From d7ed2b01311f15ba54fe8ea872aab7d59ab2b193 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Fri, 29 Jan 2021 18:03:51 +0000 Subject: gentoo resync : 29.01.2021 --- metadata/glsa/glsa-202101-32.xml | 62 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 metadata/glsa/glsa-202101-32.xml (limited to 'metadata/glsa/glsa-202101-32.xml') diff --git a/metadata/glsa/glsa-202101-32.xml b/metadata/glsa/glsa-202101-32.xml new file mode 100644 index 000000000000..2c1a6dd3ef52 --- /dev/null +++ b/metadata/glsa/glsa-202101-32.xml @@ -0,0 +1,62 @@ + + + + Mutt, NeoMutt: Information disclosure + A weakness was discovered in Mutt and NeoMutt's TLS handshake + handling + + NeoMutt + 2021-01-26 + 2021-01-26 + 755833 + 755866 + remote + + + 2.0.2 + 2.0.2 + + + 20201120 + 20201120 + + + +

Mutt is a small but very powerful text-based mail client.

+ +

NeoMutt is a command line mail reader (or MUA). It’s a fork of Mutt + with added features. +

+ + +

A weakness in TLS handshake handling was found which may allow + information disclosure. +

+ + +

A remote attacker may be able to cause information disclosure.

+ + +

There is no known workaround at this time.

+ + +

All Mutt users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-client/mutt-2.0.2" + + +

All NeoMutt users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-client/neomutt-20201120" + + + + CVE-2020-28896 + + sam_c + sam_c + -- cgit v1.2.3