You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@james.apache.org by bt...@apache.org on 2022/09/15 10:21:05 UTC
[james-project] branch master updated: [CHANGELOG] Mention CVE-2022-28220 STARTTLS command injection in Apache JAMES (#1188)
This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
The following commit(s) were added to refs/heads/master by this push:
new 670dd9da47 [CHANGELOG] Mention CVE-2022-28220 STARTTLS command injection in Apache JAMES (#1188)
670dd9da47 is described below
commit 670dd9da473820112b9b587fdc8056a3affbef0a
Author: Benoit TELLIER <bt...@linagora.com>
AuthorDate: Thu Sep 15 12:21:00 2022 +0200
[CHANGELOG] Mention CVE-2022-28220 STARTTLS command injection in Apache JAMES (#1188)
---
CHANGELOG.md | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9a710b281f..1953b6a32e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -155,6 +155,10 @@ Multiple performance enhancements for Distributed server mailbox, IMAP, SMTP and
## [3.7.1] - 2022-08-26
+### Security
+
+This release fixes CVE-2022-28220 `STARTTLS command injection in Apache JAMES`.
+
### Changes
- [UPGRADE] Adopt MIME4J 0.8.7 (#961)
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org