Bug#320357: [pkg-fetchmail-maint] Bug#320357: fetchmail:
CAN-2005-2335 unfixed in stable and possibly oldstable
Helge Kreutzmann
kreutzm at itp.uni-hannover.de
Fri Jul 29 16:30:46 UTC 2005
Hello Lucas,
On Thu, Jul 28, 2005 at 04:13:50PM -0300, Lucas Wall wrote:
> Helge Kreutzmann wrote, On 28/07/05 15:43:
> > Package: fetchmail
> > Version: N/A; reported 2005-07-28
> > Severity: grave
> > Tags: security
> > Justification: user security hole
> >
> > Hello,
> > I see that you close CAN-2005-2335 in 6.2.5-16 in unstable, but I
> > could not find a bug report for tracking sarge and woody. Please close
> > this bug when both are dealt with.
>
> Isn't the new package version feature in the BTS useful for these kind
> of things?
Well, I don't think so. I read in your changelog:
- new upstream patch because of security issue CAN-2005-2335
There is no mention of a bug in the BTS here (no closes#). The machine
I reported from is a woody without fetchmail. But I think you can add
the proper version in retrorespect as well?
Greetings
Helge
--
Dr. Helge Kreutzmann, Dipl.-Phys. Helge.Kreutzmann at itp.uni-hannover.de
gpg signed mail preferred
64bit GNU powered http://www.itp.uni-hannover.de/~kreutzm
Help keep free software "libre": http://www.ffii.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-fetchmail-maint/attachments/20050729/4f58099f/attachment.pgp
More information about the pkg-fetchmail-maint
mailing list