Balsa/Leksbot Updates for Debian
Posted on: 05/07/2003 11:47 AM

Two new security updates for Debian GNU/Linux has been released

DSA-300-1 balsa

Byrial Jensen discovered a couple of off-by-one buffer overflow in the IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME, GPG, PGP and threading. This code is imported in the Balsa package. This problem could potentially allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder.

Read more

DSA-299-1 leksbot

Maurice Massar discovered that, due to a packaging error, the program /usr/bin/KATAXWR was inadvertently installed setuid root. This program was not designed to run setuid, and contained multiple vulnerabilities which could be exploited to gain root privileges.

Read more




Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/balsaleksbot_updates_for_debian.html)