[Git][security-tracker-team/security-tracker][master] Add notes on regression for CVE-2020-14093

Wed Jun 24 19:45:54 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
006cf22e by Salvatore Bonaccorso at 2020-06-24T20:45:14+02:00
Add notes on regression for CVE-2020-14093

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2238,7 +2238,9 @@ CVE-2020-14093 (Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle
 	{DSA-4708-1 DSA-4707-1}
 	- mutt 1.14.3-1 (bug #962897)
 	- neomutt 20200619+dfsg.1-1
-	NOTE: https://gitlab.com/muttmua/mutt/commit/3e88866dc60b5fa6aaba6fd7c1710c12c1c3cd01
+	NOTE: Fixed by: https://gitlab.com/muttmua/mutt/commit/3e88866dc60b5fa6aaba6fd7c1710c12c1c3cd01
+	NOTE: Fix for CVE-2020-14093 introduces a regression, cf. #963107
+	NOTE: Regression fixed by: https://gitlab.com/muttmua/mutt/-/commit/dc909119b3433a84290f0095c0f43a23b98b3748
 CVE-2020-14092
 	RESERVED
 CVE-2020-14091



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/006cf22ebcf5cd16d59217ff17cd1422e44a700a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/006cf22ebcf5cd16d59217ff17cd1422e44a700a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200624/412305c2/attachment.html>
