Security vulnerability has been fixed

All protocols supporting STARTTLS command were vulnerable to plaintext injection CVE-2011-0411 til today. A fix is available in CVS:

Binary packages are not updated yet as it is relatively low impact; let me know if you need it immediately.

Posted by ArkanoiD 2011-04-11

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks