Ubuntu
mutt package

Certificate problems sending mail

Bug #1884588 reported by Rolf Kutz
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
mutt (Ubuntu)
Fix Released
Undecided
Leonidas S. Barbosa
Precise
Fix Released
Undecided
Leonidas S. Barbosa
Xenial
Fix Released
Undecided
Leonidas S. Barbosa
Bionic
Fix Released
Undecided
Leonidas S. Barbosa
Eoan
Fix Released
Undecided
Leonidas S. Barbosa

Bug Description

Since the update to mutt-1.9.4-3ubuntu0.2 I see certificate errors when sending mail. I use letsencrypt certificates. Initially the cert is accepted, but later on I see different kind of errors on multiple tries to send mail. Before the update, sending mail worked fine. IMAP is still working without any problems.

I get 3 different error messages in a random order:

#####

Warning: Server certificate was signed using an insecure algorithm
Could not negotiate TLS connection

#####

This certificate belongs to:
   Let's Encrypt Authority X3
   Let's Encrypt

       US

This certificate was issued by:
   DST Root CA X3
   Digital Signature Trust Co.

This certificate is valid
   from Thu, 17 Mar 2016 16:40:46 UTC
     to Wed, 17 Mar 2021 16:40:46 UTC
SHA1 Fingerprint: E6A3 B45B 062D 509B 3382 282D 196E FE97 D595 6CCB
MD5 Fingerprint: B154 0927 4F54 AD8F 023D 3B85 A5EC EC5D

WARNING: Server certificate has been revoked

(r)eject, accept (o)nce

#####

This certificate belongs to:
   Let's Encrypt Authority X3
   Let's Encrypt

       US

This certificate was issued by:
   DST Root CA X3
   Digital Signature Trust Co.

This certificate is valid
   from Thu, 17 Mar 2016 16:40:46 UTC
     to Wed, 17 Mar 2021 16:40:46 UTC
SHA1 Fingerprint: E6A3 B45B 062D 509B 3382 282D 196E FE97 D595 6CCB
MD5 Fingerprint: B154 0927 4F54 AD8F 023D 3B85 A5EC EC5D

(r)eject, accept (o)nce

#####

I'm using

set smtp_url=smtp://USERNAME@SERVER:587

to configure the outgoing mail.

I cannot permanently accept the certificate for sending, but if i temporary accept it, mail is send ok.

I wonder why there show different messages when trying to send an email? Why does it sometimes show a "Server certificate has been revoked" warning?

If you need additional information, I will try to provide them.

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: mutt 1.9.4-3ubuntu0.2
ProcVersionSignature: Ubuntu 5.3.0-59.53~18.04.1-generic 5.3.18
Uname: Linux 5.3.0-59-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.15
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Mon Jun 22 20:45:00 2020
InstallationDate: Installed on 2019-02-24 (484 days ago)
InstallationMedia: Ubuntu 18.04.2 LTS "Bionic Beaver" - Release amd64 (20190210)
SourcePackage: mutt
UpgradeStatus: Upgraded to bionic on 2020-05-13 (40 days ago)

CVE References

Revision history for this message
Rolf Kutz (vzsze) wrote :
Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

Hi Rolf,

Thanks for report this issue, I'm investigating it. Could you please provide any detailed ways in how to reproduce this?

Thanks!

Changed in mutt (Ubuntu):
assignee: nobody → Leonidas S. Barbosa (leosilvab)
Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

I believe I found the issue, as I was already preparing a new update regarding a new vulnerability that just pop up, I'll soon push a new version address this issue too, and would like to know if you can test it, soon as I push it to security-proposed?

Thanks!

Revision history for this message
Rolf Kutz (vzsze) wrote :

You can reproduce the issue by trying to send an email.

Of cause I can help to test a new version, when it appears in security-proposed.

Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

Yep, I did tested it previously but could not trigger it somehow...anyway
There is already a ~test version with the fix, could you try it please?

1.9.4-3ubuntu0.2 to 1.9.4-3ubuntu0.3~test1 ( https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages )

Revision history for this message
Rolf Kutz (vzsze) wrote :

With 1.9.4-3ubuntu0.3~test1 mail can be send without the warnings and error messages. This fixes the bug for me.

Do you need any additional testing by my of the packages?

Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

Awesome! I think that covers the regression issue so far. I'll issue a new update soon as possibly addressin it in a proper version number.

Thanks a lot Rolf!!

Revision history for this message
Rolf Kutz (vzsze) wrote :

Thank you for the very fast fix!

Leonidas S. Barbosa (leosilvab)
Changed in mutt (Ubuntu):
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mutt - 1.10.1-2.1ubuntu0.2

---------------
mutt (1.10.1-2.1ubuntu0.2) eoan-security; urgency=medium

  * SECURITY UPDATE: Man-in-the-middle attack
    - debian/patches/CVE-2020-14954.patch: fix STARTTLS response injection
      attack clearing the CONNECTION input buffer in mutt_ssl_starttls() in
      mutt_socket.c, mutt_socket.h, mutt_ssl.c, mutt_ssl_gnutls.c.
    - CVE-2020-14954
  * Redoing patch CVE-2020-14154-1, that causes a possibly regression (LP: #1884588)

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 22 Jun 2020 15:27:39 -0300

Changed in mutt (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mutt - 1.9.4-3ubuntu0.3

---------------
mutt (1.9.4-3ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: Man-in-the-middle attack
    - debian/patches/CVE-2020-14954.patch: fix STARTTLS response injection
      attack clearing the CONNECTION input buffer in mutt_ssl_starttls() in
      mutt_socket.c, mutt_socket.h, mutt_ssl.c, mutt_ssl_gnutls.c.
    - CVE-2020-14954
  * Redoing patch CVE-2020-14154-1, that causes a possibly regression (LP: #1884588)

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 22 Jun 2020 15:33:12 -0300

Changed in mutt (Ubuntu):
status: In Progress → Fix Released
Leonidas S. Barbosa (leosilvab)
Changed in mutt (Ubuntu Precise):
status: New → Fix Released
Changed in mutt (Ubuntu Xenial):
status: New → Fix Released
Changed in mutt (Ubuntu Bionic):
status: New → Fix Released
Changed in mutt (Ubuntu Eoan):
status: New → Fix Released
Changed in mutt (Ubuntu Precise):
assignee: nobody → Leonidas S. Barbosa (leosilvab)
Changed in mutt (Ubuntu Xenial):
assignee: nobody → Leonidas S. Barbosa (leosilvab)
Changed in mutt (Ubuntu Bionic):
assignee: nobody → Leonidas S. Barbosa (leosilvab)
Changed in mutt (Ubuntu Eoan):
assignee: nobody → Leonidas S. Barbosa (leosilvab)
Revision history for this message
Jerin Jacob (jerinj) wrote :

Hi All,

I am facing the same issue with 1.9.4-3ubuntu0.2

I tried installing mutt version 1.9.4-3ubuntu0.3, but it gives me message that Version was not found.

More detail in the attached snapshot.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.