We have received a report from Paul Boehm stating that Mutt has an
overflowable buffer in parse.c. When sending malicious mail you can
execute arbitary code on the mutt running user's system. We recommend
you upgrade your Mutt package immediately.
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.0 alias hamm
-------------------------------
This version of Debian were released only for the Intel and the
Motorola 68xxx architecture.
Intel architecture:
ftp://ftp.debian.org/debian/dists/stable-updates/mutt_0.91.2-2_i386.deb
MD5 checksum: cdebc73fe5be56a9c030d80c147e4e4d
Motorola 68xxx architecture:
ftp://ftp.debian.org/debian/dists/stable-updates/mutt_0.91.2-2_m68k.deb
MD5 checksum: 1428f3ca62c5ae69b1dc10182ea24e65
These files will be moved into
ftp://ftp.debian.org/debian/dists/hamm/binary-$arch/ soon.
For other architectures please refer to the appropriate directory
ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
--
Debian GNU/Linux . Security Managers . security@debian.org
debian-security-announce@lists.debian.org
Christian Hudon <chrish@debian.org> . Martin Schulze <joey@debian.org>
Attachment:
pgpXQ1izZmJHj.pgp
Description: PGP signature