Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 715352 - <mail-client/mutt-1.13.5: Multiple vulnerabilities
Summary: <mail-client/mutt-1.13.5: Multiple vulnerabilities
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-03-29 20:25 UTC by Sam James
Modified: 2020-03-31 17:54 UTC (History)
1 user (show)

See Also:
Package list:
=mail-client/mutt-1.13.5
Runtime testing required: ---
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-29 20:25:20 UTC 
1) Use after free in mutt before 1.13.5

From the changelog [0]:
> Mutt 1.13.5 was released on March 28, 2020. This is a bug-fix release, fixing a use-after-free bug, and a couple format string processing bugs. 

Affects mutt <1.13.5.

Bug: https://gitlab.com/muttmua/mutt/-/issues/214
Patch: https://gitlab.com/muttmua/mutt/-/commit/0266f6e4d5f7276fd171a9f80339566588151836

[0] http://www.mutt.org/news.html

2) Memory corruption in mutt 1.13.4

There are a few others but it's not necessarily worth digging up the commits and bugs for all of them.
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-29 20:26:08 UTC 
(In reply to Sam James (sam_c) (security padawan) from comment #0)
> There are a few others but it's not necessarily worth digging up the commits
> and bugs for all of them.

@maintainer(s): could you bump to 1.13.5 and then we'll stabilise that?
Comment 2 Larry the Git Cow gentoo-dev 2020-03-30 07:17:48 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4ed08d8150e512a92931542844b963a0739cfd28

commit 4ed08d8150e512a92931542844b963a0739cfd28
Author:     Fabian Groffen <grobian@gentoo.org>
AuthorDate: 2020-03-30 07:17:20 +0000
Commit:     Fabian Groffen <grobian@gentoo.org>
CommitDate: 2020-03-30 07:17:36 +0000

    mail-client/mutt-1.13.5: version bump
    
    - new release addresses security bug
    - invalid USE-flags pgp_classic and smime_classic are removed
    
    Bug: https://bugs.gentoo.org/715352
    Bug: https://bugs.gentoo.org/695078
    Package-Manager: Portage-2.3.89, Repoman-2.3.20
    Signed-off-by: Fabian Groffen <grobian@gentoo.org>

 mail-client/mutt/Manifest           |   2 +
 mail-client/mutt/mutt-1.13.5.ebuild | 268 ++++++++++++++++++++++++++++++++++++
 2 files changed, 270 insertions(+)
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-30 11:16:14 UTC 
Great, thanks for the quick response!

@maintainer(s), please advise if ready for stabilisation, or call yourself.
Comment 4 Fabian Groffen gentoo-dev 2020-03-30 11:18:01 UTC 
given the delta from 1.13.4 is really small, I think we're ready to call 1.13.5 for stabilisation.
Comment 5 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-30 11:23:10 UTC 
(In reply to Fabian Groffen from comment #4)
> given the delta from 1.13.4 is really small, I think we're ready to call
> 1.13.5 for stabilisation.

Great, thank you.

@arches, please stabilise:
"amd64 arm hppa ia64 ppc ppc64 sparc x86"
Comment 6 Stabilization helper bot gentoo-dev 2020-03-30 12:03:47 UTC 
An automated check of this bug failed - the following atom is unknown:

mail-client/mutt

Please verify the atom list.
Comment 7 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-30 12:04:18 UTC 
Doh.
Comment 8 Stabilization helper bot gentoo-dev 2020-03-30 13:04:13 UTC 
An automated check of this bug succeeded - the previous repoman errors are now resolved.
Comment 9 Agostino Sarubbo gentoo-dev 2020-03-30 15:13:12 UTC 
amd64 stable
Comment 10 Rolf Eike Beer archtester 2020-03-30 21:36:57 UTC 
hppa/sparc stable
Comment 11 Agostino Sarubbo gentoo-dev 2020-03-31 07:19:18 UTC 
arm stable
Comment 12 Agostino Sarubbo gentoo-dev 2020-03-31 07:20:12 UTC 
ppc stable
Comment 13 Agostino Sarubbo gentoo-dev 2020-03-31 07:20:38 UTC 
ppc64 stable
Comment 14 Agostino Sarubbo gentoo-dev 2020-03-31 07:23:42 UTC 
x86 stable
Comment 15 Agostino Sarubbo gentoo-dev 2020-03-31 12:37:24 UTC 
ia64 will pass. See https://archives.gentoo.org/gentoo-dev/message/edaadc85d7423810dd6ecfeda29cc85f
Comment 16 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-31 12:44:38 UTC 
@maintainer(s), please cleanup
Comment 17 Larry the Git Cow gentoo-dev 2020-03-31 17:05:24 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5ed5ce158eb5bbdefe78f0332ab87823da905f11

commit 5ed5ce158eb5bbdefe78f0332ab87823da905f11
Author:     Fabian Groffen <grobian@gentoo.org>
AuthorDate: 2020-03-31 17:04:59 +0000
Commit:     Fabian Groffen <grobian@gentoo.org>
CommitDate: 2020-03-31 17:04:59 +0000

    mail-client/mutt: security cleanup
    
    Bug: https://bugs.gentoo.org/715352
    Closes: https://bugs.gentoo.org/695078
    Package-Manager: Portage-2.3.89, Repoman-2.3.20
    Signed-off-by: Fabian Groffen <grobian@gentoo.org>

 mail-client/mutt/Manifest              |   6 -
 mail-client/mutt/metadata.xml          |   7 -
 mail-client/mutt/mutt-1.10.1.ebuild    | 282 ---------------------------------
 mail-client/mutt/mutt-1.12.2-r2.ebuild | 272 -------------------------------
 mail-client/mutt/mutt-1.13.4-r1.ebuild | 261 ------------------------------
 5 files changed, 828 deletions(-)
Comment 18 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-31 17:06:49 UTC 
Thanks!
Comment 19 Thomas Deutschmann (RETIRED) gentoo-dev 2020-03-31 17:54:11 UTC 
GLSA Vote: No!

Repository is clean, all done!