[Buildroot] [PATCH 1/2] package/mutt: fix CVE-2020-14093

Thomas Petazzoni thomas.petazzoni at bootlin.com
Sat Jun 20 06:35:02 UTC 2020


On Sat, 20 Jun 2020 00:11:49 +0200
Fabrice Fontaine <fontaine.fabrice at gmail.com> wrote:

> Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack
> via a PREAUTH response.
> 
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
> ---
>  ...sible-IMAP-MITM-via-PREAUTH-response.patch | 60 +++++++++++++++++++
>  package/mutt/mutt.mk                          |  3 +
>  2 files changed, 63 insertions(+)
>  create mode 100644 package/mutt/0003-Prevent-possible-IMAP-MITM-via-PREAUTH-response.patch

Both applied, thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com


More information about the buildroot mailing list