FEDORA-2020-13ae5f7221 created by mtasaka 2 months ago for Fedora 32
stable

A security flaw was found on libetpan which may allow malicious attacker to inject additional responses or mimic whole sessions. This vulnerability is now assined as CVE-2020-15953. This new rpm should fix this issue.

Logout Required
After installing this update it is required that you logout of your current user session and log back in to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --advisory=FEDORA-2020-13ae5f7221

This update has been submitted for testing by mtasaka.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update's test gating status has been changed to 'waiting'.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago
User Icon mschwendt commented & provided feedback 2 months ago
karma

Patches applied during build, and Claws Mail IMAP access continues to work.

BZ#1861071 CVE-2020-15953 libetpan: response injection via STARTTLS in IMAP [fedora-all]

This update has been pushed to testing.

2 months ago

This update can be pushed to stable now if the maintainer wishes

2 months ago

This update has been submitted for stable by bodhi.

2 months ago

This update has been pushed to stable.

2 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-30
Stable by Karma
2
Stable by Time
7 days
Dates
submitted
2 months ago
in testing
2 months ago
in stable
2 months ago
BZ#1861071 CVE-2020-15953 libetpan: response injection via STARTTLS in IMAP [fedora-all]
0
1

Automated Test Results