838379 – (CVE-2022-1328) <mail-client/mutt-2.2.3: buffer overread in uuencode decoding

Bug 838379 (CVE-2022-1328) - <mail-client/mutt-2.2.3: buffer overread in uuencode decoding

Summary: <mail-client/mutt-2.2.3: buffer overread in uuencode decoding

Status:	RESOLVED FIXED

Alias:	CVE-2022-1328

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:	http://lists.mutt.org/pipermail/mutt-...
Whiteboard:	B4 [noglsa]
Keywords:

Depends on:	839393
Blocks:	838499
	Show dependency tree

Reported:	2022-04-14 23:53 UTC by John Helmert III
Modified:	2022-04-28 15:40 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2022-04-14 23:53:34 UTC

From URL:

"This is a bug-fix release, addressing CVE-2022-1328: a buffer overread in the
uuencoded decoder routine.  For more details please see GitLab ticket 404:
<https://gitlab.com/muttmua/mutt/-/issues/404>.  The commit fixing this issue
is at <https://gitlab.com/muttmua/mutt/-/commit/e5ed080c00e59701ca62ef9b2a6d2612ebf765a5>

Also fixed were a possible integer overflow issue in the general iconv and
rfc2047-conversion iconv functions.  These are not believed to be exploitable.

A huge thank you to Tavis Ormandy for reporting these issues, suggesting a
patch for the iconv issue, helping test, and providing constructive feedback.
Hurray for the white-hats!"

Please bump to 2.2.3.

Comment 1 Larry the Git Cow gentoo-dev

2022-04-15 06:59:29 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0bd35626dad2379fc630655757fe83a65261d1f5

commit 0bd35626dad2379fc630655757fe83a65261d1f5
Author:     Fabian Groffen <grobian@gentoo.org>
AuthorDate: 2022-04-15 06:58:26 +0000
Commit:     Fabian Groffen <grobian@gentoo.org>
CommitDate: 2022-04-15 06:59:27 +0000

    mail-client/mutt-2.2.3: security version bump
    
    Bug: https://bugs.gentoo.org/838379
    Signed-off-by: Fabian Groffen <grobian@gentoo.org>

 mail-client/mutt/Manifest                                 | 4 ++--
 mail-client/mutt/{mutt-2.2.1.ebuild => mutt-2.2.3.ebuild} | 0
 2 files changed, 2 insertions(+), 2 deletions(-)

Comment 2 Sam James archtester

2022-04-15 07:08:54 UTC

Thanks! Please stable when ready.

Comment 3 Larry the Git Cow gentoo-dev

2022-04-27 15:49:47 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7222a2e6cc034c69ed7ebf194d5918d71cbb9c5a

commit 7222a2e6cc034c69ed7ebf194d5918d71cbb9c5a
Author:     Fabian Groffen <grobian@gentoo.org>
AuthorDate: 2022-04-27 15:48:08 +0000
Commit:     Fabian Groffen <grobian@gentoo.org>
CommitDate: 2022-04-27 15:49:44 +0000

    mail-client/mutt: cleanup vulnerable versions
    
    Bug: https://bugs.gentoo.org/838379
    Signed-off-by: Fabian Groffen <grobian@gentoo.org>

 mail-client/mutt/Manifest          |   4 -
 mail-client/mutt/mutt-2.0.7.ebuild | 261 ------------------------------------
 mail-client/mutt/mutt-2.2.2.ebuild | 268 -------------------------------------
 3 files changed, 533 deletions(-)

Comment 4 John Helmert III archtester

2022-04-28 15:40:31 UTC

Thanks! Just an overread, so no GLSA. All done!