automatic post-release commit for mutt-1.14.3mutt-1-14-3-rel

3 files changed, 124 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index 3b145b8f..8047b21a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,121 @@
+2020-06-14 11:30:00 -0700  Kevin McCarthy  <kevin@8t8.us> (3e88866d)
+
+        * Prevent possible IMAP MITM via PREAUTH response.
+        
+        This is similar to CVE-2014-2567 and CVE-2020-12398.  STARTTLS is not
+        allowed in the Authenticated state, so previously Mutt would
+        implicitly mark the connection as authenticated and skip any
+        encryption checking/enabling.
+        
+        No credentials are exposed, but it does allow messages to be sent to
+        an attacker, via postpone or fcc'ing for instance.
+        
+        Reuse the $ssl_starttls quadoption "in reverse" to prompt to abort the
+        connection if it is unencrypted.
+        
+        Thanks very much to Damian Poddebniak and Fabian Ising from the
+        Münster University of Applied Sciences for reporting this issue, and
+        their help in testing the fix.
+
+M	imap/imap.c
+
+2020-06-06 20:03:56 -0700  Kevin McCarthy  <kevin@8t8.us> (f64ec1de)
+
+        * Fix GnuTLS interactive prompt short-circuiting.
+        
+        tls_verify_peers() doesn't verify expiration dates.  So aborting early
+        because of a 0 certstat and the leaf passing tls_check_preauth() does
+        not mean subsequent intermediate certs are okay: they could be
+        expired.
+        
+        In the saved-cert preauth loop, instead of just noting the
+        tls_check_preauth() rc for the leaf, note the highest cert that passes
+        preauth.
+        
+        Then, in the interactive loop (which goes in the opposite order, from
+        CA to leaf) check that value instead.  Since we are trusting certs one
+        by one, anything that passed in the previous loop will certainly pass
+        the preauth check at the beginning of tls_check_one_certificate().
+
+M	mutt_ssl_gnutls.c
+
+2020-06-05 18:16:31 -0700  Kevin McCarthy  <kevin@8t8.us> (5fccf603)
+
+        * Abort GnuTLS certificate check if a cert in the chain is rejected.
+        
+        GnuTLS is not checking dates because we disabled that in
+        tls_negotiate().
+        
+        So if we don't do this, rejecting an expired intermediate cert will
+        have no effect.  Certstat won't contain an expiration error, and
+        tls_check_preauth() will only look at each subsequent cert in the
+        chain's dates.
+
+M	mutt_ssl_gnutls.c
+
+2020-06-05 15:21:03 -0700  Kevin McCarthy  <kevin@8t8.us> (bb0e6277)
+
+        * Fix GnuTLS tls_verify_peers() checking.
+        
+        * Change the function to pass the certstatus parameter by reference,
+        and indicate success/failure of the function via the return value.  It
+        was previously returning the certstatus, but was also returning 0 or
+        the *unset* certstatus on error too.  Since a 0 certstatus means
+        "success", this meant a gnutls_certificate_verify_peers2() failure
+        would be regarded as a valid cert.
+        
+        * The gnutls_certificate_type_get() inside tls_verify_peers() checks
+        the *client* certificate type.  Since it was only called if
+        gnutls_certificate_verify_peers2() failed, I assume was either a
+        mistake, or perhaps an attempt to give a special error message if the
+        client cert was OpenPGP.  In either case, the error message was not
+        very informative, so just remove the call and special error message.
+        
+        * Fix GNUTLS_E_NO_CERTIFICATE_FOUND check to be against verify_ret
+        instead of certstat.
+        
+        * Fix gnutls_strerror() call to use verify_ret instead of certstat.
+        
+        * gnutls_certificate_verify_peers2() already calls and checks
+        gnutls_auth_get_type(), so remove call at the beginning of
+        tls_check_certificate().
+        
+        * gnutls_certificate_verify_peers2() also verifies the certificate
+        type for the *server* is GNUTLS_CRT_X509.  Add a comment about that.
+
+M	mutt_ssl_gnutls.c
+
+2020-05-27 14:33:58 -0700  Kevin McCarthy  <kevin@8t8.us> (5ea51e88)
+
+        * Fix doc install to check builddir first for bundled files.
+        
+        Although some of the built files are bundled in the tarball, someone
+        could still try to build/install from a git checkout with a separate
+        build directory.  There might be other circumstances too, so better to
+        just add the check for now.
+
+M	doc/Makefile.am
+
+2020-05-26 13:51:56 -0700  Kevin McCarthy  <kevin@8t8.us> (0136dbd1)
+
+        * Remove Muttrc and manual.txt from dist tarball files.
+        
+        The Muttrc needs to be generated because of docdir substitution.  The
+        manual.txt may traditionally be generated by a different tool than the
+        one on my machine (lynx), so force that to be regenerated too.
+        
+        It may still be necessary to just rebuild everything, but let's see if
+        this will do for stable for now.
+
+M	doc/Makefile.am
+
+2020-05-25 13:37:20 -0700  Kevin McCarthy  <kevin@8t8.us> (6feaec02)
+
+        * automatic post-release commit for mutt-1.14.2
+
+M	ChangeLog
+M	VERSION
+
 2020-05-25 13:29:22 -0700  Kevin McCarthy  <kevin@8t8.us> (642a1cfd)
 
         * Update UPDATING file for release.
diff --git a/UPDATING b/UPDATING
index 108ea1c3..cce19c12 100644
--- a/UPDATING
+++ b/UPDATING
@@ -9,6 +9,11 @@ http://www.mutt.org/relnotes/
 The keys used are:
   !: modified feature, -: deleted feature, +: new feature
 
+1.14.3 (2020-06-14):
+
+  ! Bug fix release.
+  ! $ssl_starttls also controls aborting an unencrypted IMAP PREAUTH connection.
+
 1.14.2 (2020-05-25):
 
   ! Bug fix release.
diff --git a/VERSION b/VERSION
index a4cc5571..4ea8ad87 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.14.2
+1.14.3