CVE status and regression in 1.14.3 release

Kevin J. McCarthy kevin at 8t8.us
Sun Jun 21 17:29:15 UTC 2020


On Sat, Jun 20, 2020 at 02:49:56PM -0700, Kevin J. McCarthy wrote:
>In the release for 1.14.4, I promised a CVE number, but I have had no 
>success so far, despite waiting a day and submitting again.  I may 
>just be doing something wrong, so if any packager with more experience 
>creating CVEs would like to do so for that release, I would greatly 
>appreciate it.  (Perhaps also sending an email to mutt-dev, to avoid 
>multiple submissions).

I've just received the assignment CVE-2020-14954 for the STARTTLS 
buffering issue.

Thank you everyone,

-Kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.mutt.org/pipermail/mutt-users/attachments/20200621/ad65d48e/attachment.asc>


More information about the Mutt-users mailing list