Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.

Related bugs and status

CVE-2020-14154 (Candidate) is related to these bugs:

Bug #1884588: Certificate problems sending mail

		In	Importance	Status
1884588	Certificate problems sending mail	mutt (Ubuntu)	Undecided	Fix Released
1884588	Certificate problems sending mail	mutt (Ubuntu Precise)	Undecided	Fix Released
1884588	Certificate problems sending mail	mutt (Ubuntu Eoan)	Undecided	Fix Released
1884588	Certificate problems sending mail	mutt (Ubuntu Xenial)	Undecided	Fix Released
1884588	Certificate problems sending mail	mutt (Ubuntu Bionic)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://lists.mutt.org/...
MISC: http://www.mutt.org
MISC: https://bugs.gentoo.or...
SUSE: openSUSE-SU-2020:0903
SUSE: openSUSE-SU-2020:0915
UBUNTU: USN-4401-1
GENTOO: GLSA-202007-57