Fedora Core 6 : mutt-1.4.2.2-3.fc6 (2006-1063)

high Nessus Plugin ID 24037

Synopsis

The remote Fedora Core host is missing a security update.

Description

- Tue Oct 24 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.2-3

- fix insecure temp file creation on NFS (#211085, CVE-2006-5297)

- Thu Aug 3 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.2-2

- fix a SASL authentication bug (#199591)

- Mon Jul 17 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.2-1

- update to 1.4.2.2

- fix directories in manual.txt (#162207)

- drop bcc patch (#197408)

- don't package flea

- Wed Jul 12 2006 Jesse Keating <jkeating at redhat.com>
- 5:1.4.2.1-7.1

- rebuild

- Thu Jun 29 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.1-7

- fix a buffer overflow when processing IMAP namespace (#197152, CVE-2006-3242)

- Fri Feb 10 2006 Jesse Keating <jkeating at redhat.com>
- 5:1.4.2.1-6.2.1

- bump again for double-long bug on ppc(64)

- Tue Feb 7 2006 Jesse Keating <jkeating at redhat.com>
- 5:1.4.2.1-6.2

- rebuilt for new gcc4.1 snapshot and glibc changes

- Fri Dec 9 2005 Jesse Keating <jkeating at redhat.com>

- rebuilt

- Wed Nov 9 2005 Bill Nottingham <notting at redhat.com> 5:1.4.2.1-6

- rebuild against new ssl libs

- Thu Oct 27 2005 Bill Nottingham <notting at redhat.com> 5:1.4.2.1-5

- add patch from 1.5 branch to fix SASL logging (#157251, #171528)

- Fri Aug 26 2005 Bill Nottingham <notting at redhat.com> 5:1.4.2.1-3

- add patch from 1.5 branch to fix base64 decoding (#166718)

- Mon Mar 7 2005 Bill Nottingham <notting at redhat.com> 5:1.4.2.1-2

- rebuild against new openssl

- fix build with gcc4

- Thu Jan 27 2005 Bill Nottingham <notting at redhat.com> 5:1.4.2.1-1

- update to 1.4.2.1 (#141007, <moritz at barsnick.net>)

- include a /etc/Muttrc.local for site config (#123109)

- add <f2> as a additional help key for terminals that use <f1> internally (#139277)

- Wed Sep 15 2004 Nalin Dahyabhai <nalin at redhat.com> 5:1.4.1-10

- expect the server to prompt for additional auth data if we have some to send (#129961, upstream #1845)

- use 'pop' as the service name instead of 'pop-3' when using SASL for POP, per rfc1734

- Fri Aug 13 2004 Bill Nottingham <notting at redhat.com> 5:1.4.1-9

- set write_bcc to no by default (since we ship exim)

- build against sasl2 (#126724)

- Mon Jun 28 2004 Bill Nottingham <notting at redhat.com>

- remove autosplat patch (#116769)

- Tue Jun 15 2004 Elliot Lee <sopwith at redhat.com>

- rebuilt

- Tue Jun 8 2004 Bill Nottingham <notting at redhat.com> 5:1.4.1-7

- link urlview against ncursesw (fixes #125530, indirectly)

- Fri Feb 13 2004 Elliot Lee <sopwith at redhat.com>

- rebuilt

- Tue Jan 27 2004 Bill Nottingham <notting at redhat.com> 5:1.4.1-5

[plus 179 lines in the Changelog]

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected mutt and / or mutt-debuginfo packages.

See Also

http://www.nessus.org/u?a546de0a

Plugin Details

Severity: High

ID: 24037

File Name: fedora_2006-1063.nasl

Version: 1.15

Type: local

Agent: unix

Published: 1/17/2007

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:mutt, p-cpe:/a:fedoraproject:fedora:mutt-debuginfo, cpe:/o:fedoraproject:fedora_core:6

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 10/24/2006

Reference Information

FEDORA: 2006-1063