Opened 15 months ago

Closed 15 months ago

Last modified 14 months ago

#13687 closed enhancement (fixed)

mutt-1.14.4

Reported by: Bruce Dubbs Owned by: ken@…
Priority: high Milestone: 10.0
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (4)

comment:1 by ken@…, 15 months ago

Owner: changed from blfs-book to ken@…
Priority: normalhigh

Hello Mutt Users,

I've just released version 1.14.4. Instructions for downloading are available at <http://www.mutt.org/download.html>, or the tarball can be directly downloaded from <http://ftp.mutt.org/pub/mutt/>. Please take the time to verify the signature file against my public key.

This is an important security release fixing a possible machine-in-the-middle response injection attack when using STARTTLS with IMAP, POP3, and SMTP. (For packagers, I've requested a CVE and will update the website when I have the number).

Thanks again to Damian Poddebniak and Fabian Ising from the Münster University of Applied Sciences for reporting this issue, including providing exhaustive tests.

-Kevin

comment:2 by ken@…, 15 months ago

Resolution: fixed
Status: newclosed

comment:3 by Bruce Dubbs, 14 months ago

Milestone: 9.210,0

Milestone renamed

comment:4 by Bruce Dubbs, 14 months ago

Milestone: 10,010.0

Milestone renamed

Note: See TracTickets for help on using tickets.