Package: courier-mta Version: 0.73.1-1.6 Severity: important Tags: fixed-upstream patch pending Hi, as Viktor Szépe recently pointed out to me, courier-mta fails to verify certificates of other MTAs using CNAMEs as their host name. With Amazon SES, Mailjet, etc. this recently became more common and therefore more important to fix. Upstream provides a fix [0] that's easy enough to backport to stretch. I haven't tried jessie, yet. Kind Regards Markus Wanner [0]: Upstream commit: Fix TLS verification when DNS lookup comes back with CNAMEs: https://github.com/svarshavchik/courier-libs/commit/5e522ab14f45c6f4f43c43e32a2f72fbf6354f1c
Attachment:
signature.asc
Description: OpenPGP digital signature