fetchmail 6.3.2-2ubuntu2.2 source package in Ubuntu
Changelog
fetchmail (6.3.2-2ubuntu2.2) dapper-security; urgency=low * SECURITY UPDATE: DoS via NULL pointer dereference when SMTP refuses to send certain warning messages * added 05_CVE-2007-4565.dpatch to sink.c to verify msg is not NULL * SECURITY UPDATE: Due to a design flaw in the APOP protocol, remote attackers may be able to acquire a portion of a user's authentication credentials using man-in-the-middle techniques. * added 06_CVE-2007-1558.dpatch. This patch adds notes about APOP's limitations as well as updating pop3.c to more strictly validate the presented challenge for RFC-822 conformity. This change to pop3.c does not fix the APOP design flaw, but does make attacks against APOP somewhat more difficult. * References CVE-2007-4565 CVE-2007-1558 -- Jamie Strandboge <email address hidden> Tue, 25 Sep 2007 12:15:38 -0400
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Dapper
- Original maintainer:
- Fetchmail Maintainers
- Architectures:
- any
- Section:
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
fetchmail_6.3.2.orig.tar.gz | 1.5 MiB | 620267bf04fa55aea71d76d0d10adf6c95d060926225b18e2182feeddad40c20 |
fetchmail_6.3.2-2ubuntu2.2.diff.gz | 186.0 KiB | eaa63a36eac7c35f66aa685bd0ffa745c0ba8e9ecae183d27bb9f055a3f32911 |
fetchmail_6.3.2-2ubuntu2.2.dsc | 766 bytes | 83a564e0ffcc79fd4ff545d0167f3e579b094968020530f89d07fbfe6dff5cd3 |
Binary packages built by this source
- fetchmail: No summary available for fetchmail in ubuntu dapper.
No description available for fetchmail in ubuntu dapper.
- fetchmailconf: No summary available for fetchmailconf in ubuntu dapper.
No description available for fetchmailconf in ubuntu dapper.