Source: qmail
Severity: important
Tags: security

The source package embeds the qmail TLS patch, which is affected by
this STARTTLS issue:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1431

It appears as if the TLS patch isn't applied, it makes sense however
to update the patch anyway.

BTW, shouldn't this package be removed altogether now that netqmail
is in the archive?

Cheers,
        Moritz

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.1.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to