Date: Mon, 16 Jun 2008 11:07:01 -0800 From: Jonathan Smith <smithj@...ethemallocs.com> To: matthias.andree@....de CC: oss-security@...ts.openwall.com Subject: Re: CVE Id Request: fetchmail <= 6.3.8 DoS when logging long headers in -v -v mode -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Matthias Andree wrote: > Impeding the 6.3.9 release, there are some nasty bugs that aren't > security relevant which are pending the fix, but are hard to debug. Are these bugs regressions against 6.3.8? If so, it might make sense to cherry-pick the security fixes from svn and cut a 220.127.116.11 release with 6.3.8+patches. If not, why let non-regressions hold up 6.3.9? smithj -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEAREIAAYFAkhWudUACgkQCG91qXPaRelIxwCgljo90dSgky/T/FTXCLM4sfRp /9cAn2hrrcwsuH8a9lIS45z5MiW3IK0c =D/74 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.