oss-sec mailing list archives
Re: CVE Request(s): Getmail 4
From: cve-assign () mitre org
Date: Tue, 7 Oct 2014 13:45:25 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
http://pyropus.ca/software/getmail/CHANGELOG
Getmail 4.0.0 through 4.43.0 allows IMAP MITM with an arbitrary certificate
Use CVE-2014-7273.
Getmail 4.44.0 allows IMAP MITM with a valid/recognized certificate for an arbitrary hostname
Use CVE-2014-7274.
Getmail 4.0.0 through 4.44.0 allows POP MITM with an arbitrary certificate
Use CVE-2014-7275. 4.45.0: not vulnerable, although for multiple reasons 4.46.0: not vulnerable; all issues fixed - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJUNCZjAAoJEKllVAevmvmsaDoH/A6P+zvtqi/6ZUudBSYLYCju K1N9DmsfwjdPYbcnPqJfuZSfUpAlCTKa70NnsxSrP7Ud8nsEZgPRPsgJZ5Lg5fZC nU1A+GKKQzU1SGnhksdpwSEywz6qOEhLkDBIWw3Wzqg8oeTp2IziM0BN4WJQMfuQ hxZlQt20GucAzjBEyoAsuKdOL7s24XpitxJEUfex0rWUFxZrv347285O2aPSmJui k2P5koio6d4ty4e37aBD0a1EWS12bPrEs8k6XQQBlRWJTrVIupRlNpxDPxsNxtFk 7PPkxEJJfVC2XkA5PqBtzwaNeBB7HXT5Fzp5ngQdjntXKmMRqtpb/rRApxL1Y9Y= =wSw8 -----END PGP SIGNATURE-----
Current thread:
- CVE Request(s): Getmail 4 mancha (Oct 06)
- Re: CVE Request(s): Getmail 4 cve-assign (Oct 06)
- Re: CVE Request(s): Getmail 4 mancha (Oct 06)
- Re: CVE Request(s): Getmail 4 cve-assign (Oct 07)
- Re: CVE Request(s): Getmail 4 cve-assign (Oct 06)