Mutt, NeoMutt: Information disclosure

Mutt, NeoMutt: Information disclosure A weakness was discovered in Mutt and NeoMutt's TLS handshake handling NeoMutt 2021-01-26 2021-01-26 755833 755866 remote 2.0.2 2.0.2 20201120 20201120

Mutt is a small but very powerful text-based mail client.

NeoMutt is a command line mail reader (or MUA). It’s a fork of Mutt with added features.

A weakness in TLS handshake handling was found which may allow information disclosure.

A remote attacker may be able to cause information disclosure.

There is no known workaround at this time.

All Mutt users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=mail-client/mutt-2.0.2"

All NeoMutt users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=mail-client/neomutt-20201120"

CVE-2020-28896 sam_c sam_c