[SECURITY] Fedora 11 Update: mutt-1.5.19-5.fc11

updates at fedoraproject.org updates at fedoraproject.org
Tue Jun 16 02:41:26 UTC 2009


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-6465
2009-06-15 22:08:41
--------------------------------------------------------------------------------

Name        : mutt
Product     : Fedora 11
Version     : 1.5.19
Release     : 5.fc11
URL         : http://www.mutt.org/
Summary     : A text mode mail user agent
Description :
Mutt is a small but very powerful text-based MIME mail client.  Mutt
is highly configurable, and is well suited to the mail power user with
advanced features like key bindings, keyboard macros, mail threading,
regular expression searches and a powerful pattern matching language
for selecting groups of messages.

--------------------------------------------------------------------------------
Update Information:

This update fixes a problem with SSL certificate chain verification
(CVE-2009-1390).
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun  9 2009 Miroslav Lichvar <mlichvar at redhat.com> 5:1.5.19-5
- fix certificate verification (CVE-2009-1390)
- add support for gnutls INSECURE_ALGORITHM error code (#499390)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #504979 - CVE-2009-1390 Mutt 1.5.19 SSL chain verification flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=504979
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update mutt' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the package-announce mailing list