New mutt packages fix IMAP vulnerability/incompatibility

New mutt packages are available. These packages fix an
instance of the common 'format string' vulnerability,
and correct an incompatibilty with the current errata
IMAP server.

It is recommended that all mutt users using Red Hat Linux
upgrade to the new packages. The version of mutt shipped
in Red Hat Linux 7.0 does not contain the format string
vulnerability; it is merely a bugfix update.

Users of Red Hat Linux 6.0 and 6.1 should use the
packages for Red Hat Linux 6.2. Additionally, the packages
for Red Hat Linux 6.2 have support for SSL-IMAP and GSSAPI; the
new packages require the openssl enhancement errata.

An example of a 'format string' vulnerability was present in the
IMAP code in versions of mutt previous to 1.2.5. This had the
effect that a compromised or malicious IMAP server could possibly
execute code on the local machine.

The mutt packages in Red Hat Linux 7.0 were incompatible
with the errata IMAP server released for Red Hat Linux in
regards to GSSAPI authentication.

To update all RPMs for your particular architecture, run:

rpm -Fvh <filenames>

where <filenames> is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directly *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0473

GSSAPI