Package "mutt"
Name: |
mutt
|
Description: |
text-based mailreader supporting MIME, GPG, PGP and threading
|
Latest version: |
1.13.2-1ubuntu0.6 |
Release: |
focal (20.04) |
Level: |
security |
Repository: |
main |
Homepage: |
http://www.mutt.org/ |
Links
Download "mutt"
Other versions of "mutt" in Focal
Changelog
mutt (1.13.2-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Man-in-the-middle attack
- debian/patches/CVE-2020-14093.patch: prevent
possible IMAP MITM via PREAUTH response in imap/imap.c.
- CVE-2020-14093
* SECURITY UPDATE: Connection even if the user rejects an
expired intermediate certificate
- debian/patches/CVE-2020-14154-1.patch: fix GnuTLS tls_verify_peers()
checking in mutt_ssl_gnutls.c.
- debian/patches/CVE-2020-14154-2.patch: Abort GnuTLS certificate if a
cert in the chain is rejected in mutt_ssl_gnutls.c.
- debian/patches/CVE-2020-14154-3.patch: fix GnuTLS interactive prompt
short-circuiting in mutt_ssl_gnutls.c.
- CVE-2020-14154
-- <email address hidden> (Leonidas S. Barbosa) Wed, 17 Jun 2020 16:46:31 -0300
|
CVE-2020-14093 |
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. |
CVE-2020-14154 |
Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certifica |
|
About
-
Send Feedback to @ubuntu_updates