Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:8219: Red Hat Security Advisory: mutt security update

An update for mutt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-1328: mutt: buffer overflow in uudecoder function
Red Hat Security Data
Open in Source
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#buffer_overflow#ibm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-11-15

Updated:

2022-11-15

RHSA-2022:8219 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: mutt security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for mutt is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP.

Security Fix(es):

  • mutt: buffer overflow in uudecoder function (CVE-2022-1328)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64

Fixes

  • BZ - 2076058 - CVE-2022-1328 mutt: buffer overflow in uudecoder function

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

Red Hat Enterprise Linux for x86_64 9

SRPM

mutt-2.2.6-1.el9.src.rpm

SHA-256: 598ca12b1f549d7f77a4126c645e1d07ec395cfa34f9ac41a9a50089df8dd134

x86_64

mutt-2.2.6-1.el9.x86_64.rpm

SHA-256: 28c62bdd77c0a34cb6a93de76c7c3be4893ec2d991575b73e880d7c7d8e4ef9f

mutt-debuginfo-2.2.6-1.el9.x86_64.rpm

SHA-256: f009287f8214b7ed730a18fc41283017cb0af4720c3e78482d46b584bc80962e

mutt-debugsource-2.2.6-1.el9.x86_64.rpm

SHA-256: ad0f05c14628e712fd95d2a46cec2ff243e2a2dcb00e4a8cb834a91635dc4bf7

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

mutt-2.2.6-1.el9.src.rpm

SHA-256: 598ca12b1f549d7f77a4126c645e1d07ec395cfa34f9ac41a9a50089df8dd134

s390x

mutt-2.2.6-1.el9.s390x.rpm

SHA-256: 0b38c18e9fd9060d4db655e429a3ef3266ade473634b886f557ab590132f4025

mutt-debuginfo-2.2.6-1.el9.s390x.rpm

SHA-256: 51fcbb7447420b12a5299a624a7bc2c26b0b981d36566cbd3933cf36eebc4477

mutt-debugsource-2.2.6-1.el9.s390x.rpm

SHA-256: 4a4cc83cf89390d2d34a87ac55b953174db4c5267a0616eee95d1acd453f063e

Red Hat Enterprise Linux for Power, little endian 9

SRPM

mutt-2.2.6-1.el9.src.rpm

SHA-256: 598ca12b1f549d7f77a4126c645e1d07ec395cfa34f9ac41a9a50089df8dd134

ppc64le

mutt-2.2.6-1.el9.ppc64le.rpm

SHA-256: 88df4896b4bb083617c6d618e77f1d052ba7452b6628dca3fa1628c64eaf398f

mutt-debuginfo-2.2.6-1.el9.ppc64le.rpm

SHA-256: 2b3469a9a89ab9df5462f7059cfca054d6e2705b393ba62134efe0716ce30b96

mutt-debugsource-2.2.6-1.el9.ppc64le.rpm

SHA-256: d98f97479c8cb0afcfedaa0db76ae8d2dfc2ab46b72ec37723f45b32296deaac

Red Hat Enterprise Linux for ARM 64 9

SRPM

mutt-2.2.6-1.el9.src.rpm

SHA-256: 598ca12b1f549d7f77a4126c645e1d07ec395cfa34f9ac41a9a50089df8dd134

aarch64

mutt-2.2.6-1.el9.aarch64.rpm

SHA-256: 47dc18cb200b1f073fbc3f1d5a60cc7a8584486fc8b32dbb39abd25514c69904

mutt-debuginfo-2.2.6-1.el9.aarch64.rpm

SHA-256: d86d55391c06bd648c40a9f956fd18ad405b894a6c4cd57ba3dcbeba8a1a795b

mutt-debugsource-2.2.6-1.el9.aarch64.rpm

SHA-256: a2ef1ae9c7a2c50c1596586a3f047e2ff411f53fe3e39c8b775b807943522254

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

RHSA-2022:7640: Red Hat Security Advisory: mutt security update

An update for mutt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1328: mutt: buffer overflow in uudecoder function

Mutt mutt_decode_uuencoded() Memory Disclosure

In mutt_decode_uuencoded(), the line length is read from the untrusted uuencoded part without validation. This could result in including private memory in replys, for example fragments of other messages, passphrases or keys.

CVE-2022-1328: Fix uudecode buffer overflow. (e5ed080c) · Commits · Mutt Project / mutt · GitLab

Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data