Slackware alert: mutt remote exploit patched

Posted by dave on Jan 7, 2002 1:20 PM EDT
Mailing list		Mail this story
Print this story

An exploitable overflow has been found in the address handling code of the mutt mail client version 1.2.5i supplied with Slackware 8.0. A new mutt-1.2.5.1 has been released which addresses this problem, and packages are now available for Slackware 8.0 and -current. 



An exploitable overflow has been found in the address handling code of the
mutt mail client version 1.2.5i supplied with Slackware 8.0.  A new
mutt-1.2.5.1 has been released which addresses this problem, and packages
are now available for Slackware 8.0 and -current.

We urge all Slackware users to upgrade to this new version of mutt as soon
as possible.


WHERE TO FIND THE NEW PACKAGES:
-------------------------------
Updated mutt package for Slackware 8.0:
ftp://ftp.slackware.com/pub/slackware/slackware-8.0/patches/packages/mutt.tgz

Updated mutt package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/mutt-1.2.5.1/packages/mutt-1.2.5.1-i386-1.tgz


MD5 SIGNATURES:
---------------

Here are the md5sums for the packages:

Slackware 8.0:
3172435c584b0cb22ede37b7fafc25c6  mutt.tgz

Slackware -current:
3172435c584b0cb22ede37b7fafc25c6  mutt-1.2.5.1-i386-1.tgz


INSTALLATION INSTRUCTIONS:
--------------------------

Simply upgrade (or install) as root:

   # upgradepkg mutt.tgz

or
  
   # installpkg mutt.tgz


Remember, it's also a good idea to backup configuration files before
upgrading packages.

- Slackware Linux Security Team
  http://www.slackware.com


+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST:                         |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back.  Follow the instructions to  |
| complete the unsubscription.  Do not reply to this message to          |
| unsubscribe!                                                           |
+------------------------------------------------------------------------+

  Nav
» Read more about: Story Type: Security; Groups: Slackware

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.