Joost Pol found a buffer overflow in the address handling code of mutt (a popular mail user agent). Even though this is a one byte overflow this is exploitable. This has been fixed upstream in version 1.2.5.1 and 1.3.25. The relevant patch has been added to version 1.2.5-5 of the Debian package.
This has been fixed upstream in version 1.2.5.1 and 1.3.25. The relevant patch has been added to version 1.2.5-5 of the Debian package.
MD5 checksums of the listed files are available in the original advisory. (DSA-096-2)