Fedora 31: alpine 2020-f822ea9330

Date 02 Jul 2020

Category Fedora Linux Distribution - Security Advisories

426

Posted By LinuxSecurity Advisories

2.23 fixes CVE-2020-14929 (#1850048,#1850047) and new version (#1848786)

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-f822ea9330
2020-07-03 01:36:57.651019
--------------------------------------------------------------------------------

Name        : alpine
Product     : Fedora 31
Version     : 2.23
Release     : 2.fc31
URL         : https://alpine.x10host.com/
Summary     : powerful, easy to use console email client
Description :
Alpine -- an Alternatively Licensed Program for Internet
News & Email -- is a tool for reading, sending, and managing
electronic messages.  Alpine is the successor to Pine and was
developed by Computing & Communications at the University of
Washington.
  Though originally designed for inexperienced email users,
Alpine supports many advanced features, and an ever-growing number of
configuration and personal-preference options.
Changes and enhancements over pine:
  * Released under the Apache Software License, Version 2.0.
  * Internationalization built around new internal Unicode support.
  * Ground-up reorganization of source code around new "pith/" core
routine library.
  * Ground-up reorganization of build and install procedure based on
GNU Build System's autotools.

--------------------------------------------------------------------------------
Update Information:

2.23 fixes CVE-2020-14929 (#1850048,#1850047) and new version (#1848786)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 23 2020 josef radinger  - 2.23-2
- 2.23 fixes CVE-2020-14929 (#1850048) and new version (#1848786)
* Mon Jun 22 2020 josef radinger  - 2.23-1
- bump version
- update patch2 alpine-2.23-gcc10.patch
* Tue Mar 24 2020 josef radinger  - 2.22-1
- bump version
* Thu Feb 13 2020 Than Ngo  - 2.21-13
- fixed multiple definition of symbols
* Tue Jan 28 2020 Fedora Release Engineering  - 2.21-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1850047 - CVE-2020-14929 alpine: silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH
        https://bugzilla.redhat.com/show_bug.cgi?id=1850047
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-f822ea9330' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.