Lucene search

RedHatRHSA-2021:4181

HistoryNov 09, 2021 - 8:33 a.m.

(RHSA-2021:4181) Moderate: mutt security, bug fix, and enhancement update

2021-11-0908:33:45

access.redhat.com

mutt email client

security fixes

enhancement update

imap

memory leak

cve-2020-28896

cve-2021-3181

red hat enterprise linux

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.012

Percentile

85.7%

JSON

Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP.

The following packages have been upgraded to a later upstream version: mutt (2.0.7). (BZ#1912614)

Security Fix(es):

mutt: Incorrect handling of invalid initial IMAP responses could lead to an authentication attempt over unencrypted connection (CVE-2020-28896)
mutt: Memory leak when parsing rfc822 group addresses (CVE-2021-3181)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8ppc64lemutt-debuginfo< 2.0.7-1.el8mutt-debuginfo-2.0.7-1.el8.ppc64le.rpm
RedHat8aarch64mutt-debugsource< 2.0.7-1.el8mutt-debugsource-2.0.7-1.el8.aarch64.rpm
RedHat8x86_64mutt< 2.0.7-1.el8mutt-2.0.7-1.el8.x86_64.rpm
RedHat8aarch64mutt-debuginfo< 2.0.7-1.el8mutt-debuginfo-2.0.7-1.el8.aarch64.rpm
RedHat8x86_64mutt-debugsource< 2.0.7-1.el8mutt-debugsource-2.0.7-1.el8.x86_64.rpm
RedHat8s390xmutt< 2.0.7-1.el8mutt-2.0.7-1.el8.s390x.rpm
RedHat8x86_64mutt-debuginfo< 2.0.7-1.el8mutt-debuginfo-2.0.7-1.el8.x86_64.rpm
RedHat8ppc64lemutt< 2.0.7-1.el8mutt-2.0.7-1.el8.ppc64le.rpm
RedHat8aarch64mutt< 2.0.7-1.el8mutt-2.0.7-1.el8.aarch64.rpm
RedHat8ppc64lemutt-debugsource< 2.0.7-1.el8mutt-debugsource-2.0.7-1.el8.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	ppc64le	mutt-debuginfo	< 2.0.7-1.el8	mutt-debuginfo-2.0.7-1.el8.ppc64le.rpm
RedHat	8	aarch64	mutt-debugsource	< 2.0.7-1.el8	mutt-debugsource-2.0.7-1.el8.aarch64.rpm
RedHat	8	x86_64	mutt	< 2.0.7-1.el8	mutt-2.0.7-1.el8.x86_64.rpm
RedHat	8	aarch64	mutt-debuginfo	< 2.0.7-1.el8	mutt-debuginfo-2.0.7-1.el8.aarch64.rpm
RedHat	8	x86_64	mutt-debugsource	< 2.0.7-1.el8	mutt-debugsource-2.0.7-1.el8.x86_64.rpm
RedHat	8	s390x	mutt	< 2.0.7-1.el8	mutt-2.0.7-1.el8.s390x.rpm
RedHat	8	x86_64	mutt-debuginfo	< 2.0.7-1.el8	mutt-debuginfo-2.0.7-1.el8.x86_64.rpm
RedHat	8	ppc64le	mutt	< 2.0.7-1.el8	mutt-2.0.7-1.el8.ppc64le.rpm
RedHat	8	aarch64	mutt	< 2.0.7-1.el8	mutt-2.0.7-1.el8.aarch64.rpm
RedHat	8	ppc64le	mutt-debugsource	< 2.0.7-1.el8	mutt-debugsource-2.0.7-1.el8.ppc64le.rpm