Author Topic: CVE-2023-51764 vulnerability  (Read 2072 times)

Meatychunks

  • Newbie
  • *
  • Posts: 3
CVE-2023-51764 vulnerability
« on: February 17, 2024, 03:03:57 pm »
Hi,

My mail provider patched this vulnerability last week. Since then all messages sent using aquamail to any recipient are rejected due to a bare line feed character.

Version 1.49.2-408 running on Android 13.

Martin - Aqua Mail Support

  • Administrator
  • Full Member
  • *****
  • Posts: 230
Re: CVE-2023-51764 vulnerability
« Reply #1 on: February 19, 2024, 09:25:24 am »
Hello,

Sorry about the inconvenience. Try clearing the cache or reinstalling the app. If the issue persists, kindly send the error screenshot to support@aqua-mail.com along with the contact details so we can check this.

Meatychunks

  • Newbie
  • *
  • Posts: 3
Re: CVE-2023-51764 vulnerability
« Reply #2 on: February 19, 2024, 01:40:04 pm »
Having re-installed the app, the problem has gone until I re-enable PGP signing.

The problem then persists.

I shall email the screenshot again as requested.

Martin - Aqua Mail Support

  • Administrator
  • Full Member
  • *****
  • Posts: 230
Re: CVE-2023-51764 vulnerability
« Reply #3 on: February 19, 2024, 03:28:05 pm »
Thanks.

I will contact the developers for assistance and update you as soon as I receive a response from them.






Meatychunks

  • Newbie
  • *
  • Posts: 3
Re: CVE-2023-51764 vulnerability
« Reply #4 on: February 20, 2024, 03:41:06 pm »
I can further confirm that after enabling signing with s/mime (not PGP as previously stated) the problem persists - even after disabling signing and de-activating the certificate.