[BSA-063] Security Update for notmuch

2012-03-16T08:14:28
ID DEBIAN:BSA-063:C710A
Type debian
Reporter Debian
Modified 2012-03-16T08:14:28

Description

I uploaded new packages for notmuch which fixed the following security problems:

DSA-2416-1 notmuch -- information disclosure

When using the Emacs interface, a user could be tricked into replying to a maliciously formatted message which could lead to files from the local machine being attached to the outgoing message.

For the squeeze-backports distribution the problems have been fixed in version

    0.11.1~bpo60+1

For wheezy (testing) and sid (unstable) this was fixed in version

    0.11.1-1

For squeeze (stable), this is fixed in version

    0.3.1+squeeze1

David