[ubuntu/xenial-security] mutt 1.5.24-1ubuntu0.3 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Mon Jun 22 14:35:57 UTC 2020
mutt (1.5.24-1ubuntu0.3) xenial-security; urgency=medium
* SECURITY UPDATE: Man-in-the-middle attack
- debian/patches/CVE-2020-14093.patch: prevent
possible IMAP MITM via PREAUTH response in imap/imap.c.
- CVE-2020-14093
* SECURITY UPDATE: Connection even if the user rejects an
expired intermediate certificate
- debian/patches/CVE-2020-14154-1.patch: fix GnuTLS tls_verify_peers()
checking in mutt_ssl_gnutls.c.
- debian/patches/CVE-2020-14154-2.patch: Abort GnuTLS certificate if a
cert in the chain is rejected in mutt_ssl_gnutls.c.
- debian/patches/CVE-2020-14154-3.patch: fix GnuTLS interactive prompt
short-circuiting in mutt_ssl_gnutls.c.
- CVE-2020-14154
Date: 2020-06-19 14:22:16.736314+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/mutt/1.5.24-1ubuntu0.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list