[Buildroot] [PATCH] package/mutt: security bump to version 2.2.3

* [Buildroot] [PATCH] package/mutt: security bump to version 2.2.3
@ 2022-04-15 21:11 Peter Korsgaard
  2022-04-16 13:47 ` Peter Korsgaard
  2022-05-22 10:09 ` Peter Korsgaard
  0 siblings, 2 replies; 3+ messages in thread
From: Peter Korsgaard @ 2022-04-15 21:11 UTC (permalink / raw)
  To: buildroot; +Cc: Fabrice Fontaine

Fixes the following security issues:

CVE-2022-1328: mutt_decode_uuencoded() can read past the of the input line

Buffer Overflow in uudecoder in Mutt affecting all versions starting from
0.94.13 before 2.2.3 allows read past end of input line

For details, see the release notes:
https://marc.info/?l=mutt-users&m=164979464612885&w=2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/mutt/mutt.hash | 2 +-
 package/mutt/mutt.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/mutt/mutt.hash b/package/mutt/mutt.hash
index bbc9d459b0..952e0b7bc0 100644
--- a/package/mutt/mutt.hash
+++ b/package/mutt/mutt.hash
@@ -1,3 +1,3 @@
 # Locally calculated
-sha256  e84597f06d03ca82f8ca3b5ec8bc294c150709b43ed2a0177bf479c3e3345314  mutt-2.2.0.tar.gz
+sha256  978addcdab454f447ed7d1de84b5767e714c30714285bf82e4a1745071d18d89  mutt-2.2.3.tar.gz
 sha256  732f24b69a6c71cd8e01e4672bb8e12cc1cbb88a50a4665e6ca4fd95000a57ee  GPL
diff --git a/package/mutt/mutt.mk b/package/mutt/mutt.mk
index 51178ef03d..45ae36530a 100644
--- a/package/mutt/mutt.mk
+++ b/package/mutt/mutt.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-MUTT_VERSION = 2.2.0
+MUTT_VERSION = 2.2.3
 MUTT_SITE = https://bitbucket.org/mutt/mutt/downloads
 MUTT_LICENSE = GPL-2.0+
 MUTT_LICENSE_FILES = GPL
-- 
2.30.2

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 3+ messages in thread