Created attachment 195177 [details] Add entry for mail/mutt 1.10.1 Add entry for mail/mutt 1.10.1 This is related to bug #229809
The CVEs were just released for 1.10.1: CVE-2018-14349 - NO Response Heap Overflowg CVE-2018-14350 - INTERNALDATE Stack Overflowg CVE-2018-14351 - STATUS Literal Length relative writeg CVE-2018-14352 - imap_quote_string off-by-one stack overflowg CVE-2018-14353 - imap_quote_string int underflowg CVE-2018-14354 - imap_subscribe Remote Code Executiong CVE-2018-14355 - STATUS mailbox header cache directory traversalg CVE-2018-14356 - POP empty UID NULL derefg CVE-2018-14357 - LSUB Remote Code Executiong CVE-2018-14358 - RFC822.SIZE Stack Overflowg CVE-2018-14359 - base64 decode Stack Overflowg CVE-2018-14362 - POP Message Cache Directory Traversalg If you want a new patch I can generate one.
(In reply to Derek Schrock from comment #1) Yes, please. That would be great.
Created attachment 195221 [details] new entry from master with CVEs Added CVEs and used updated master security/vuxml
A commit references this bug: Author: fernape Date: Thu Jul 19 15:37:58 UTC 2018 New revision: 474966 URL: https://svnweb.freebsd.org/changeset/ports/474966 Log: security/vuxml: add mutt vulnerabilities Include mutt vulnerabilities for mutt < 1.10.1 PR: 229810 Submitted by: dereks@lifeofadishwasher.com Approved by: tcberner (mentor) Differential Revision: https://reviews.freebsd.org/D16321 Changes: head/security/vuxml/vuln.xml
Committed, Thanks!