Opened 2 years ago

Closed 2 years ago

Last modified 2 years ago

#13687 closed enhancement (fixed)


Reported by: Bruce Dubbs Owned by: ken@…
Priority: high Milestone: 10.0
Component: BOOK Version: SVN
Severity: normal Keywords:


New point version.

Change History (4)

comment:1 by ken@…, 2 years ago

Owner: changed from blfs-book to ken@…
Priority: normalhigh

Hello Mutt Users,

I've just released version 1.14.4. Instructions for downloading are available at <>, or the tarball can be directly downloaded from <>. Please take the time to verify the signature file against my public key.

This is an important security release fixing a possible machine-in-the-middle response injection attack when using STARTTLS with IMAP, POP3, and SMTP. (For packagers, I've requested a CVE and will update the website when I have the number).

Thanks again to Damian Poddebniak and Fabian Ising from the Münster University of Applied Sciences for reporting this issue, including providing exhaustive tests.


comment:2 by ken@…, 2 years ago

Resolution: fixed
Status: newclosed

comment:3 by Bruce Dubbs, 2 years ago

Milestone: 9.210,0

Milestone renamed

comment:4 by Bruce Dubbs, 2 years ago

Milestone: 10,010.0

Milestone renamed

Note: See TracTickets for help on using tickets.