AVG-905

Package msmtp
Status Fixed
Severity High
Type certificate verification bypass
Affected 1.8.2-1
Fixed 1.8.3-1
Current 1.8.5-1 [extra]
Ticket None
Created Sun Feb 17 17:38:39 2019
Issue Severity Remote Type Description
CVE-2019-8337 High Yes Certificate verification bypass
In msmtp 1.8.2, when tls_trust_file has its default configuration, certificate-verification results are not properly checked.
Date Advisory Package Description
17 Feb 2019 ASA-201902-22 msmtp certificate verification bypass