msmtp
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | A mini smtp client |
| Version | 1.8.27-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-905 | 1.8.2-1 | 1.8.3-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2019-8337 | AVG-905 | High | Yes | Certificate verification bypass | In msmtp 1.8.2, when tls_trust_file has its default configuration, certificate-verification results are not properly checked. |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 17 Feb 2019 | ASA-201902-22 | AVG-905 | High | certificate verification bypass |