tags 929017 + pending patch
thanks
I've uploaded mutt 1.10.1-2.1 to DELAYED/5:
mutt (1.10.1-2.1) unstable; urgency=medium
* Non-maintainer upload.
* Apply patch from upstream to prevent undefined behaviour when
parsing invalid Content-Disposition mail headers. The atoi()
Package: mutt
Version: 1.10.1-2
Severity: serious
Tags: security upstream fixed-upstream
The rfc2231.c file contains:
index = atoi (s);
where the string s is part of a RFC 2231 parameter in a header. For
instance, if in a message (invalid, but which can occur due to spam,
attack, etc.),
2 matches
Mail list logo
