ENOSIG Discussie (threads)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[usenet2001-12@xxxxxxxxxxxx: (fwd) SECURITY: mutt-1.2.5.1 and mutt-1.3.25 have been released.]

Subject: [usenet2001-12@xxxxxxxxxxxx: (fwd) SECURITY: mutt-1.2.5.1 and mutt-1.3.25 have been released.]
From: Joost van Baal <joostvb@xxxxxxx>
Date: Wed, 2 Jan 2002 12:59:42 +0100

Hoi,

Een security hole in mutt.  Een i386 debian package staat o.a. op
http://gelfand.mdcc.cx/~joostvb/mutt/ .

Groeten,

Joost


-- forwarded message --
Path: inka.de!schlund.de!newsfeed01.sul.t-online.de!t-online.de!fu-berlin.de!uni-berlin.de!62.144.245.95!not-for-mail
From: roessler@xxxxxxxxxxxxxxxxxx (Thomas Roessler)
Newsgroups: comp.mail.mutt,comp.security.unix
Subject: SECURITY: mutt-1.2.5.1 and mutt-1.3.25 have been released.
Followup-To: comp.mail.mutt
Date: 1 Jan 2002 20:44:11 GMT
Organization: Biting the Carpet. (TM)
Lines: 41
Message-ID: <slrna347s6.kco.roessler@xxxxxxxxxxxxxxxxxxxxxxxxxx>
NNTP-Posting-Host: 62.144.245.95
X-Trace: fu-berlin.de 1009917851 22962742 62.144.245.95 (16 [29067])
X-Orig-Path: roessler
User-Agent: slrn/0.9.6.2 (Linux)
Xref: inka.de comp.mail.mutt:12246 comp.security.unix:65270

-----BEGIN PGP SIGNED MESSAGE-----

mutt-1.2.5.1 and mutt-1.3.25 have just been simultaneously released.

These releases both fix a security hole which can be remotely
exploited. The problem was found and a fix suggested by Joost Pol
<joost@xxxxxxxxxxx>.  Thanks for that.

mutt-1.2.5.1 is released as an update to the last stable version of
mutt, mutt-1.2.5.  The ONLY relevant change in this version is the
fix mentioned above.  No other bugs present in 1.2.5 have been
fixed.  You only want to upgrade to this version of mutt if you
absolutely have to stick with the mutt-1.2 series.

mutt-1.3.25 is the latest BETA version of mutt, and very close to
what will eventually become mutt-1.4.  Personally, I'd recommend
that you download and use this version.


The tar balls, with detached PGP signatures, will be available from
<ftp://ftp.mutt.org/pub/mutt/> within some minutes.

As an alternative, you can apply the patch available from
<ftp://ftp.mutt.org/pub/mutt/patch-1.2,3.rfc822_terminate.1> to any
1.2 or 1.3 series mutt source code, and rebuild.


I apologize for the problem, and wish all of you a happy new year.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3in
Charset: latin1

iQEVAwUBPDIfN9ImKUTOasbBAQFWSgf7BL8IiNH025JyySKc51A7ff8vCWMcfiHO
x6An+hkx5WY96uFRBzZZt9z0uiMPjcRA0pkk2O6fg6nBXOkHRQT1pMjsmJEQTz3l
JvcAWymAYrkGDAVCdvtETkTp7v9DgGeWjlHWs3xEK7AaTxVU8cGVlQsC9quU5A+V
zZCDdVqiJocR0dbAyFm7DrTf0l3mJpX3wgHiKlyD9Q+3ijZvsKE58tU5OdaPDYju
Xd92RLE1stfShpwc1yPI5aJ4IC05Hppk/uKVn9PIM0K6JTggWLWmWtWc+CAiZnqH
ppk0X24LWFzxxEK1n7BCQfY4G4x5sqjZlEM+AD3siu9ZGbiER+3GQQ==
=9S8s
-----END PGP SIGNATURE-----
-- end of forwarded message --

<<inline: application/pgp-signature>>

Prev by Date: ccc
Next by Date: kroeg
Previous by thread: ccc
Next by thread: kroeg

[ Date Index] [ Thread Index]