Debian Security Advisory

DLA-3261-1 libetpan -- LTS security update

Date Reported:
05 Jan 2023
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2022-4121.
More information:

It was discovered that there was a potential null pointer dereference vulnerability in libetpan, an low-level library for handling email.

  • CVE-2022-4121

    Null pointer dereference in mailimap_mailbox_data_status_free in low-level/imap/mailimap_types.c

For Debian 10 Buster, this problem has been fixed in version 1.9.3-2+deb10u2.

We recommend that you upgrade your libetpan packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: