ALT-PU-2014-1689-1

Package update claws-mail in branch sisyphus

Version3.10.0-alt1

Published2014-05-26

Max severityMEDIUM

Severity:

Closed issues (1)

MEDIUM6.8

plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.

Published: 2014-10-15Modified: 2025-04-12

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P

References