[Buildroot] [PATCH 1/1] package/mutt: security bump to version 2.2.12

[Buildroot] [PATCH 1/1] package/mutt: security bump to version 2.2.12

[Fabrice Fontaine]

Mutt 2.2.12 was released on September 9, 2023. This is a bug-fix
release, fixing two crash bugs. One is possible by viewing a crafted
message header, so upgrading is strongly recommended.

Fix CVE-2023-4874: Null pointer dereference when viewing a specially
crafted email in Mutt >1.5.2 <2.2.12

Fix CVE-2023-4875: Null pointer dereference when composing from a
specially crafted draft message in Mutt >1.5.2 <2.2.12

http://www.mutt.org/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
 package/mutt/mutt.hash | 2 +-
 package/mutt/mutt.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/mutt/mutt.hash b/package/mutt/mutt.hash
index 78bce76585..8c4aae3c1c 100644
--- a/package/mutt/mutt.hash
+++ b/package/mutt/mutt.hash
@@ -1,3 +1,3 @@
 # Locally calculated
-sha256  12325cf66d5ff8ac4bd87fac8db52c869de52dd278fc301cfd57d5a1f9f465cc  mutt-2.2.11.tar.gz
+sha256  043af312f64b8e56f7fd0bf77f84a205d4c498030bd9586457665c47bb18ce38  mutt-2.2.12.tar.gz
 sha256  732f24b69a6c71cd8e01e4672bb8e12cc1cbb88a50a4665e6ca4fd95000a57ee  GPL
diff --git a/package/mutt/mutt.mk b/package/mutt/mutt.mk
index c5e4e4a14e..09f547a091 100644
--- a/package/mutt/mutt.mk
+++ b/package/mutt/mutt.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-MUTT_VERSION = 2.2.11
+MUTT_VERSION = 2.2.12
 MUTT_SITE = https://bitbucket.org/mutt/mutt/downloads
 MUTT_LICENSE = GPL-2.0+
 MUTT_LICENSE_FILES = GPL
-- 
2.40.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 1/1] package/mutt: security bump to version 2.2.12

[Peter Korsgaard]

>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:

 > Mutt 2.2.12 was released on September 9, 2023. This is a bug-fix
 > release, fixing two crash bugs. One is possible by viewing a crafted
 > message header, so upgrading is strongly recommended.

 > Fix CVE-2023-4874: Null pointer dereference when viewing a specially
 > crafted email in Mutt >1.5.2 <2.2.12

 > Fix CVE-2023-4875: Null pointer dereference when composing from a
 > specially crafted draft message in Mutt >1.5.2 <2.2.12

 > http://www.mutt.org/

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 1/1] package/mutt: security bump to version 2.2.12

[Peter Korsgaard]

>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:

>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
 >> Mutt 2.2.12 was released on September 9, 2023. This is a bug-fix
 >> release, fixing two crash bugs. One is possible by viewing a crafted
 >> message header, so upgrading is strongly recommended.

 >> Fix CVE-2023-4874: Null pointer dereference when viewing a specially
 >> crafted email in Mutt >1.5.2 <2.2.12

 >> Fix CVE-2023-4875: Null pointer dereference when composing from a
 >> specially crafted draft message in Mutt >1.5.2 <2.2.12

 >> http://www.mutt.org/

 >> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

 > Committed, thanks.

Committed to 2023.02.x, 2023.05.x and 2023.08.x, thanks.

-- 
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot