[Bug 1884588] Re: Certificate problems sending mail

Launchpad Bug Tracker Wed, 24 Jun 2020 09:46:25 -0700

This bug was fixed in the package mutt - 1.10.1-2.1ubuntu0.2

---------------
mutt (1.10.1-2.1ubuntu0.2) eoan-security; urgency=medium


  * SECURITY UPDATE: Man-in-the-middle attack
    - debian/patches/CVE-2020-14954.patch: fix STARTTLS response injection
      attack clearing the CONNECTION input buffer in mutt_ssl_starttls() in
      mutt_socket.c, mutt_socket.h, mutt_ssl.c, mutt_ssl_gnutls.c.
    - CVE-2020-14954
  * Redoing patch CVE-2020-14154-1, that causes a possibly regression (LP: 
#1884588)

 -- leo.barb...@canonical.com (Leonidas S. Barbosa)  Mon, 22 Jun 2020
15:27:39 -0300

** Changed in: mutt (Ubuntu)
       Status: In Progress => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-14154

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-14954

** Changed in: mutt (Ubuntu)
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884588

Title:
  Certificate problems sending mail

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mutt/+bug/1884588/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1884588] Re: Certificate problems sending mail

Reply via email to