SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for fetchmail-6.2.5.5-3tr.i586.rpm :
Thu Sep 20 03:00:00 2007 Nived Gopalan 6.2.5.5-3tr
- SECURITY Fix: An error exists in fetchmail which allows
context-dependent attackers to cause a denial of service (NULL
dereference and application crash) by refusing certain warning
messages that are sent over SMTP.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-4565 to this issue.

Fri Feb 9 02:00:00 2007 Bipin S 6.2.5.5-2tr
- SECURITY Fix: Fetchmail does not properly enforce TLS and may
transmit cleartext passwords over unsecured links if certain
circumstances occur, which allows remote attackers to obtain
sensitive information via man-in-the-middle (MITM) attacks.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2006-5867 to this issue.

Thu Jan 5 02:00:00 2006 Nived Gopalan 6.2.5.5-1tr
- New Upstream.
- SECURITY Fix: A vulnerability has been reported in Fetchmail caused due
to a null pointer dereferencing error when handling a message without
email headers. This can be exploited to crash Fetchmail when the
upstream mail server sends a message without headers.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-4348 to this issue.

Mon Jul 25 03:00:00 2005 Syed Shabir Zakiullah 6.2.5.2-1tr
- New Upstream
- Security Fix: Remote code injection vulnerability in fetchmail
- The POP3 code that deals with UIDs (from the UIDL) reads the responses returned
by the POP3 server into fixed-size buffers allocated on the stack, without
limiting the input length to the buffer size. A compromised or malicious POP3
server can thus overrun fetchmail\'s stack. This affects POP3 and all of its
variants, for instance but not limited to APOP

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-2335 to this issue.

Mon May 30 03:00:00 2005 Bipin 6.2.5-1tr
- New entry into TSL-2.2 official

Fri May 27 03:00:00 2005 Ajith Thampi 6.2.5-2ta
- Removed the fetchmailconf binary as it is no more needed.
- Added ssl support and fallback to procmail
- placing man pages into mandir as expected

Wed Apr 13 03:00:00 2005 Thushara Gopalakrishnan 6.2.5-1th
- Initial release


 
ICM
This page is using cookies. Read moreOK, I understand