-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-a4f016c6c8 2021-02-10 01:18:31.293079 --------------------------------------------------------------------------------
Name : mutt Product : Fedora 33 Version : 2.0.5 Release : 1.fc33 URL : http://www.mutt.org Summary : A text mode mail user agent Description : Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting groups of messages.
-------------------------------------------------------------------------------- Update Information:
Rebase to upstream version, fix CVE-2021-3181 ---- update mutt onto 2.0.2, by default is ssl_force_tls switched off -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 1 2021 Filip Janu�� fjanus@redhat.com -5:2.0.5-1 - Rebase to upstream version 2.0.5 - Fix CVE-2021-3181 * Tue Jan 19 2021 Filip Janu�� fjanus@redhat.com - 5:2.0.2-2 - Add patch for remove enforcing ssl - Patch is based on upstream commit https://gitlab.com/muttmua/mutt/-/commit/9204b24e99767ae06b5df25eca55c028d70... * Tue Dec 1 2020 Matej Mu��ila mmuzila@redhat.com - 5:2.0.2-1 - Upgrade to 2.0.2 - Resolves: #1895629, #1900827, CVE-2020-28896 * Tue Sep 1 2020 Matej Mu��ila mmuzila@redhat.com - 5:1.14.7-2 - Fix mutt-1.9.4-lynx_no_backscapes.patch * Mon Aug 31 2020 Matej Mu��ila mmuzila@redhat.com - 5:1.14.7-1 - Upgrade to 1.14.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1920451 - CVE-2021-3181 mutt: crafted email allows remote attackers to cause DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1920451 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-a4f016c6c8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
package-announce@lists.fedoraproject.org