Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 17 Feb 2014 11:27:47 +1100
From: Murray McAllister <mmcallis@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE request: "imapsync ignores the --tls switch and sends my authentication
 plaintext."

Hello,

https://bugs.mageia.org/show_bug.cgi?id=12770 notes that imapsync 1.584 
fixes a security issue, "Bug fix: Check if going to tls is ok, exit 
otherwise with explicit error message. Thanks to Dennis Schridde for 
reporting this ugly bug that deserves a CVE."

Upstream bug: https://github.com/imapsync/imapsync/issues/15

Can a CVE please be assigned if one has not been already?

Thanks,

--
Murray McAllister / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ