[Frugalware-darcs] homepage-ng: FSA206-mutt-devel
voroskoi
voroskoi at frugalware.org
Fri Jun 8 10:00:07 CEST 2007
Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=homepage-ng;a=darcs_commitdiff;h=20070608075213-dd049-aea9f6fb4cc18554b04109076c04dfd6160eaa02.gz;
[FSA206-mutt-devel
voroskoi <voroskoi at frugalware.org>**20070608075213] {
hunk ./frugalware/xml/security.xml 29
+ <fsa>
+ <id>206</id>
+ <date>2007-06-08</date>
+ <author>voroskoi</author>
+ <package>mutt-devel</package>
+ <vulnerable>1.5.14-1</vulnerable>
+ <unaffected>1.5.14-2terminus1</unaffected>
+ <bts>http://bugs.frugalware.org/task/2139</bts>
+ <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683</cve>
+ <desc>A vulnerability has been reported in mutt, which potentially can be exploited by malicious, local users to gain escalated privileges. Successful exploitation may allow execution of arbitrary code with another user's privileges, but requires that the malicious user has a specially crafted realname and exists in the target user's alias file.
+ Also fixes http://dev.mutt.org/trac/ticket/2846</desc>
+ </fsa>
}
More information about the Frugalware-darcs
mailing list