Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE request: "imapsync ignores the --tls switch and sends my authentication plaintext."
From: Murray McAllister <mmcallis () redhat com>
Date: Mon, 17 Feb 2014 11:27:47 +1100

Hello,

https://bugs.mageia.org/show_bug.cgi?id=12770 notes that imapsync 1.584 fixes a security issue, "Bug fix: Check if going to tls is ok, exit otherwise with explicit error message. Thanks to Dennis Schridde for reporting this ugly bug that deserves a CVE."

Upstream bug: https://github.com/imapsync/imapsync/issues/15

Can a CVE please be assigned if one has not been already?

Thanks,

--
Murray McAllister / Red Hat Security Response Team


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]