Описание
IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| imapfilter | fixed | 1:2.6.13-1 | package | |
| imapfilter | no-dsa | buster | package | |
| imapfilter | no-dsa | stretch | package |
Примечания
https://github.com/lefcha/imapfilter/issues/142
Patch for support for hostname validation (requrires OpenSSL 1.1.0 and later):
https://github.com/lefcha/imapfilter/commit/bf2515da752eddd54973adb0853c6aa289e921b6
Patch for support for hostname validation (for OpenSSL 1.0.2 and later):
https://github.com/lefcha/imapfilter/commit/3daa2692e37fc52ce630e39a3fb6faf270c054b1
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 6 лет назад
IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.
CVSS3: 7.5
nvd
больше 6 лет назад
IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.
CVSS3: 7.5
github
больше 3 лет назад
IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.