"Encrypted connection unavailable" when using pre-authenticated connection (due to CVE-2020-14093 patch)
Reporting from https://bugs.debian.org/963107
The fix for CVE-2020-14093 makes it so that when using a
preauthenticated connection (using set tunnel
to SSH to the IMAP
server), mutt just prints "Encrypted connection unavailable" and refuses
the connection. An strace shows that mutt successfully runs SSH and gets
the preauthenticated IMAP connection.
I do not have any ssl-related options set. Best guess: the default ssl_starttls=yes makes mutt think it should starttls over preauth, which it now avoids due to the CVE.
I can confirm that setting ssl_starttls=no allows preauthenticated IMAP
connections using set tunnel
to work again.