Lucene search
SuseOPENSUSE-SU-2020:0903-1HistoryJun 29, 2020 - 12:00 a.m.
Security update for mutt (important)
2020-06-2900:00:00
lists.opensuse.org
31
0.005 Low
EPSS
Percentile
76.3%
An update that fixes three vulnerabilities is now available.
Description:
This update for mutt fixes the following issues:
- CVE-2020-14954: Fixed a response injection due to a STARTTLS buffering
issue which was affecting IMAP, SMTP, and POP3 (bsc#1173197). - CVE-2020-14093: Fixed a potential IMAP Man-in-the-Middle attack via a
PREAUTH response (bsc#1172906, bsc#1172935). - CVE-2020-14154: Fixed an issue where Mutt was ignoring an expired
certificate and was proceeding with a connection (bsc#1172906,
bsc#1172935).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-903=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.1 | noarch | < - openSUSE Leap 15.1 (noarch): | - openSUSE Leap 15.1 (noarch):.noarch.rpm | |
| openSUSE Leap | 15.1 | x86_64 | < - openSUSE Leap 15.1 (x86_64): | - openSUSE Leap 15.1 (x86_64):.x86_64.rpm |
Related
nessus
nessus
openSUSE Security Update : mutt (openSUSE-2020-915)
2020-07-20 00:00:00
openSUSE Security Update : mutt (openSUSE-2020-903)
2020-07-20 00:00:00
GLSA-202007-57 : Mutt, Neomutt: Multiple vulnerabilities
2020-07-30 00:00:00
mageia
mageia
Updated mutt packages fix security vulnerabilities
2020-09-02 11:01:16
openvas
openvas
Mageia: Security Advisory (MGASA-2020-0357)
2022-01-28 00:00:00
openSUSE: Security Advisory for mutt (openSUSE-SU-2020:0903-1)
2020-06-30 00:00:00
Huawei EulerOS: Security Advisory for mutt (EulerOS-SA-2020-2109)
2020-09-29 00:00:00
suse
suse
Security update for mutt (important)
2020-06-30 00:00:00
Security update for neomutt (moderate)
2020-12-01 00:00:00
Security update for neomutt (moderate)
2020-12-04 00:00:00
gentoo
gentoo
Mutt, Neomutt: Multiple vulnerabilities
2020-07-28 00:00:00
ubuntu
ubuntu
Mutt vulnerabilities
2020-06-22 00:00:00
Mutt vulnerability and regression
2020-06-24 00:00:00
osv
osv
mutt - security update
2020-06-19 00:00:00
mutt - security update
2020-06-30 00:00:00
neomutt - security update
2020-06-21 00:00:00
debian
debian
[SECURITY] [DLA 2268-2] mutt regression update
2020-06-30 21:10:03
[SECURITY] [DLA 2268-1] mutt security update
2020-06-30 20:38:48
[SECURITY] [DSA 4708-1] neomutt security update
2020-06-21 21:02:05
amazon
amazon
Medium: mutt
2022-12-01 20:31:00
ubuntucve
ubuntucve
alpinelinux
alpinelinux
CVE-2020-14093
2020-06-15 05:15:11
prion
prion
Code injection
2020-06-15 17:15:00
Design/Logic Flaw
2020-06-21 17:15:00
Code injection
2020-06-15 05:15:00
redhatcve
redhatcve
freebsd
freebsd
Machine-in-the-middle response injection attack when using STARTTLS with IMAP, POP3, and SMTP
2020-06-16 00:00:00
IMAP fcc/postpone machine-in-the-middle attack
2020-06-14 00:00:00
veracode
veracode
TLS Response Injection
2020-09-21 06:33:20
Information Disclosure
2020-08-06 21:34:21
cvelist
cvelist
debiancve
debiancve
nvd
nvd
cve
cve
fedora
fedora
[SECURITY] Fedora 31 Update: mutt-1.14.5-1.fc31
2020-07-03 01:38:01
[SECURITY] Fedora 32 Update: mutt-1.14.5-1.fc32
2020-07-03 01:19:24
rosalinux
rosalinux
Advisory ROSA-SA-2021-1925
2021-07-02 17:31:43