Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 103050

Summary: mail-client/mutt: buffer overflow vulnerability
Product: Gentoo Security Reporter: Sebastian <sebastian_ml>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: critical CC: devnull, net-mail+disabled
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-08/0594.html
Whiteboard: B1 [ebuild] DerCorny
Package list:
Runtime testing required: ---

Description Sebastian 2005-08-19 04:48:04 UTC
Hi all,

I just saw this and thought I'd post it. I don't know if this is really a mutt
bug, but I use mutt and better safe then sorry.

Security Advisory:

http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-08/0600.html

Thanks for looking at it

Sebastian

Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Comment 1 Sebastian 2005-08-19 04:49:21 UTC
Ah, the initial advisory is here:

http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-08/0594.html
Comment 2 Stefan Cornelius (RETIRED) gentoo-dev 2005-08-19 04:54:15 UTC
net-mail please provide updated ebuilds, thanks.
Comment 3 Tavis Ormandy (RETIRED) gentoo-dev 2005-08-19 04:54:59 UTC
I believe this was later discovered to only affect openbsd
Comment 4 Stefan Cornelius (RETIRED) gentoo-dev 2005-08-19 05:01:29 UTC
Sorry, I was a bit trigger happy. This bug seems to affect only some openbsd
systems so we are safe.
Comment 5 Tavis Ormandy (RETIRED) gentoo-dev 2005-08-19 23:11:30 UTC
*** Bug 103089 has been marked as a duplicate of this bug. ***