Attachment #221829 for bug #252931

View | Details | Raw Unified | Return to bug 252931
Collapse All | Expand All




  * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
  <vuln vid="387bbade-5d1d-11eb-bf20-4437e6ad11c4">
    <topic>mutt -- denial of service</topic>
    <affects>
      <package>
	<name>mutt</name>
	<range><lt>2.0.5</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Tavis Ormandy reports:</p>
	<blockquote cite="https://gitlab.com/muttmua/mutt/-/issues/323">
	  <p>
	    rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a
	    denial of service (mailbox unavailability) by sending email messages
	    with sequences of semicolon characters in RFC822 address fields
	    (aka terminators of empty groups). A small email message from the
	    attacker can cause large memory consumption, and the victim
	    may then be unable to see email messages from other persons.
	  </p>
	</blockquote>
      </body>
    </description>
    <references>
    <url>https://gitlab.com/muttmua/mutt/-/issues/323</url>
    <cvename>CVE-2021-3181</cvename>
    </references>
    <dates>
      <discovery>2021-01-17</discovery>
      <entry>2021-01-23</entry>
    </dates>
  </vuln>

  <vuln vid="4ed0e43c-5cef-11eb-bafd-3065ec8fd3ec">
    <topic>chromium -- multiple vulnerabilities</topic>
    <affects>
- 

Return to bug 252931

Lines 77-82 Notes: Link Here

(-)b/security/vuxml/vuln.xml (-1 / +33 lines)
77	* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)	77	* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
78	-->	78	-->
79	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">	79	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
		80	<vuln vid="387bbade-5d1d-11eb-bf20-4437e6ad11c4">
		81	<topic>mutt -- denial of service</topic>
		82	<affects>
		83	<package>
		84	<name>mutt</name>
		85	<range><lt>2.0.5</lt></range>
		86	</package>
		87	</affects>
		88	<description>
		89	<body xmlns="http://www.w3.org/1999/xhtml">
		90	<p>Tavis Ormandy reports:</p>
		91	<blockquote cite="https://gitlab.com/muttmua/mutt/-/issues/323">
		92	<p>
		93	rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a
		94	denial of service (mailbox unavailability) by sending email messages
		95	with sequences of semicolon characters in RFC822 address fields
		96	(aka terminators of empty groups). A small email message from the
		97	attacker can cause large memory consumption, and the victim
		98	may then be unable to see email messages from other persons.
		99	</p>
		100	</blockquote>
		101	</body>
		102	</description>
		103	<references>
		104	<url>https://gitlab.com/muttmua/mutt/-/issues/323</url>
		105	<cvename>CVE-2021-3181</cvename>
		106	</references>
		107	<dates>
		108	<discovery>2021-01-17</discovery>
		109	<entry>2021-01-23</entry>
		110	</dates>
		111	</vuln>
		112
80	<vuln vid="4ed0e43c-5cef-11eb-bafd-3065ec8fd3ec">	113	<vuln vid="4ed0e43c-5cef-11eb-bafd-3065ec8fd3ec">
81	<topic>chromium -- multiple vulnerabilities</topic>	114	<topic>chromium -- multiple vulnerabilities</topic>
82	<affects>	115	<affects>
83	-