-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.2430
                         Security update for mutt
                              20 August 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           mutt
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Access Confidential Data        -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-14362 CVE-2018-14359 CVE-2018-14358
                   CVE-2018-14357 CVE-2018-14356 CVE-2018-14355
                   CVE-2018-14354 CVE-2018-14353 CVE-2018-14352
                   CVE-2018-14350 CVE-2018-14349 

Reference:         ESB-2018.2424

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2018/suse-su-20182403-1.html

- --------------------------BEGIN INCLUDED TEXT--------------------

   SUSE Security Update: Security update for mutt
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:2403-1
Rating:             important
References:         #1101567 #1101570 #1101571 #1101573 #1101576 
                    #1101577 #1101578 #1101581 #1101582 #1101588 
                    #1101589 #936807 
Cross-References:   CVE-2018-14349 CVE-2018-14350 CVE-2018-14352
                    CVE-2018-14353 CVE-2018-14354 CVE-2018-14355
                    CVE-2018-14356 CVE-2018-14357 CVE-2018-14358
                    CVE-2018-14359 CVE-2018-14362
Affected Products:
                    SUSE Linux Enterprise Server 11-SP4
                    SUSE Linux Enterprise Server 11-SP3-LTSS
                    SUSE Linux Enterprise Point of Sale 11-SP3
                    SUSE Linux Enterprise Debuginfo 11-SP4
                    SUSE Linux Enterprise Debuginfo 11-SP3
______________________________________________________________________________

   An update that solves 11 vulnerabilities and has one errata
   is now available.

Description:

   This update for mutt fixes the following issues:

   Security issues fixed:

   - CVE-2018-14352: Fix imap_quote_string in imap/util.c that does not leave
     room for quote characters (bsc#1101582).
   - CVE-2018-14353: Fix imap_quote_string in imap/util.c that has an integer
     underflow (bsc#1101581).
   - CVE-2018-14362: Fix pop.c that does not forbid characters that may have
     unsafe interaction with message-cache pathnames (bsc#1101567).
   - CVE-2018-14354: Fix arbitrary command execution from remote IMAP servers
     via backquote characters (bsc#1101578).
   - CVE-2018-14356: Fix pop.c that mishandles a zero-length UID
     (bsc#1101576).
   - CVE-2018-14355: Fix imap/util.c that mishandles ".." directory traversal
     in a mailbox name (bsc#1101577).
   - CVE-2018-14349: Fix imap/command.c that mishandles a NO response without
     a message (bsc#1101589).
   - CVE-2018-14350: Fix imap/message.c that has a stack-based buffer
     overflow for a FETCH response with along INTERNALDATE field
     (bsc#1101588).
   - CVE-2018-14357: Fix that remote IMAP servers are allowed to execute
     arbitrary commands via backquote characters (bsc#1101573).
   - CVE-2018-14359: Fix buffer overflow via base64 data (bsc#1101570).
   - CVE-2018-14358: Fix imap/message.c that has a stack-based buffer
     overflow for a FETCH response with along RFC822.SIZE field (bsc#1101571).


   Bug fixes:

   - bsc#936807: On entering a 70 character subject line in mutt, a tab is
     added to the text after 67 characters.


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11-SP4:

      zypper in -t patch slessp4-mutt-13736=1

   - SUSE Linux Enterprise Server 11-SP3-LTSS:

      zypper in -t patch slessp3-mutt-13736=1

   - SUSE Linux Enterprise Point of Sale 11-SP3:

      zypper in -t patch sleposp3-mutt-13736=1

   - SUSE Linux Enterprise Debuginfo 11-SP4:

      zypper in -t patch dbgsp4-mutt-13736=1

   - SUSE Linux Enterprise Debuginfo 11-SP3:

      zypper in -t patch dbgsp3-mutt-13736=1



Package List:

   - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      mutt-1.5.17-42.43.1

   - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64):

      mutt-1.5.17-42.43.1

   - SUSE Linux Enterprise Point of Sale 11-SP3 (i586):

      mutt-1.5.17-42.43.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      mutt-debuginfo-1.5.17-42.43.1
      mutt-debugsource-1.5.17-42.43.1

   - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64):

      mutt-debuginfo-1.5.17-42.43.1
      mutt-debugsource-1.5.17-42.43.1


References:

   https://www.suse.com/security/cve/CVE-2018-14349.html
   https://www.suse.com/security/cve/CVE-2018-14350.html
   https://www.suse.com/security/cve/CVE-2018-14352.html
   https://www.suse.com/security/cve/CVE-2018-14353.html
   https://www.suse.com/security/cve/CVE-2018-14354.html
   https://www.suse.com/security/cve/CVE-2018-14355.html
   https://www.suse.com/security/cve/CVE-2018-14356.html
   https://www.suse.com/security/cve/CVE-2018-14357.html
   https://www.suse.com/security/cve/CVE-2018-14358.html
   https://www.suse.com/security/cve/CVE-2018-14359.html
   https://www.suse.com/security/cve/CVE-2018-14362.html
   https://bugzilla.suse.com/1101567
   https://bugzilla.suse.com/1101570
   https://bugzilla.suse.com/1101571
   https://bugzilla.suse.com/1101573
   https://bugzilla.suse.com/1101576
   https://bugzilla.suse.com/1101577
   https://bugzilla.suse.com/1101578
   https://bugzilla.suse.com/1101581
   https://bugzilla.suse.com/1101582
   https://bugzilla.suse.com/1101588
   https://bugzilla.suse.com/1101589
   https://bugzilla.suse.com/936807

_______________________________________________

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBW3oyxmaOgq3Tt24GAQhT0w/+IV9G2tXU8jATAQTJ3ZsS0zCf3FhrCsgg
HD6gi/vQ42VAj+gwgPG0w4BT2iOKyMDltfbsZh3s/UB2Ml2Xh3itDXeE7yzCbzDV
9zIG+myBmVkMODBm24oU0CiosIGPsh+YKFGbivAmVmolWdmUsGlvvh7AnHhRFlLQ
3as5+uRUu9ea3JcClzQjiNNlBM9JeMSBw+Aj1DE1YN8M8+F5A+ryyC2I/7DjKS1g
e5wtaEMNka/a7IajUGP4gFL/99BnXoY80ojPoI0lc2PRXy0sLRHsxhlQVZJF0oTL
otw5GY9rAiCC9FCAlQPL0ybFPzR9nWC6uSgVRewXkOLwr7LFPe+d+f1qTe4Vy6Qg
+Y8nmc89AQUJ6AJr158ovcakq7uZx86ryU5v3MHcDxH279I8eaDzYjanltjl2XNb
SZK8ilbp5iti2XRgOkbzKdarOpKX2nsZmy5ssFy64j4w9HmPf5pDk7/5RZBaJakQ
MwGXMoszKNaxSNx8TWnMhjhtG2fIsrnFjmnLCy1MVY3AstLITNDkUDfG38crY6uX
uj4yTxqi39atYZ52QcEn6hEpP9g67MwnMmWGHS+JZi9cVnIF+/mdpPhsaJewogom
9KbW61zh8T03z+rLTDX9q08wawxqIxVnV2T/LPyidRuplZGX2f5xEGd9DvzqHdGl
tV72SvgkGIM=
=71aZ
-----END PGP SIGNATURE-----