Un buffer overflow a été trouvé dans toutes les versions de mutt, à l'exception de la version 1.3.28. On ne sait pas encore s'il est exploitable, mais on vous conseille d'upgrader de manière préventive.
<pre>
From: Thomas Roessler <roessler (ate) does-not-exist (dot) org>
To: BUGTRAQ@securityfocus.com
Date: Wed, 11 Feb 2004 15:21:14 +0100
User-Agent: Mutt/1.5.6i
Subject: Mutt-1.4.2 fixes buffer overflow.
Mutt-1.4.2 has just been released; this version fixes a buffer
overflow that can be triggered by incoming messages. There are
reports about spam that has actually triggered this problem and
crashed mutt.
It is recommended that users of mutt versions prior to 1.4.2 upgrade
to this version, or apply the patch included below.
Users of "unstable" mutt versions after 1.3.28 (including 1.5.*) do
not need to upgrade, as this problem had been fixed in the unstable
branch in February 2002; unfortunately, the fix was not backported
before 1.4 was released.
</pre>
<troll>Pour vous consolez un peu, regarder un peu l'importance de celui qui a été trouvé hier dans windows. Ah, vous utilisez mutt sous windows ? Désolé ! (mais oubliez pas de le patcher) </troll>
|