[Git][security-tracker-team/security-tracker][master] Track fixed version for mutt issues via unstable

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9a87d4a2 by Salvatore Bonaccorso at 2026-06-07T21:16:55+02:00
Track fixed version for mutt issues via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24318,37 +24318,37 @@ CVE-2026-6948 (Velociraptor versions prior to 0.76.4 contain a resource exhausti
 CVE-2026-5335 (The Magic Export & Import WordPress plugin before 1.2.0 stores exporte ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-43864 (mutt before 2.3.2 has a show_sig_summary NULL pointer dereference.)
-	- mutt <unfixed> (bug #1135699)
+	- mutt 2.3.2-1 (bug #1135699)
 	[trixie] - mutt <no-dsa> (Minor issue)
 	[bookworm] - mutt <no-dsa> (Minor issue)
 	[bullseye] - mutt <postponed> (Minor issue, DoS)
 	NOTE: Fixed by: https://gitlab.com/muttmua/mutt/-/commit/ebfa2969042d89303d15334193fcc32866c8a8df (mutt-2-3-2-rel)
 CVE-2026-43863 (mutt before 2.3.2 has an infinite loop in data_object_to_stream in cry ...)
-	- mutt <unfixed> (bug #1135699)
+	- mutt 2.3.2-1 (bug #1135699)
 	[trixie] - mutt <no-dsa> (Minor issue)
 	[bookworm] - mutt <no-dsa> (Minor issue)
 	[bullseye] - mutt <postponed> (Minor issue, DoS)
 	NOTE: Fixed by: https://gitlab.com/muttmua/mutt/-/commit/fdc04a171777327218a1e78db504926c388b48c4 (mutt-2-3-2-rel)
 CVE-2026-43862 (In mutt before 2.3.2, the imap_auth_gss security level is mishandled.)
-	- mutt <unfixed> (bug #1135699)
+	- mutt 2.3.2-1 (bug #1135699)
 	[trixie] - mutt <no-dsa> (Minor issue)
 	[bookworm] - mutt <no-dsa> (Minor issue)
 	[bullseye] - mutt <postponed> (Minor issue)
 	NOTE: Fixed by: https://gitlab.com/muttmua/mutt/-/commit/f547a849cdacb512800a5f477c27de217e1c8151 (mutt-2-3-2-rel)
 CVE-2026-43861 (mutt before 2.3.2 does not check for '\0' in url_pct_decode.)
-	- mutt <unfixed> (bug #1135699)
+	- mutt 2.3.2-1 (bug #1135699)
 	[trixie] - mutt <no-dsa> (Minor issue)
 	[bookworm] - mutt <no-dsa> (Minor issue)
 	[bullseye] - mutt <postponed> (Minor issue, URL validation)
 	NOTE: Fixed by: https://gitlab.com/muttmua/mutt/-/commit/12f54fe3b61f761c096fe95e95d5e3072af00ed2 (mutt-2-3-2-rel)
 CVE-2026-43860 (mutt before 2.3.2 sometimes truncates the hash_passwd by one byte for  ...)
-	- mutt <unfixed> (bug #1135699)
+	- mutt 2.3.2-1 (bug #1135699)
 	[trixie] - mutt <no-dsa> (Minor issue)
 	[bookworm] - mutt <no-dsa> (Minor issue)
 	[bullseye] - mutt <postponed> (Minor issue, failed authentication in corner case, no security impact)
 	NOTE: Fixed by: https://gitlab.com/muttmua/mutt/-/commit/834c5a2ed0479e51e8662a31caed129f136f4805 (mutt-2-3-2-rel)
 CVE-2026-43859 (mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMA ...)
-	- mutt <unfixed> (bug #1135699)
+	- mutt 2.3.2-1 (bug #1135699)
 	[trixie] - mutt <no-dsa> (Minor issue)
 	[bookworm] - mutt <no-dsa> (Minor issue)
 	[bullseye] - mutt <postponed> (Minor issue, failed authentication in corner case, no security impact)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a87d4a2763b59f15a811721eac77ff980cb451b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a87d4a2763b59f15a811721eac77ff980cb451b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260607/daea45b6/attachment.htm>