[Bug 1884588] Re: Certificate problems sending mail
Launchpad Bug Tracker
1884588 at bugs.launchpad.net
Wed Jun 24 16:36:11 UTC 2020
This bug was fixed in the package mutt - 1.9.4-3ubuntu0.3
---------------
mutt (1.9.4-3ubuntu0.3) bionic-security; urgency=medium
* SECURITY UPDATE: Man-in-the-middle attack
- debian/patches/CVE-2020-14954.patch: fix STARTTLS response injection
attack clearing the CONNECTION input buffer in mutt_ssl_starttls() in
mutt_socket.c, mutt_socket.h, mutt_ssl.c, mutt_ssl_gnutls.c.
- CVE-2020-14954
* Redoing patch CVE-2020-14154-1, that causes a possibly regression (LP: #1884588)
-- leo.barbosa at canonical.com (Leonidas S. Barbosa) Mon, 22 Jun 2020
15:33:12 -0300
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to mutt in Ubuntu.
https://bugs.launchpad.net/bugs/1884588
Title:
Certificate problems sending mail
Status in mutt package in Ubuntu:
Fix Released
Bug description:
Since the update to mutt-1.9.4-3ubuntu0.2 I see certificate errors
when sending mail. I use letsencrypt certificates. Initially the cert
is accepted, but later on I see different kind of errors on multiple
tries to send mail. Before the update, sending mail worked fine. IMAP
is still working without any problems.
I get 3 different error messages in a random order:
#####
Warning: Server certificate was signed using an insecure algorithm
Could not negotiate TLS connection
#####
This certificate belongs to:
Let's Encrypt Authority X3
Let's Encrypt
US
This certificate was issued by:
DST Root CA X3
Digital Signature Trust Co.
This certificate is valid
from Thu, 17 Mar 2016 16:40:46 UTC
to Wed, 17 Mar 2021 16:40:46 UTC
SHA1 Fingerprint: E6A3 B45B 062D 509B 3382 282D 196E FE97 D595 6CCB
MD5 Fingerprint: B154 0927 4F54 AD8F 023D 3B85 A5EC EC5D
WARNING: Server certificate has been revoked
(r)eject, accept (o)nce
#####
This certificate belongs to:
Let's Encrypt Authority X3
Let's Encrypt
US
This certificate was issued by:
DST Root CA X3
Digital Signature Trust Co.
This certificate is valid
from Thu, 17 Mar 2016 16:40:46 UTC
to Wed, 17 Mar 2021 16:40:46 UTC
SHA1 Fingerprint: E6A3 B45B 062D 509B 3382 282D 196E FE97 D595 6CCB
MD5 Fingerprint: B154 0927 4F54 AD8F 023D 3B85 A5EC EC5D
(r)eject, accept (o)nce
#####
I'm using
set smtp_url=smtp://USERNAME@SERVER:587
to configure the outgoing mail.
I cannot permanently accept the certificate for sending, but if i
temporary accept it, mail is send ok.
I wonder why there show different messages when trying to send an
email? Why does it sometimes show a "Server certificate has been
revoked" warning?
If you need additional information, I will try to provide them.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: mutt 1.9.4-3ubuntu0.2
ProcVersionSignature: Ubuntu 5.3.0-59.53~18.04.1-generic 5.3.18
Uname: Linux 5.3.0-59-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.15
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Mon Jun 22 20:45:00 2020
InstallationDate: Installed on 2019-02-24 (484 days ago)
InstallationMedia: Ubuntu 18.04.2 LTS "Bionic Beaver" - Release amd64 (20190210)
SourcePackage: mutt
UpgradeStatus: Upgraded to bionic on 2020-05-13 (40 days ago)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mutt/+bug/1884588/+subscriptions
More information about the foundations-bugs
mailing list