This is the mail archive of the cygwin-apps mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [SECURITY] mutt




On 1/1/2015 4:52 AM, Yaakov Selkowitz wrote:
Marco,

Please add the following patches to mutt:

* For CVE-2014-9116 (see
https://bugzilla.redhat.com/show_bug.cgi?id=1168463 for details):

http://pkgs.fedoraproject.org/cgit/mutt.git/plain/mutt-1.5.23-sendlib.patch

* All programs should use the system ca-certificates instead of bundling
their own (which are usually old, or become so quickly):

http://pkgs.fedoraproject.org/cgit/mutt.git/plain/mutt-1.5.21-cabundle.patch


While you are at it:

* Any reason not to configure with --enable-smtp?

none that I am aware. It was set in that way before I took over


* I just added gpgme to the distro.  This can be used in mutt by
installing libgpgme-devel and adding --enable-gpgme to the configure flags.

* Kerberos and SASL support can also be enabled by installing
libkrb5-devel and libsasl2-devel, and adding --enable-gss --enable-sasl
to the configure flags.

added both and and enabled smtp

Yaakov

Regards
Marco


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]