[SECURITY] Fedora 31 Update: alpine-2.23-2.fc31

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-f822ea9330 2020-07-03 01:36:57.651019 -------------------------------------------------------------------------------- Name : alpine Product : Fedora 31 Version : 2.23 Release : 2.fc31 URL : http://alpine.x10host.com/ Summary : powerful, easy to use console email client Description : Alpine -- an Alternatively Licensed Program for Internet News & Email -- is a tool for reading, sending, and managing electronic messages. Alpine is the successor to Pine and was developed by Computing & Communications at the University of Washington. Though originally designed for inexperienced email users, Alpine supports many advanced features, and an ever-growing number of configuration and personal-preference options. Changes and enhancements over pine: * Released under the Apache Software License, Version 2.0. * Internationalization built around new internal Unicode support. * Ground-up reorganization of source code around new "pith/" core routine library. * Ground-up reorganization of build and install procedure based on GNU Build System's autotools. -------------------------------------------------------------------------------- Update Information: 2.23 fixes CVE-2020-14929 (#1850048,#1850047) and new version (#1848786) -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 23 2020 josef radinger <cheese(a)nosuchhost.net&gt; - 2.23-2 - 2.23 fixes CVE-2020-14929 (#1850048) and new version (#1848786) * Mon Jun 22 2020 josef radinger <cheese(a)nosuchhost.net&gt; - 2.23-1 - bump version - update patch2 alpine-2.23-gcc10.patch * Tue Mar 24 2020 josef radinger <cheese(a)nosuchhost.net&gt; - 2.22-1 - bump version * Thu Feb 13 2020 Than Ngo <than(a)redhat.com&gt; - 2.21-13 - fixed multiple definition of symbols * Tue Jan 28 2020 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 2.21-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1850047 - CVE-2020-14929 alpine: silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH https://bugzilla.redhat.com/show_bug.cgi?id=1850047 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-f822ea9330' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------