CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2020/06/15 05:47:21
Modified files:
mail/mutt : Makefile distinfo
Log message:
update to mutt-1.14.3
Fix possible IMAP man-in-the-middle attack. No credentials are exposed,
but could result in unintended emails being "saved" to an attacker's
server. The $ssl_starttls quadoption is now used to check for an
unencrypted PREAUTH response from the server.
(the release also had a gnutls fix, but we don't use gnutls in the port).
