Debian has issued an advisory today (March 12): https://lists.debian.org/debian-security-announce/2014/msg00045.html The Debian bug is here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708731 Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA4TOO, MGA3TOO
Here's the actual DSA link: http://www.debian.org/security/2014/dsa-2874
fixed with mutt-1.5.21-13.mga5, mutt-1.5.21-12.1.mga4, mutt-1.5.21-10.1.mga3.
CC: (none) => oe
Thanks Oden! Advisory: ======================== Updated mutt packages fix security vulnerabilities: A heap-based buffer overflow flaw was found in the way mutt processed certain email headers. A remote attacker could use this flaw to send an email with specially crafted headers that, when processed, could cause mutt to crash or, potentially, execute arbitrary code with the permissions of the user running mutt (CVE-2014-0467). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467 https://rhn.redhat.com/errata/RHSA-2014-0304.html ======================== Updated packages in core/updates_testing: ======================== mutt-1.5.21-10.1.mga3 mutt-utf8-1.5.21-10.1.mga3 mutt-doc-1.5.21-10.1.mga3 mutt-1.5.21-12.1.mga4 mutt-utf8-1.5.21-12.1.mga4 mutt-doc-1.5.21-12.1.mga4 from SRPMS: mutt-1.5.21-10.1.mga3.src.rpm mutt-1.5.21-12.1.mga4.src.rpm
CC: (none) => jquelinVersion: Cauldron => 4Assignee: jquelin => qa-bugsWhiteboard: MGA4TOO, MGA3TOO => MGA3TOOSeverity: normal => critical
Tested MGA4 on real 64-bit hardware. OK. To get the orginal fault to happen, *this* link is the one: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708731 msgs 17 & 22. The catch, once you get the unzipped given test msgbox file: https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5;filename=mutt_killing_message_from_DebianBTS.gz;att=1;bug=708731 displayed with mutt -f [path-to]mutt_killing_message_from_DebianBTS use 'h'. As released, this crashed Mutt (in my case once a segfault, subsequently a malloc() error which seized up the console). Updated to testing version 12.1, and using 'h' on the test msgbox file gave no error. OK.
CC: (none) => lewyssmithWhiteboard: MGA3TOO => MGA3TOO MGA4-64-OK
CC: (none) => davidwhodginsWhiteboard: MGA3TOO MGA4-64-OK => MGA3TOO MGA4-64-OK advisory
Testing complete mga3 32 & 64 vbox Following Lewis procedure and pressing h causes a segfault. Fixed by the update.
Whiteboard: MGA3TOO MGA4-64-OK advisory => MGA3TOO advisory MGA4-64-OK mga3-32-ok mga3-64-ok
Testing complete mga4 32 Validating. Advisory previously uploaded. Could sysadmin please push to 3 & 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: MGA3TOO advisory MGA4-64-OK mga3-32-ok mga3-64-ok => MGA3TOO advisory mga4-32-ok MGA4-64-OK mga3-32-ok mga3-64-okCC: (none) => sysadmin-bugs
http://advisories.mageia.org/MGASA-2014-0141.html
Status: NEW => RESOLVEDCC: (none) => pterjanResolution: (none) => FIXED