DescriptionAlpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
|National Vulnerability Database|
|National Vulnerability Database||SUSE|
- openSUSE-SU-2021:0675-1, published Thu May 6 18:39:52 2021
- openSUSE-SU-2021:0695-1, published Mon May 10 00:38:47 2021
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Package Hub for SUSE Linux Enterprise 15 SP1|| ||Patchnames:
|SUSE Package Hub for SUSE Linux Enterprise 15 SP2|| ||Patchnames:
|openSUSE Leap 15.2|| ||Patchnames: