MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers.Referenceshttps://gerrit.vesnicky.cesnet.cz/r/1035https://bugs.kde.org/show_bug.cgi?id=423453
