From tsl@trustix.com Mon Jan 7 21:18:18 2002 From: Trustix Secure Linux Advisor To: tsl-announce@trustix.org Cc: bugtraq@securityfocus.com, linsec@lists.seifried.org Date: Mon, 7 Jan 2002 14:10:36 +0100 Subject: TSLSA-2002-0003 - mutt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Trustix Secure Linux Security Advisory #2002-0003 Package name: mutt Summary: Remote exploit Date: 2002-01-04 Affected versions: TSL 1.2, 1.5 - -------------------------------------------------------------------------- Problem description: Mutt in version 1.2.5i has a buffer overflow which can be remotely exploited. Action: We recommend that all systems with this package installed are upgraded. Location: All TSL updates are available from Automatic updates: Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'. Get SWUP from: Questions? Check out our mailing lists: Verification: This advisory along with all TSL packages are signed with the TSL sign key. This key is available from: The advisory itself is available from the errata pages at and or directly at MD5sums of the packages: - -------------------------------------------------------------------------- 90970d1142b4bedce05bcdc7343d9ab3 ./1.5/SRPMS/mutt-1.2.5i.1-1tr.src.rpm a0181fdebd24a64cec3ab62949a8cdc4 ./1.5/RPMS/mutt-1.2.5i.1-1tr.i586.rpm 90970d1142b4bedce05bcdc7343d9ab3 ./1.2/SRPMS/mutt-1.2.5i.1-1tr.src.rpm 6f9f499831254a56058c3957e94ca82c ./1.2/RPMS/mutt-1.2.5i.1-1tr.i586.rpm - -------------------------------------------------------------------------- Trustix Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8OYnPwRTcg4BxxS0RAryDAJ9gam6A++wn36jgC7qdO1bBJA0xFwCfZr0O /dQFuJXST2gbFe2Trlle/u0= =zAMp -----END PGP SIGNATURE-----