Posted on

CVE-2010-4533 (debian_linux, offlineimap)

offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.