Menu

Security vulnerability has been fixed

All protocols supporting STARTTLS command were vulnerable to plaintext injection CVE-2011-0411 til today. A fix is available in CVS:

http://openfwtk.cvs.sourceforge.net/viewvc/openfwtk/fwtk/libem/emiossl.c?r1=1.3&r2=1.4

Binary packages are not updated yet as it is relatively low impact; let me know if you need it immediately.

Posted by ArkanoiD 2011-04-11

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.