There is 1 open security issue in buster.
1 issue left for the package maintainer to handle:
- CVE-2020-14929:
(needs triaging)
Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
You can find information about how to handle this issue in the security team's documentation.