[ubuntu/xenial-security] mutt 1.5.24-1ubuntu0.3 (Accepted)

Leonidas S. Barbosa Mon, 22 Jun 2020 07:36:04 -0700

mutt (1.5.24-1ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Man-in-the-middle attack
    - debian/patches/CVE-2020-14093.patch: prevent
      possible IMAP MITM via PREAUTH response in imap/imap.c.
    - CVE-2020-14093
  * SECURITY UPDATE: Connection even if the user rejects an
    expired intermediate certificate
    - debian/patches/CVE-2020-14154-1.patch: fix GnuTLS tls_verify_peers()
      checking in mutt_ssl_gnutls.c.
    - debian/patches/CVE-2020-14154-2.patch: Abort GnuTLS certificate if a
      cert in the chain is rejected in mutt_ssl_gnutls.c.
    - debian/patches/CVE-2020-14154-3.patch: fix GnuTLS interactive prompt
      short-circuiting in mutt_ssl_gnutls.c.
    - CVE-2020-14154


Date: 2020-06-19 14:22:16.736314+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/mutt/1.5.24-1ubuntu0.3

Sorry, changesfile not available.

-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] mutt 1.5.24-1ubuntu0.3 (Accepted)

Reply via email to