The vulnerability is caused due to the TLS implementation not properly clearing transport layer buffers when upgrading from plaintext to ciphertext after receiving the "STARTTLS" command. This can be exploited to insert arbitrary plaintext data (e.g. SMTP commands) during the plaintext phase, which will then be executed after upgrading to the TLS ciphertext phase.
The vulnerability is reported in versions prior to 4.2.1.
Update to version 4.2.1.
version 4.2.1 is now in portage.
Arches, please test and mark stable:
Target KEYWORDS="amd64 x86"
@security: please vote.
Thanks, everyone. GLSA vote: no.
(In reply to comment #4)
> @security: please vote.
Guys, before vote, just for your info, there is already a glsa request for this package ( bug 399157 )
Thanks, everyone. GLSA Vote: no too, closing noglsa.