This update for mutt fixes the following issues: Security issues fixed: - CVE-2018-14352: Fix imap_quote_string in imap/util.c that does not leave room for quote characters . - CVE-2018-14353: Fix imap_quote_string in imap/util.c that has an integer underflow . - CVE-2018-14362: Fix pop.c that does not forbid characters that may have unsafe interaction with message-cache pathnames . - CVE-2018-14354: Fix arbitrary command execution from remote IMAP servers via backquote characters . - CVE-2018-14356: Fix pop.c that mishandles a zero-length UID . - CVE-2018-14355: Fix imap/util.c that mishandles quot;..quot; directory traversal in a mailbox name . - CVE-2018-14349: Fix imap/command.c that mishandles a NO response without a message . - CVE-2018-14350: Fix imap/message.c that has a stack-based buffer overflow for a FETCH response with along INTERNALDATE field . - CVE-2018-14357: Fix that remote IMAP servers are allowed to execute arbitrary commands via backquote characters . - CVE-2018-14359: Fix buffer overflow via base64 data . - CVE-2018-14358: Fix imap/message.c that has a stack-based buffer overflow for a FETCH response with along RFC822.SIZE field . Bug fixes: - bsc#936807: On entering a 70 character subject line in mutt, a tab is added to the text after 67 characters.