AVG-2326 log

Package fetchmail
Status Fixed
Severity Medium
Type information disclosure
Affected 6.4.21-1
Fixed 6.4.22-1
Current 6.4.39-1 [extra]
Ticket None
Created Fri Aug 27 10:13:38 2021
Issue Severity Remote Type Description
CVE-2021-39272 Medium Yes Information disclosure
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.