Your message dated Wed, 27 Jan 2021 22:32:08 +0000
with message-id <[email protected]>
and subject line Bug#980326: fixed in mutt 1.10.1-2.1+deb10u5
has caused the Debian Bug report #980326,
regarding mutt: CVE-2021-3181: mutt recipient parsing memory leak
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
980326: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980326
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: mutt
Version: 2.0.2-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
This was reported at
https://www.openwall.com/lists/oss-security/2021/01/17/2 and upstream
apparently at https://gitlab.com/muttmua/mutt/-/issues/323 (not
public).
Upstream fix:
https://gitlab.com/muttmua/mutt/-/commit/c059e20ea4c7cb3ee9ffd3500ffe313ae84b2545
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: mutt
Source-Version: 1.10.1-2.1+deb10u5
Done: Antonio Radici <[email protected]>
We believe that the bug you reported is fixed in the latest version of
mutt, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Antonio Radici <[email protected]> (supplier of updated mutt package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 25 Jan 2021 19:10:07 +0100
Source: mutt
Architecture: source
Version: 1.10.1-2.1+deb10u5
Distribution: buster-security
Urgency: high
Maintainer: Mutt maintainers <[email protected]>
Changed-By: Antonio Radici <[email protected]>
Closes: 980326
Changes:
mutt (1.10.1-2.1+deb10u5) buster-security; urgency=high
.
* debian/patches:
+ fix for CVE-2021-3181 in security/CVE-2021-3181.patch (Closes: 980326).
Checksums-Sha1:
cd378b9b862a844d6c68a6eb1573bdabcac491c1 2153 mutt_1.10.1-2.1+deb10u5.dsc
c986905b8d000ff548cba4648077c2ca666d345b 67220
mutt_1.10.1-2.1+deb10u5.debian.tar.xz
d3b9ea4c266ba4b88fa04d644bee415b9c97d943 8361
mutt_1.10.1-2.1+deb10u5_amd64.buildinfo
Checksums-Sha256:
5f75800ea8a7d023aaa1035e2f7859db5dd6889d72c4fbda7d7c720a2c0a9ff2 2153
mutt_1.10.1-2.1+deb10u5.dsc
219b3cc66d895bf8faf4d832c1bbb7ea540b4319fbe38638972706d4241223cc 67220
mutt_1.10.1-2.1+deb10u5.debian.tar.xz
2e426c4363627ec7dc49a918182d14b8b5e2cfb0808e9d67152dc965bd72ed40 8361
mutt_1.10.1-2.1+deb10u5_amd64.buildinfo
Files:
d958e195ad038228fd5ae8e75f8c11a8 2153 mail optional mutt_1.10.1-2.1+deb10u5.dsc
201bff0abd41ea88e295d0c469b6bffb 67220 mail optional
mutt_1.10.1-2.1+deb10u5.debian.tar.xz
1932fad94401a0d95f6f4d606e0130cf 8361 mail optional
mutt_1.10.1-2.1+deb10u5_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCAAxFiEEQObYrBkA1SRrfOa1NcjIiHLLHu0FAmAPHmATHGFudG9uaW9A
ZGViaWFuLm9yZwAKCRA1yMiIcsse7fKwD/dsvpayLw2vZ6gN+ADvxFTIO6WuRc1P
8WuUUONoBbtyHzTVxqNcd22dvbu77FW7BVPqye2zxDTKPfrBS+dr/2C1Tin+s1AN
IO6EXaWtbOrziuLU2cjB24rkG6//Ad9aiqZitVxkZS592OOuKNq9+YMfHfnXi/tA
fqrMjcDBZOeBU1L2FBatyDbVXuLtaoHeNNHskMKc+WgAd6plW63qEy8vWcBXpYci
TBsCarj7qHxINds2emFt7ME8zKplp7OzimwyU1Fi6ZLMCnumsXdcBedEZ9oE9OwB
TZFEFeU0ssJacfeqaMgVJtE4G8XryNlU+VDTKZwAuGluQMLwDAzbEfVTH3SMRwPA
gYhVV5ZdSkfRGczAvtftlkDzgf+1vz7SsqVMdn2EaEIQKgwmfa+gAT7wOaCj6zwH
T3XaMYeTWvyAUGWlHP4sc9Mo3XzfNweGEJvRj8rCaf8j8FPEtH8fXfB+nr4op9Br
KT//P6FLoEsn+XQAGWFXIxyelxJ+9J7CYu70vn01zeEe2eMHh/vV+Neaj0PaFx0R
YAMwMOGlmbpg6KxY5x/MzJrM9pylX5W42QEB3z6sAjizEhs1DHpTPmr5kA6DEvRx
K1UmRmCcZIkOWSgO6hJydqewYtZeZ8UaVk7e6C5sA0E4aUcOqJwXPUMq9Bc9lkUC
Qrrg0Rev00/i
=2GYv
-----END PGP SIGNATURE-----
--- End Message ---
