Bug List

Sat Aug 10 2024 09:13:34 UTC
Clicking on a bug field’s label takes you to its help topic. You can scroll that page to review other help topics.

Hide Search Description

Bug ID: 1187419, 1189820, 1174457, 1190069, 1174711, 1189316, 1174580, 1181414, 1174712, 1188275, 1173910, 1173197, 1189314, 1174579, 1190174, 1172935, 1189634

17 bugs found.

ID▲	Product	Comp	Assignee	Status	Resolution	Summary	Changed
1172935	SUSE Security Incidents	Incidents	security-team	RESO	FIXE	VUL-0: CVE-2020-14093: mutt,neomutt: IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response	2023-10-13
1173197	SUSE Security Incidents	Incidents	security-team	RESO	FIXE	VUL-0: CVE-2020-14954: mutt,neomutt: STARTTLS buffering issue allowing MITM of IMAP, SMTP and POP3	2023-10-13
1173910	SUSE Security Incidents	Incidents	security-team	RESO	FIXE	VUL-0: CVE-2020-14928: evolution-data-server: Response Injection via STARTTLS in SMTP and POP3	2021-08-09
1174457	openSUSE Distribution	Security	security-team	RESO	FIXE	VUL-1: CVE-2020-15917: claws-mail: protocol violation because suffix data after STARTTLS is mishandled	2021-08-09
1174579	openSUSE Distribution	Security	forgotten_4yKfwBnymp	RESO	FIXE	VUL-0: CVE-2020-15953: libetpan: response injection via STARTTLS in IMAP	2021-08-09
1174580	openSUSE Distribution	Security	opensuse-kde-bugs	NEW	---	VUL-0: CVE-2020-15954: kmail: engages in unencrypted POP3 communication during times when the UI indicates that encryption is in use	2021-08-09
1174711	openSUSE Distribution	Security	security-team	RESO	FIXE	VUL-1: CVE-2020-16118: balsa: a malicious server or MITM can trigger a NULL pointer dereference	2021-08-09
1174712	SUSE Security Incidents	Incidents	security-team	RESO	FIXE	VUL-1: CVE-2020-16117: evolution-data-server: a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid CAPABILITY line	2021-08-09
1181414	SUSE Security Incidents	Incidents	cgrobertson	RESO	FIXE	VUL-0: CVE-2021-23953,CVE-2021-23954,CVE-2020-26976,CVE-2021-23960,CVE-2021-23964: MozillaFirefox,MozillaThunderbird: Update to 78.7 ESR /85 (MFSA 2021-3, MFSA 2021-4)	2022-09-06
1187419	SUSE Security Incidents	Incidents	security-team	RESO	FIXE	VUL-0: CVE-2021-33515: dovecot,dovecot22,dovecot23: Attacker can potentially steal user credentials and mails	2022-08-18
1188275	SUSE Security Incidents	Incidents	martin.sirringhaus	RESO	FIXE	VUL-0: MozillaFirefox,MozillaThunderbird: update to 90 and 78.12.0esr	2022-09-06
1189314	SUSE Security Incidents	Incidents	security-team	NEW	---	VUL-1: CVE-2021-38371: exim: The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.	2021-08-11
1189316	SUSE Security Incidents	Incidents	security-team	RESO	FIXE	VUL-1: CVE-2021-38370: alpine: In Alpine through 2.24, untagged responses from an IMAP server are accepted before STARTTLS.	2024-07-23
1189634	openSUSE Distribution	Other	security-team	RESO	FIXE	VUL-1: CVE-2021-3716: nbdkit: STARTTLS vulnerability for nbdkit	2022-02-22
1189820	SUSE Security Incidents	Incidents	kde-maintainers	RESO	INVA	VUL-1: CVE-2021-38372: trojita: man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS.	2024-07-23
1190069	SUSE Security Incidents	Incidents	security-team	RESO	WONT	VUL-0: CVE-2021-39272: fetchmail: STARTTLS session encryption bypassing	2022-09-30
1190174	SUSE Security Incidents	Incidents	kde-maintainers	NEW	---	VUL-0: CVE-2021-38373: kmail: STARTTLS is ignored when "Server requires authentication" not checked in UI	2021-09-03

17 bugs found.