fetchmail 6.3.6-1ubuntu2.1 source package in Ubuntu
Changelog
fetchmail (6.3.6-1ubuntu2.1) feisty-security; urgency=low
* SECURITY UPDATE: DoS via NULL pointer dereference when SMTP refuses to
send certain warning messages
* added 02_CVE-2007-4565.patch to sink.c to verify msg is not NULL
* SECURITY UPDATE: Due to a design flaw in the APOP protocol, remote
attackers may be able to acquire a portion of a user's authentication
credentials using man-in-the-middle techniques.
* added 03_CVE-2007-1558.patch. This patch adds notes about APOP's
limitations as well as updating pop3.c to more strictly validate the
presented challenge for RFC-822 conformity. This change to pop3.c does
not fix the APOP design flaw, but does make attacks against APOP somewhat
more difficult.
* added 04_manpage.patch for improperly formatted manpage (upstream bug)
* References
CVE-2007-4565
CVE-2007-1558
* Modify Maintainer value to match the DebianMaintainerField
specification.
-- Jamie Strandboge <email address hidden> Tue, 25 Sep 2007 09:55:32 -0400
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Feisty
- Original maintainer:
- Ubuntu Development Team
- Architectures:
- any
- Section:
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| fetchmail_6.3.6.orig.tar.gz | 1.6 MiB | af1960a0bff4a2e96c7176f8f73dbe3c3b3cd463c2d6915560b0afe34fe43050 |
| fetchmail_6.3.6-1ubuntu2.1.diff.gz | 55.1 KiB | 40facae0f2c40db90a4f370bff27e9acf51f80b0cbc324e4f4a031fee8013a6c |
| fetchmail_6.3.6-1ubuntu2.1.dsc | 966 bytes | 6fdd319dbb350d32b79d2ef429ef75615ac668f130b013310ae121caa0f903fd |
Binary packages built by this source
- fetchmail: No summary available for fetchmail in ubuntu feisty.
No description available for fetchmail in ubuntu feisty.
- fetchmailconf: No summary available for fetchmailconf in ubuntu feisty.
No description available for fetchmailconf in ubuntu feisty.
