[Frugalware-darcs] homepage-ng: FSA200-mutt

voroskoi voroskoi at frugalware.org
Thu Jun 7 19:14:14 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=homepage-ng;a=darcs_commitdiff;h=20070607170623-dd049-f13d2fed3e5af7cb698966fbb36edc0654440ae5.gz;

[FSA200-mutt
voroskoi <voroskoi at frugalware.org>**20070607170623] {
hunk ./frugalware/xml/security.xml 29
+	<fsa>
+		<id>200</id>
+		<date>2007-06-07</date>
+		<author>voroskoi</author>
+		<package>mutt</package>
+		<vulnerable>1.4.2.2-2</vulnerable>
+		<unaffected>1.4.2.2-3terminus1</unaffected>
+		<bts>http://bugs.frugalware.org/task/2120</bts>
+		<cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2007-2683</cve>
+		<desc>A vulnerability has been reported in mutt, which potentially can b=
e exploited by malicious, local users to gain escalated privileges. Success=
ful exploitation may allow execution of arbitrary code with another user's =
privileges, but requires that the malicious user has a specially crafted re=
alname and exists in the target user's alias file.
+			Also fixes http://dev.mutt.org/trac/ticket/2846</desc>
+	</fsa>
}


More information about the Frugalware-darcs mailing list