| Message ID | 20220415211113.3191255-1-peter@korsgaard.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | package/mutt: security bump to version 2.2.3 | expand |
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes: > Fixes the following security issues: > CVE-2022-1328: mutt_decode_uuencoded() can read past the of the input line > Buffer Overflow in uudecoder in Mutt affecting all versions starting from > 0.94.13 before 2.2.3 allows read past end of input line > For details, see the release notes: > https://marc.info/?l=mutt-users&m=164979464612885&w=2 > Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Committed, thanks.
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes: > Fixes the following security issues: > CVE-2022-1328: mutt_decode_uuencoded() can read past the of the input line > Buffer Overflow in uudecoder in Mutt affecting all versions starting from > 0.94.13 before 2.2.3 allows read past end of input line > For details, see the release notes: > https://marc.info/?l=mutt-users&m=164979464612885&w=2 > Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Committed to 2022.02.x, thanks.
diff --git a/package/mutt/mutt.hash b/package/mutt/mutt.hash index bbc9d459b0..952e0b7bc0 100644 --- a/package/mutt/mutt.hash +++ b/package/mutt/mutt.hash @@ -1,3 +1,3 @@ # Locally calculated -sha256 e84597f06d03ca82f8ca3b5ec8bc294c150709b43ed2a0177bf479c3e3345314 mutt-2.2.0.tar.gz +sha256 978addcdab454f447ed7d1de84b5767e714c30714285bf82e4a1745071d18d89 mutt-2.2.3.tar.gz sha256 732f24b69a6c71cd8e01e4672bb8e12cc1cbb88a50a4665e6ca4fd95000a57ee GPL diff --git a/package/mutt/mutt.mk b/package/mutt/mutt.mk index 51178ef03d..45ae36530a 100644 --- a/package/mutt/mutt.mk +++ b/package/mutt/mutt.mk @@ -4,7 +4,7 @@ # ################################################################################ -MUTT_VERSION = 2.2.0 +MUTT_VERSION = 2.2.3 MUTT_SITE = https://bitbucket.org/mutt/mutt/downloads MUTT_LICENSE = GPL-2.0+ MUTT_LICENSE_FILES = GPL
Fixes the following security issues: CVE-2022-1328: mutt_decode_uuencoded() can read past the of the input line Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line For details, see the release notes: https://marc.info/?l=mutt-users&m=164979464612885&w=2 Signed-off-by: Peter Korsgaard <peter@korsgaard.com> --- package/mutt/mutt.hash | 2 +- package/mutt/mutt.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)