[Bug 259172] mail/squirrelmail: Request to update to a newer snapshot

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 259172] mail/squirrelmail: Request to update to a newer snapshot"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 15 Oct 2021 16:34:07 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259172

James B. Byrne <byrnejb@harte-lyne.ca> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |byrnejb@harte-lyne.ca

--- Comment #1 from James B. Byrne <byrnejb@harte-lyne.ca> ---
Please see:
https://forums.freebsd.org/threads/has-squirrelmail-cve-2020-14933-been-patched.82447/#post-537027

Project team claims there is no vulnerability. Investigation shows that this
CVE was created through a misinformed post on Openwall
(https://www.openwall.com/lists/oss-security/2020/06/20/1). 

However, to negate this CVE requires a notice be sent to NIST by either the
vendor (FreeBSD) or the developer (SquirrelMail) or both.

-- 
You are receiving this mail because:
You are the assignee for the bug.