3 Jul
2020
3 Jul
'20
11:25
Hi, after upgrade to mutt 1.14.4 I could not connect to my mail server anymore. I use a preconnect tunnel using ssh to start imapd, but now only get "Encrypted connection unavailable". Found this one: https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1751067.ht... Indeed, setting ssl_starttls=no makes it work again. Assuming it's already reported upstream - should I file a boo report or not? It's at least a nasty one as it breaks existing working configurations... Dominique Leuenberger wrote:
Packages changed: mutt (1.14.1 -> 1.14.4) ==== mutt ==== Version update (1.14.1 -> 1.14.4) Subpackages: mutt-doc mutt-lang
- Update to 1.14.4 - bug-fix release (boo#1173197, CVE-2020-14954)
- Fix STARTTLS response injection attack.
- Update to 1.14.3 - bug-fix release (boo#1172906, boo#1172935, CVE-2020-14093, CVE-2020-14154)
- Prevent possible IMAP MITM via PREAUTH response.
- expired where certs not properly rejected with GnuTLS
- Fix GnuTLS interactive prompt short-circuiting.
- Abort GnuTLS certificate check if a cert in the chain is rejected.
- Fix GnuTLS tls_verify_peers() checking.
- Fix GNUTLS_E_NO_CERTIFICATE_FOUND check to be against verify_ret instead of certstat.
- Fix gnutls_strerror() call to use verify_ret instead of certstat.
- Modify/refresh patches
- aw.listreply.diff
- bsc907453-CVE-2014-9116-jessie.patch
- bug-676388-largefile.patch
- mutt-1.10.1-imap.patch
- mutt-1.13.3.dif
- mutt-1.5.15-wrapcolumn.diff
- mutt-1.5.20-sendgroupreplyto.diff
- mutt-1.5.21-mailcap.diff
- mutt-1.5.23-carriage-return.path
- mutt-1.5.9i-pgpewrap.diff
- mutt-1.6.1-opennfs.dif
- mutt-Fix-SIGQUIT-handling.patch
- patch-1.5.24.vk.pgp_verbose_mime
widechar.sidebar.dif
To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org