Date: Thu, 27 Aug 1998 22:18:03 +0200 From: Martin Schulze <joey@kuolema.Infodrom.North.DE> To: Debian Security Announcements <debian-security-announce@lists.debian.org> Subject: [SECURITY] New versions of Mutt fixes buffer overflow --bAmEntskrkuBymla Content-Type: text/plain; charset=us-ascii We have received a report from Paul Boehm stating that Mutt has an overflowable buffer in parse.c. When sending malicious mail you can execute arbitary code on the mutt running user's system. We recommend you upgrade your Mutt package immediately. dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.0 alias hamm ------------------------------- This version of Debian were released only for the Intel and the Motorola 68xxx architecture. Intel architecture: ftp://ftp.debian.org/debian/dists/stable-updates/mutt_0.91.2-2_i386.deb MD5 checksum: cdebc73fe5be56a9c030d80c147e4e4d Motorola 68xxx architecture: ftp://ftp.debian.org/debian/dists/stable-updates/mutt_0.91.2-2_m68k.deb MD5 checksum: 1428f3ca62c5ae69b1dc10182ea24e65 These files will be moved into ftp://ftp.debian.org/debian/dists/hamm/binary-$arch/ soon. For other architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . -- Debian GNU/Linux . Security Managers . security@debian.org debian-security-announce@lists.debian.org Christian Hudon <chrish@debian.org> . Martin Schulze <joey@debian.org> --bAmEntskrkuBymla Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia iQCVAwUBNeW++xRNm5Suj3z1AQFPGQP/WgiBfBZogM7jQ82I1JaVjZY0q3W+oBfF EGlbeTzf7URepcrRuC4SE7QRbacyghksHGoO9cgNxBq9zQHr8BGyw0djKWoygWPB Az/cF0p9cz7Jlonyl5aJY2aCoRg2V9xs2Ppc3o2r4NXQMFu7eQJOO73Xqy58IGSW fyoAr5guJ8A= =WXag -----END PGP SIGNATURE----- --bAmEntskrkuBymla-- -- To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org