Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:7640: Red Hat Security Advisory: mutt security update

An update for mutt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-1328: mutt: buffer overflow in uudecoder function
Red Hat Security Data
Open in Source
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#buffer_overflow#ibm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-11-08

Updated:

2022-11-08

RHSA-2022:7640 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: mutt security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for mutt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP.

Security Fix(es):

  • mutt: buffer overflow in uudecoder function (CVE-2022-1328)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

  • BZ - 2076058 - CVE-2022-1328 mutt: buffer overflow in uudecoder function

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index

Red Hat Enterprise Linux for x86_64 8

SRPM

mutt-2.0.7-2.el8.src.rpm

SHA-256: b682e417484b6c9f41118e88e6ce7a97fc254116f1a1a2e8f836d16ac416c9da

x86_64

mutt-2.0.7-2.el8.x86_64.rpm

SHA-256: 1298d347c44ddad5f54d7d696ea5cf1b0639297e54f13431a508b0c5d98dd46b

mutt-debuginfo-2.0.7-2.el8.x86_64.rpm

SHA-256: bbe06a06d75d9d387c7bd5513392032ef45c66fecef39431646c81782b7f0965

mutt-debugsource-2.0.7-2.el8.x86_64.rpm

SHA-256: 061148c0485f7642bc2a720ca9cb65cf53f206a9650beae4d4c77ac8c8723749

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

mutt-2.0.7-2.el8.src.rpm

SHA-256: b682e417484b6c9f41118e88e6ce7a97fc254116f1a1a2e8f836d16ac416c9da

s390x

mutt-2.0.7-2.el8.s390x.rpm

SHA-256: 39edbe30e2ed5b2be1f6f3d786d3fd8325878696e5b21b5874840551bc26cda5

mutt-debuginfo-2.0.7-2.el8.s390x.rpm

SHA-256: 522cc5b169a3c72a9d95306da0a18a06a4601f816d52c1ea68e3d510dbe95d1e

mutt-debugsource-2.0.7-2.el8.s390x.rpm

SHA-256: b30fa7f68b969c3858f0b7a69e2707b3db8eefdaaa70aaf06c0686bd90f247f1

Red Hat Enterprise Linux for Power, little endian 8

SRPM

mutt-2.0.7-2.el8.src.rpm

SHA-256: b682e417484b6c9f41118e88e6ce7a97fc254116f1a1a2e8f836d16ac416c9da

ppc64le

mutt-2.0.7-2.el8.ppc64le.rpm

SHA-256: 2b40be9cc989fffbca61f88d8166b2923506345b204cd1304afcdc4bc2101d65

mutt-debuginfo-2.0.7-2.el8.ppc64le.rpm

SHA-256: 81b0e509ed677fcf1786a8ee6fb2558af70f02aeff97b79e0de83a49c70199f5

mutt-debugsource-2.0.7-2.el8.ppc64le.rpm

SHA-256: 75e69920804bbb2538ac1c171770ae0cb9bb41271c2ef24a4bd6b4d669d2cd1f

Red Hat Enterprise Linux for ARM 64 8

SRPM

mutt-2.0.7-2.el8.src.rpm

SHA-256: b682e417484b6c9f41118e88e6ce7a97fc254116f1a1a2e8f836d16ac416c9da

aarch64

mutt-2.0.7-2.el8.aarch64.rpm

SHA-256: 37539fabd741fd63453a7b695e59318ef1f7c4a5bfbf3d4aab0c66eae51b5a47

mutt-debuginfo-2.0.7-2.el8.aarch64.rpm

SHA-256: 2304c382744d402493236dbcfc508be924184fa4c1000c7d976949faa43bcedd

mutt-debugsource-2.0.7-2.el8.aarch64.rpm

SHA-256: 05e08f0fd06eca54e4986234050a36abebcbdd01789f75940d7c88407da25d02

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

RHSA-2022:8219: Red Hat Security Advisory: mutt security update

An update for mutt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1328: mutt: buffer overflow in uudecoder function

Mutt mutt_decode_uuencoded() Memory Disclosure

In mutt_decode_uuencoded(), the line length is read from the untrusted uuencoded part without validation. This could result in including private memory in replys, for example fragments of other messages, passphrases or keys.

CVE-2022-1328: Fix uudecode buffer overflow. (e5ed080c) · Commits · Mutt Project / mutt · GitLab

Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data