[Git][security-tracker-team/security-tracker][master] CVE-2020-14954/{mutt,neomutt} assigned for MITM response issue

Salvatore Bonaccorso carnil at debian.org
Sun Jun 21 19:56:16 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a549cd01 by Salvatore Bonaccorso at 2020-06-21T20:55:46+02:00
CVE-2020-14954/{mutt,neomutt} assigned for MITM response issue

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1275,10 +1275,8 @@ CVE-2016-11062 (An issue was discovered in Mattermost Server before 3.5.1. E-mai
 	NOT-FOR-US: Mattermost
 CVE-2015-9548 (An issue was discovered in Mattermost Server before 1.2.0. It allows a ...)
 	NOT-FOR-US: Mattermost
-CVE-2020-XXXX [MITM response injection attack when using STARTTLS with IMAP, POP3 and SMTP]
+CVE-2020-14954 [MITM response injection attack when using STARTTLS with IMAP, POP3 and SMTP]
 	- mutt 1.14.4-1
-	[stretch] - mutt 1.7.2-1+deb9u3
-	[buster] - mutt 1.10.1-2.1+deb10u2
 	- neomutt 20200619+dfsg.1-1
 	NOTE: https://gitlab.com/muttmua/mutt/commit/c547433cdf2e79191b15c6932c57f1472bfb5ff4
 CVE-2020-14446 (An issue was discovered in WSO2 Identity Server through 5.10.0 and WSO ...)


=====================================
data/DSA/list
=====================================
@@ -1,5 +1,5 @@
 [19 Jun 2020] DSA-4707-1 mutt - security update
-	{CVE-2020-14093}
+	{CVE-2020-14093 CVE-2020-14954}
 	[stretch] - mutt 1.7.2-1+deb9u3
 	[buster] - mutt 1.10.1-2.1+deb10u2
 [18 Jun 2020] DSA-4706-1 drupal7 - security update



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a549cd0170236df52070c6d07a5704634dc386f4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a549cd0170236df52070c6d07a5704634dc386f4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200621/db702f92/attachment.html>

More information about the debian-security-tracker-commits mailing list