#2072: Mutt 1.5.12 -----------------------+---------------------------------------------------- Reporter: Ag.Hatzim | Owner: [email protected] Type: task | Status: new Priority: normal | Milestone: 6.2 Component: BOOK | Version: SVN Severity: blocker | Keywords: -----------------------+---------------------------------------------------- Version increment.
This version is a snapshot of the recent development activity and also fixes a buffer overflow that could be triggered by a malicious IMAP server. Description. Takahashi Tamotsu discovered a buffer overflow that can cause a DoS, and possibly arbitrary code execution with the privs. of the user running mutt. Note that a user must visit a malicious IMAP server in order to be affected by this. Reference. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 This affects all the versions of Mutt 1.4.2.1 (stable) and earlier. So users with the stable version they also have to upgrade to the 1.4.2.2 (current stable). A simple note to the book is sufficient. This could be placed for instance into the special note that already exists. Another thing I would like to mention. Mutt install it's documentation into ${prefix}/doc/mutt by default. Now that's not bad,since there is already a symlink /usr/doc -> /usr/share/doc/ created earlier by lfs,but just for consistency,we can tell mutt to install the docs into the /usr/share/doc by using --with- docdir=/usr/share/doc/mutt configure switch,or --with- docdir=/usr/share/doc/mutt-$version. I tagged this ticket as blocker,since I believe it should be fixed before the release. -- Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/2072> BLFS Trac <http://wiki.linuxfromscratch.org/blfs> Beyond Linux From Scratch -- http://linuxfromscratch.org/mailman/listinfo/blfs-book FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
