Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 16.04 LTS: USN-4598-1 Critical: LibEtPan Network Threat

ubuntu
Calendar Grey October 22, 2020
Dist Ubuntu Esm H88
A security flaw in LibEtPan on Ubuntu 16.04 LTS could potentially leak critical data through network channels. Immediate updates are advised.
LibEtPan could be made to expose sensitive information over the network.

Summary

LibEtPan could be made to expose sensitive information over the network.

Software Description:

- libetpan: Mail Framework for C Language

Details:

It was discovered that LibEtPan incorrectly handled STARTTLS when using

IMAP, SMTP and POP3. A remote attacker could possibly use this issue

to perform a response injection attack. (CVE-2020-15953)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  libetpan-dev                    1.6-1ubuntu0.1
  libetpan17                      1.6-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4598-1

CVE-2020-15953

Severity
critical
Lowest
Low
Medium
High
Critical

October 22, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here