[Git][security-tracker-team/security-tracker][master] Add references for neomutt

Salvatore Bonaccorso carnil at debian.org
Fri Jun 19 19:50:47 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1e481167 by Salvatore Bonaccorso at 2020-06-19T20:49:28+02:00
Add references for neomutt

As special case of the neomutt fork of mutt the three CVEs for mutt
affect as well the neomutt source package. Track the respective CVE
entries as well for neomutt.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -316,6 +316,7 @@ CVE-2015-9548
 	RESERVED
 CVE-2020-XXXX [MITM response injection attack when using STARTTLS with IMAP, POP3 and SMTP]
 	- mutt 1.14.4-1
+	- neomutt 20200619+dfsg.1-1
 	NOTE: https://gitlab.com/muttmua/mutt/commit/c547433cdf2e79191b15c6932c57f1472bfb5ff4
 CVE-2020-14446 (An issue was discovered in WSO2 Identity Server through 5.10.0 and WSO ...)
 	NOT-FOR-US: WSO2 Identity Server
@@ -956,6 +957,7 @@ CVE-2020-14155 (libpcre in PCRE before 8.44 allows an integer overflow via a lar
 	NOTE: Fixed by: https://vcs.pcre.org/pcre?view=revision&revision=1761 (8.44)
 CVE-2020-14154 (Mutt before 1.14.3 proceeds with a connection even if, in response to  ...)
 	- mutt 1.14.3-1 (unimportant)
+	- neomutt 20200619+dfsg.1-1 (unimportant)
 	NOTE: http://lists.mutt.org/pipermail/mutt-announce/Week-of-Mon-20200608/000022.html
 	NOTE: https://gitlab.com/muttmua/mutt/commit/bb0e6277a45a5d4c3a30d3b968eeb31d78124e95
 	NOTE: https://gitlab.com/muttmua/mutt/commit/5fccf603ebcf352ba783136d6b2d2600d811fb3b
@@ -1111,6 +1113,7 @@ CVE-2017-18869 (A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10
 	NOTE: https://snyk.io/vuln/npm:chownr:20180731
 CVE-2020-14093 (Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attac ...)
 	- mutt 1.14.3-1 (bug #962897)
+	- neomutt 20200619+dfsg.1-1
 	NOTE: https://gitlab.com/muttmua/mutt/commit/3e88866dc60b5fa6aaba6fd7c1710c12c1c3cd01
 CVE-2020-14092
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e4811675d9b126257b623d9923ba3c3e50e1c49

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e4811675d9b126257b623d9923ba3c3e50e1c49
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200619/18fbc2c3/attachment.html>

More information about the debian-security-tracker-commits mailing list