Slackware: 'mutt' Remote buffer overflow
Posted by LinuxSecurity.com Team   
Slackware An exploitable overflow has been found in the address handling code of themutt mail client version 1.2.5i supplied with Slackware 8.0.


Date: Mon, 7 Jan 2002 14:20:05 -0800 (PST)
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] mutt remote exploit patched



An exploitable overflow has been found in the address handling code of the
mutt mail client version 1.2.5i supplied with Slackware 8.0.  A new
mutt-1.2.5.1 has been released which addresses this problem, and packages
are now available for Slackware 8.0 and -current.

We urge all Slackware users to upgrade to this new version of mutt as soon
as possible.


WHERE TO FIND THE NEW PACKAGES:
-------------------------------
Updated mutt package for Slackware 8.0: 
ftp://ftp.slackware.com/pub/slackware/slackware-8.0/patches/packages/mutt.tgz

Updated mutt package for Slackware -current: 
ftp://ftp.slackware.com/pub/slackware/slackware-current/mutt-1.2.5.1/packages/mutt-1.2.5.1-i386-1.tgz


MD5 SIGNATURES:
---------------

Here are the md5sums for the packages:

Slackware 8.0:
3172435c584b0cb22ede37b7fafc25c6  mutt.tgz

Slackware -current:
3172435c584b0cb22ede37b7fafc25c6  mutt-1.2.5.1-i386-1.tgz


INSTALLATION INSTRUCTIONS:
--------------------------

Simply upgrade (or install) as root:

   # upgradepkg mutt.tgz

or
  
   # installpkg mutt.tgz


Remember, it's also a good idea to backup configuration files before
upgrading packages.

- Slackware Linux Security Team
   http://www.slackware.com