Red Hat Product Errata RHSA-2024:2290 - Security Advisory
Issued:
2024-04-30
Updated:
2024-04-30

RHSA-2024:2290 - Security Advisory

Synopsis

Moderate: mutt security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for mutt is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP.

Security Fix(es):

  • mutt: null pointer dereference (CVE-2023-4874)
  • mutt: null pointer dereference (CVE-2023-4875)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

  • BZ - 2238240 - CVE-2023-4874 mutt: null pointer dereference
  • BZ - 2238241 - CVE-2023-4875 mutt: null pointer dereference

Red Hat Enterprise Linux for x86_64 9

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
x86_64
mutt-2.2.6-2.el9.x86_64.rpm SHA-256: e595f8f938f5a41dd82b7db47cd623aad8db5ef27d4c95f1904f8bd1001f7f29
mutt-debuginfo-2.2.6-2.el9.x86_64.rpm SHA-256: aa6ad1f8662c1743a99a2effb4e43012b7ef7cad6d5a37ad85762dd5bbbb5346
mutt-debugsource-2.2.6-2.el9.x86_64.rpm SHA-256: 651bf2d3aaaa6907fde0cb36700950635ea346830715efbb28751988c457df88

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
x86_64
mutt-2.2.6-2.el9.x86_64.rpm SHA-256: e595f8f938f5a41dd82b7db47cd623aad8db5ef27d4c95f1904f8bd1001f7f29
mutt-debuginfo-2.2.6-2.el9.x86_64.rpm SHA-256: aa6ad1f8662c1743a99a2effb4e43012b7ef7cad6d5a37ad85762dd5bbbb5346
mutt-debugsource-2.2.6-2.el9.x86_64.rpm SHA-256: 651bf2d3aaaa6907fde0cb36700950635ea346830715efbb28751988c457df88

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
x86_64
mutt-2.2.6-2.el9.x86_64.rpm SHA-256: e595f8f938f5a41dd82b7db47cd623aad8db5ef27d4c95f1904f8bd1001f7f29
mutt-debuginfo-2.2.6-2.el9.x86_64.rpm SHA-256: aa6ad1f8662c1743a99a2effb4e43012b7ef7cad6d5a37ad85762dd5bbbb5346
mutt-debugsource-2.2.6-2.el9.x86_64.rpm SHA-256: 651bf2d3aaaa6907fde0cb36700950635ea346830715efbb28751988c457df88

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
x86_64
mutt-2.2.6-2.el9.x86_64.rpm SHA-256: e595f8f938f5a41dd82b7db47cd623aad8db5ef27d4c95f1904f8bd1001f7f29
mutt-debuginfo-2.2.6-2.el9.x86_64.rpm SHA-256: aa6ad1f8662c1743a99a2effb4e43012b7ef7cad6d5a37ad85762dd5bbbb5346
mutt-debugsource-2.2.6-2.el9.x86_64.rpm SHA-256: 651bf2d3aaaa6907fde0cb36700950635ea346830715efbb28751988c457df88

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
x86_64
mutt-2.2.6-2.el9.x86_64.rpm SHA-256: e595f8f938f5a41dd82b7db47cd623aad8db5ef27d4c95f1904f8bd1001f7f29
mutt-debuginfo-2.2.6-2.el9.x86_64.rpm SHA-256: aa6ad1f8662c1743a99a2effb4e43012b7ef7cad6d5a37ad85762dd5bbbb5346
mutt-debugsource-2.2.6-2.el9.x86_64.rpm SHA-256: 651bf2d3aaaa6907fde0cb36700950635ea346830715efbb28751988c457df88

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
s390x
mutt-2.2.6-2.el9.s390x.rpm SHA-256: 304c59912a9fe3d8898a214a611bdd7a550a457caf242b31c830b0c1b51c7f61
mutt-debuginfo-2.2.6-2.el9.s390x.rpm SHA-256: a980fc3a302352c97afb7757fffd17fbf7c43320a681faba1ad8864a0f69508d
mutt-debugsource-2.2.6-2.el9.s390x.rpm SHA-256: 58dc0281ef299772189180e51c00c5274de1918f386ea46cb1457b8c3a25511c

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
s390x
mutt-2.2.6-2.el9.s390x.rpm SHA-256: 304c59912a9fe3d8898a214a611bdd7a550a457caf242b31c830b0c1b51c7f61
mutt-debuginfo-2.2.6-2.el9.s390x.rpm SHA-256: a980fc3a302352c97afb7757fffd17fbf7c43320a681faba1ad8864a0f69508d
mutt-debugsource-2.2.6-2.el9.s390x.rpm SHA-256: 58dc0281ef299772189180e51c00c5274de1918f386ea46cb1457b8c3a25511c

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
s390x
mutt-2.2.6-2.el9.s390x.rpm SHA-256: 304c59912a9fe3d8898a214a611bdd7a550a457caf242b31c830b0c1b51c7f61
mutt-debuginfo-2.2.6-2.el9.s390x.rpm SHA-256: a980fc3a302352c97afb7757fffd17fbf7c43320a681faba1ad8864a0f69508d
mutt-debugsource-2.2.6-2.el9.s390x.rpm SHA-256: 58dc0281ef299772189180e51c00c5274de1918f386ea46cb1457b8c3a25511c

Red Hat Enterprise Linux for Power, little endian 9

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
ppc64le
mutt-2.2.6-2.el9.ppc64le.rpm SHA-256: 2a786a366874aadba19ed0af017910d9f9ae52bc384d51f0c8343fba09a42b15
mutt-debuginfo-2.2.6-2.el9.ppc64le.rpm SHA-256: 486ad891f9ebddad6860584c156094671e15b5f31bf9c48896fafbc94c9c5f8a
mutt-debugsource-2.2.6-2.el9.ppc64le.rpm SHA-256: bdee0c6f28edefb56c09875c0c146fa0d3b52f9953c27dc4c546ae7ea8a600a0

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
ppc64le
mutt-2.2.6-2.el9.ppc64le.rpm SHA-256: 2a786a366874aadba19ed0af017910d9f9ae52bc384d51f0c8343fba09a42b15
mutt-debuginfo-2.2.6-2.el9.ppc64le.rpm SHA-256: 486ad891f9ebddad6860584c156094671e15b5f31bf9c48896fafbc94c9c5f8a
mutt-debugsource-2.2.6-2.el9.ppc64le.rpm SHA-256: bdee0c6f28edefb56c09875c0c146fa0d3b52f9953c27dc4c546ae7ea8a600a0

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
ppc64le
mutt-2.2.6-2.el9.ppc64le.rpm SHA-256: 2a786a366874aadba19ed0af017910d9f9ae52bc384d51f0c8343fba09a42b15
mutt-debuginfo-2.2.6-2.el9.ppc64le.rpm SHA-256: 486ad891f9ebddad6860584c156094671e15b5f31bf9c48896fafbc94c9c5f8a
mutt-debugsource-2.2.6-2.el9.ppc64le.rpm SHA-256: bdee0c6f28edefb56c09875c0c146fa0d3b52f9953c27dc4c546ae7ea8a600a0

Red Hat Enterprise Linux for ARM 64 9

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
aarch64
mutt-2.2.6-2.el9.aarch64.rpm SHA-256: 2e991efc27ab9eea028593b70a3768d4db45a406b6c358b029f7834783adbaf2
mutt-debuginfo-2.2.6-2.el9.aarch64.rpm SHA-256: 2adcd443d25d3853fdb3a3fa2ec0b5b123d4c74c5e19a6870a3cf26f1c426a60
mutt-debugsource-2.2.6-2.el9.aarch64.rpm SHA-256: 493809a944081958f0a4f44a6430efdd1a10e73ff071c605a1b5fcadf2fb3f9b

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
aarch64
mutt-2.2.6-2.el9.aarch64.rpm SHA-256: 2e991efc27ab9eea028593b70a3768d4db45a406b6c358b029f7834783adbaf2
mutt-debuginfo-2.2.6-2.el9.aarch64.rpm SHA-256: 2adcd443d25d3853fdb3a3fa2ec0b5b123d4c74c5e19a6870a3cf26f1c426a60
mutt-debugsource-2.2.6-2.el9.aarch64.rpm SHA-256: 493809a944081958f0a4f44a6430efdd1a10e73ff071c605a1b5fcadf2fb3f9b

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
aarch64
mutt-2.2.6-2.el9.aarch64.rpm SHA-256: 2e991efc27ab9eea028593b70a3768d4db45a406b6c358b029f7834783adbaf2
mutt-debuginfo-2.2.6-2.el9.aarch64.rpm SHA-256: 2adcd443d25d3853fdb3a3fa2ec0b5b123d4c74c5e19a6870a3cf26f1c426a60
mutt-debugsource-2.2.6-2.el9.aarch64.rpm SHA-256: 493809a944081958f0a4f44a6430efdd1a10e73ff071c605a1b5fcadf2fb3f9b

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
ppc64le
mutt-2.2.6-2.el9.ppc64le.rpm SHA-256: 2a786a366874aadba19ed0af017910d9f9ae52bc384d51f0c8343fba09a42b15
mutt-debuginfo-2.2.6-2.el9.ppc64le.rpm SHA-256: 486ad891f9ebddad6860584c156094671e15b5f31bf9c48896fafbc94c9c5f8a
mutt-debugsource-2.2.6-2.el9.ppc64le.rpm SHA-256: bdee0c6f28edefb56c09875c0c146fa0d3b52f9953c27dc4c546ae7ea8a600a0

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
ppc64le
mutt-2.2.6-2.el9.ppc64le.rpm SHA-256: 2a786a366874aadba19ed0af017910d9f9ae52bc384d51f0c8343fba09a42b15
mutt-debuginfo-2.2.6-2.el9.ppc64le.rpm SHA-256: 486ad891f9ebddad6860584c156094671e15b5f31bf9c48896fafbc94c9c5f8a
mutt-debugsource-2.2.6-2.el9.ppc64le.rpm SHA-256: bdee0c6f28edefb56c09875c0c146fa0d3b52f9953c27dc4c546ae7ea8a600a0

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
x86_64
mutt-2.2.6-2.el9.x86_64.rpm SHA-256: e595f8f938f5a41dd82b7db47cd623aad8db5ef27d4c95f1904f8bd1001f7f29
mutt-debuginfo-2.2.6-2.el9.x86_64.rpm SHA-256: aa6ad1f8662c1743a99a2effb4e43012b7ef7cad6d5a37ad85762dd5bbbb5346
mutt-debugsource-2.2.6-2.el9.x86_64.rpm SHA-256: 651bf2d3aaaa6907fde0cb36700950635ea346830715efbb28751988c457df88

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
x86_64
mutt-2.2.6-2.el9.x86_64.rpm SHA-256: e595f8f938f5a41dd82b7db47cd623aad8db5ef27d4c95f1904f8bd1001f7f29
mutt-debuginfo-2.2.6-2.el9.x86_64.rpm SHA-256: aa6ad1f8662c1743a99a2effb4e43012b7ef7cad6d5a37ad85762dd5bbbb5346
mutt-debugsource-2.2.6-2.el9.x86_64.rpm SHA-256: 651bf2d3aaaa6907fde0cb36700950635ea346830715efbb28751988c457df88

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
aarch64
mutt-2.2.6-2.el9.aarch64.rpm SHA-256: 2e991efc27ab9eea028593b70a3768d4db45a406b6c358b029f7834783adbaf2
mutt-debuginfo-2.2.6-2.el9.aarch64.rpm SHA-256: 2adcd443d25d3853fdb3a3fa2ec0b5b123d4c74c5e19a6870a3cf26f1c426a60
mutt-debugsource-2.2.6-2.el9.aarch64.rpm SHA-256: 493809a944081958f0a4f44a6430efdd1a10e73ff071c605a1b5fcadf2fb3f9b

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
aarch64
mutt-2.2.6-2.el9.aarch64.rpm SHA-256: 2e991efc27ab9eea028593b70a3768d4db45a406b6c358b029f7834783adbaf2
mutt-debuginfo-2.2.6-2.el9.aarch64.rpm SHA-256: 2adcd443d25d3853fdb3a3fa2ec0b5b123d4c74c5e19a6870a3cf26f1c426a60
mutt-debugsource-2.2.6-2.el9.aarch64.rpm SHA-256: 493809a944081958f0a4f44a6430efdd1a10e73ff071c605a1b5fcadf2fb3f9b

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
s390x
mutt-2.2.6-2.el9.s390x.rpm SHA-256: 304c59912a9fe3d8898a214a611bdd7a550a457caf242b31c830b0c1b51c7f61
mutt-debuginfo-2.2.6-2.el9.s390x.rpm SHA-256: a980fc3a302352c97afb7757fffd17fbf7c43320a681faba1ad8864a0f69508d
mutt-debugsource-2.2.6-2.el9.s390x.rpm SHA-256: 58dc0281ef299772189180e51c00c5274de1918f386ea46cb1457b8c3a25511c

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
mutt-2.2.6-2.el9.src.rpm SHA-256: b1302d40d447e67fc561183bd252bf446cbcb3ff22df78f134a8eb72242c191d
s390x
mutt-2.2.6-2.el9.s390x.rpm SHA-256: 304c59912a9fe3d8898a214a611bdd7a550a457caf242b31c830b0c1b51c7f61
mutt-debuginfo-2.2.6-2.el9.s390x.rpm SHA-256: a980fc3a302352c97afb7757fffd17fbf7c43320a681faba1ad8864a0f69508d
mutt-debugsource-2.2.6-2.el9.s390x.rpm SHA-256: 58dc0281ef299772189180e51c00c5274de1918f386ea46cb1457b8c3a25511c

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.