Debian Security Advisory

DSA-4708-1 neomutt -- security update

Date Reported:
21 Jun 2020
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2020-14093, CVE-2020-14954.
More information:

Damian Poddebniak and Fabian Ising discovered two security issues in the STARTTLS handling of the Neomutt mail client, which could enable MITM attacks.

For the stable distribution (buster), these problems have been fixed in version 20180716+dfsg.1-1+deb10u1.

We recommend that you upgrade your neomutt packages.

For the detailed security status of neomutt please refer to its security tracker page at: