A weakness was discovered in Mutt and NeoMutt's TLS handshake handling
Package | mail-client/mutt on all architectures |
---|---|
Affected versions | < 2.0.2 |
Unaffected versions | >= 2.0.2 |
Package | mail-client/neomutt on all architectures |
---|---|
Affected versions | < 20201120 |
Unaffected versions | >= 20201120 |
Mutt is a small but very powerful text-based mail client.
NeoMutt is a command line mail reader (or MUA). It’s a fork of Mutt with added features.
A weakness in TLS handshake handling was found which may allow information disclosure.
A remote attacker may be able to cause information disclosure.
There is no known workaround at this time.
All Mutt users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=mail-client/mutt-2.0.2"
All NeoMutt users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=mail-client/neomutt-20201120"