[Git][security-tracker-team/security-tracker][master] Update mutt CVEs for neomutt patchset

Salvatore Bonaccorso carnil at debian.org
Thu Jul 19 05:59:41 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fca4b2b0 by Salvatore Bonaccorso at 2018-07-19T06:59:32+02:00
Update mutt CVEs for neomutt patchset

Versions prior to 1.9.1-1 did contain either a neomutt patchset or were
then latere on based itself on neomutt source making src:mutt in Debian
as well affected by the issues.

Note that for CVE-2018-14363 the bcache support is added as well in
previous patchsets.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -77,7 +77,10 @@ CVE-2018-14364 (GitLab Community and Enterprise Edition before 10.7.7, 10.8.x be
 	NOTE: https://about.gitlab.com/2018/07/17/critical-security-release-gitlab-11-dot-0-dot-4-released/
 CVE-2018-14363 (An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not ...)
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
+	- mutt 1.9.1-1
 	NOTE: https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e
+	NOTE: src:mutt 1.9.1-1 switches to official mutt.org source code without neomutt patchset
+	NOTE: previous versions ship a neomutt patchset.
 CVE-2018-14362 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)
@@ -85,10 +88,16 @@ CVE-2018-14362 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before
 	NOTE: https://gitlab.com/muttmua/mutt/commit/6aed28b40a0410ec47d40c8c7296d8d10bae7576
 CVE-2018-14361 (An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds ...)
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
+	- mutt 1.9.1-1
 	NOTE: https://github.com/neomutt/neomutt/commit/9e927affe3a021175f354af5fa01d22657c20585
+	NOTE: src:mutt 1.9.1-1 switches to official mutt.org source code without neomutt patchset
+	NOTE: previous versions ship a neomutt patchset.
 CVE-2018-14360 (An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in ...)
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
+	- mutt 1.9.1-1
 	NOTE: https://github.com/neomutt/neomutt/commit/6296f7153f0c9d5e5cd3aaf08f9731e56621bdd3
+	NOTE: src:mutt 1.9.1-1 switches to official mutt.org source code without neomutt patchset
+	NOTE: previous versions ship a neomutt patchset.
 CVE-2018-14359 (An issue was discovered in Mutt before 1.10.1 and NeoMutt before ...)
 	- neomutt 20180716+dfsg.1-1 (bug #904021)
 	- mutt 1.10.1-1 (bug #904051)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fca4b2b08ef27a136bcc61a8cb07b626df879f01

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fca4b2b08ef27a136bcc61a8cb07b626df879f01
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180719/2747f20a/attachment.html>

More information about the debian-security-tracker-commits mailing list