+++ This bug was initially created as a clone of Bug #175021 +++ The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions.
mail-client/sylpheed-claws-2.4.0 which is already in the tree fixes this security bug.
mail-client/sylpheed-claws is dead dummy ebuild (and there's no 2.4.0 in the tree) *** This bug has been marked as a duplicate of bug 176805 ***
Typo in package name, affected package is sylpheed (all those claws apparently got me confused). Arches please test and mark stable. Target keywords are: sylpheed-2.4.0.ebuild:KEYWORDS="~alpha amd64 hppa ia64 ppc ppc64 sparc x86"
sparc stable.
ppc64 stable
x86 done
ia64 stable
ppc stable
amd64 stable
Sorry for the late response. Stable for HPPA.
This one is ready for GLSA vote. I tend to vote NO.
voting no
No again.
Closing with NO GLSA.