search

AOSC-Dev / aosc-os-abbs

ABBS/ACBS tree for AOSC OS package metadata, build configuration, scripts, and patches
https://packages.aosc.io
GNU General Public License v2.0
102 stars 80 forks source link

neomutt: security update to 20180716 #1286

Closed l2dy closed 6 years ago

l2dy commented 6 years ago

https://github.com/neomutt/neomutt/releases/tag/neomutt-20180716

MingcongBai commented 6 years ago

Fixed with https://github.com/AOSC-Dev/aosc-os-abbs/commit/e44544a0414412804fe5b59c05c2c53270db1d5f. Closing.

l2dy commented 6 years ago

Use AOSA-2018-0317.

l2dy commented 6 years ago 
CVE-2018-14349 - NO Response Heap Overflow
CVE-2018-14350 - INTERNALDATE Stack Overflow
CVE-2018-14351 - STATUS Literal Length relative write
CVE-2018-14352 - imap_quote_string off-by-one stack overflow
CVE-2018-14353 - imap_quote_string int underflow
CVE-2018-14354 - imap_subscribe Remote Code Execution
CVE-2018-14355 - STATUS mailbox header cache directory traversal
CVE-2018-14356 - POP empty UID NULL deref
CVE-2018-14357 - LSUB Remote Code Execution
CVE-2018-14358 - RFC822.SIZE Stack Overflow
CVE-2018-14359 - base64 decode Stack Overflow
CVE-2018-14360 - NNTP Group Stack Overflow
CVE-2018-14361 - NNTP Write 1 where via GROUP response
CVE-2018-14362 - POP Message Cache Directory Traversal
CVE-2018-14363 - NNTP Header Cache Directory Traversal