SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-202007-56 (Claws Mail: Improper STARTTLS handling)
It was discovered that Claws Mail was not properly handling state within the STARTTLS protocol handshake.
There may be a breach of integrity or confidentiality in connections made using Claws Mail with STARTTLS.
There is no known workaround at this time.
SolutionAll Claws Mail users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/claws-mail-3.17.6'