A denial of service issue due to memory leak has been fixed upstream in mutt:
The commit that fixed the issue is linked from the message above.
Mageia 7 may also be affected (and maybe neomutt?).
fixed on mga8.
Valid on mga7
Nicolas, did you check neomutt? (also, the package is unmaintained for mga7)
As for mutt:
CVE-2021-3181 has been assigned for this:
mutt new denial of service security issue =>
mutt new denial of service security issue (CVE-2021-3181)
Debian-LTS has issued an advisory for this today (January 21):
Ubuntu has issued an advisory for this today (January 25):
mutt patched, need to check if neomutt is affectedSeverity:
MGA7 64 Plasma + Postfix mail server to serve root mail.
No installation issues with QA Repo
Look previous BR, and see the advice from Mike in bug 25909 and run
# mutt -f /var/spool/mail/root
13 kept, 0 deleted.
See all MSEC reports.
Looks OK for me.
Advisory pushed to SVN.
Not sure: Neomutt is not patched? (not in updates_testing).
mutt patched, need to check if neomutt is affected =>
An update for this issue has been pushed to the Mageia Updates repository.