[Git][security-tracker-team/security-tracker][master] Add references for neomutt
Salvatore Bonaccorso
carnil at debian.org
Fri Jun 19 19:50:47 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1e481167 by Salvatore Bonaccorso at 2020-06-19T20:49:28+02:00
Add references for neomutt
As special case of the neomutt fork of mutt the three CVEs for mutt
affect as well the neomutt source package. Track the respective CVE
entries as well for neomutt.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -316,6 +316,7 @@ CVE-2015-9548
RESERVED
CVE-2020-XXXX [MITM response injection attack when using STARTTLS with IMAP, POP3 and SMTP]
- mutt 1.14.4-1
+ - neomutt 20200619+dfsg.1-1
NOTE: https://gitlab.com/muttmua/mutt/commit/c547433cdf2e79191b15c6932c57f1472bfb5ff4
CVE-2020-14446 (An issue was discovered in WSO2 Identity Server through 5.10.0 and WSO ...)
NOT-FOR-US: WSO2 Identity Server
@@ -956,6 +957,7 @@ CVE-2020-14155 (libpcre in PCRE before 8.44 allows an integer overflow via a lar
NOTE: Fixed by: https://vcs.pcre.org/pcre?view=revision&revision=1761 (8.44)
CVE-2020-14154 (Mutt before 1.14.3 proceeds with a connection even if, in response to ...)
- mutt 1.14.3-1 (unimportant)
+ - neomutt 20200619+dfsg.1-1 (unimportant)
NOTE: http://lists.mutt.org/pipermail/mutt-announce/Week-of-Mon-20200608/000022.html
NOTE: https://gitlab.com/muttmua/mutt/commit/bb0e6277a45a5d4c3a30d3b968eeb31d78124e95
NOTE: https://gitlab.com/muttmua/mutt/commit/5fccf603ebcf352ba783136d6b2d2600d811fb3b
@@ -1111,6 +1113,7 @@ CVE-2017-18869 (A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10
NOTE: https://snyk.io/vuln/npm:chownr:20180731
CVE-2020-14093 (Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attac ...)
- mutt 1.14.3-1 (bug #962897)
+ - neomutt 20200619+dfsg.1-1
NOTE: https://gitlab.com/muttmua/mutt/commit/3e88866dc60b5fa6aaba6fd7c1710c12c1c3cd01
CVE-2020-14092
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e4811675d9b126257b623d9923ba3c3e50e1c49
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e4811675d9b126257b623d9923ba3c3e50e1c49
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200619/18fbc2c3/attachment.html>
More information about the debian-security-tracker-commits
mailing list