2.0.5-1.dsc
e21d5aec0d3110f89d390929e56a38794a94f5843120d9ff59b21da78fd0004d 5294710
mutt_2.0.5.orig.tar.gz
9deff041e96664c2871e04eff30c0c77ac35d8a35a515c749bcbf205656c622c 833
mutt_2.0.5.orig.tar.gz.asc
d7ecda9fe57b53dd6754d4976969f3f88c4c2fdc02f8253be9fb7361fe70be21 60568
mutt_2.0.5-1.debian.tar.xz
20305c0553a8c1c2157afcfb3cbf8efebfd01064d6f67e7132bf9efb08a0118a 7968
mutt_2.0.5-1_amd64.buildinfo
Files:
9f4899f4bf43b0fe43c3fdedb19976b0 2307 mail optional mutt_2.0.5-1.dsc
f738a7d1d458d91420fe0759845e4d0a 5294710 mail optional mutt_2.0.5.orig.tar.gz
ca23b5285b3b22b1b9ce6541bcec6162 833 mail optional mutt_2.0.5.orig.tar.gz.asc
a4426dac7bb6a5de4ee2358eb57a2f34 60568 mail optional mutt_2.0.5-1.debian.tar.xz
b4eb28f6d4c3d4b1c1eba7dc41ad275d 7968 mail optional
mutt_2.0.5-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJHBAEBCAAxFiEEQObYrBkA1SRrfOa1NcjIiHLLHu0FAmANOzsTHGFudG9uaW9A
ZGViaWFuLm9yZwAKCRA1yMiIcsse7UfSD/4nr32tZHdxM/Ao6Jj81ncNAq50lhoG
s5AY371x16s0aGIEOEPgtg4NW6DVrsZ9uEDeR3iQfle/0sl8iKGyY36nbqWlbX47
1Cq3Ux/iPdPEIdTr3m8HxDmE2RK4POdIcP/OfcGsaJ0pGZwnedqjWJDfR1N1oyaQ
8TQxrfUSXNjC4+BD1CNkiRS/QdZcVX+ECDeqqO4ZLa9ndq0ICj2ZiN0LK20DH+Am
xnZI+pC+T8xeqAp87lCWE6ZjqBiRn1sLyCZUTk0tVXku4/sfS2XHI2MLFOqXV8XH
XdgFAnPo+yq56t57shlGuy5GgUqFbkagh5sNjEX8T0IAKjbzmjGbCLbIQuF/0lLS
s2SxGduwcOY3FYUuP4MJh3fZjMCo4HkYHw+rF4UmbltU6fEEKs/73c0t/7EAG0mw
e3QLtOeNJ5FHEaVWn/rKZS6WBoKOeOg9TRI754uKnXBIFA6YlySkOaweO5CChrXF
4MeRhPEVyCdVYWtjV9/AbGzNJ99+8Ur45EZ1IhPMc0ravshucmYnBjiJvAZvyQOF
+bkPiGDfnWUDsdhqFwWHNZ8G/8OpwNxhu9ynykrtVcfHVutA17VbypOYDQvSv0+0
ULugZD5egkVMtsIwwYUuiKI1oHbicTlHKcNw8lA+v6w2czEwkPM6VpmnnxdEI2RI
kC2wBVe9uuft0Q==
=icjX
-----END PGP SIGNATURE-----
----- End forwarded message -----
--- End Message ---
