[pkg-fetchmail-maint] Bug#212762: (no subject)
Nico Golde
nico at ngolde.de
Thu Jul 21 11:36:58 UTC 2005
tags 212762 + pending security
Hi,
the bug offers a remote exploitation of fetchmail with a
manipulated pop3 server.
The CAN is:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2335
Until it is available on the website you can have a look at:
http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt
All versions in debian apart from oldstable are affected.
I will upload a new package as soon as possible. Mail to
security-team sent.
Regards Nico
--
Nico Golde - JAB: nion at jabber.ccc.de | GPG: 0x73647CFF
http://www.ngolde.de | http://www.muttng.org | http://grml.org
VIM has two modes - the one in which it beeps
and the one in which it doesn't -- encrypted mail preferred
More information about the pkg-fetchmail-maint
mailing list