Date: Mon, 06 Jun 2011 17:02:27 +0200 From: Matthias Andree <matthias.andree@....de> To: oss-security@...ts.openwall.com Subject: fetchmail 6.3.20 release to fix CVE-2011-1947 (was: CVE request for fetchmail STARTTLS hang (Denial of Service)) Greetings, I've just released fetchmail 6.3.20 to fix the STARTTLS denial-of-service problem present in all earlier fetchmail releases, CVE-2011-1947. Note that distributors are advised to thoroughly check the NEWS file and consider doing a stable release update rather than just backporting the security fixes, there were several notable bug fixes. At least do note <http://www.fetchmail.info/fetchmail-EN-2010-03.txt> - it's a good opportunity to fix this, too... Changelog: https://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/NEWS Homepage: http://www.fetchmail.info/ Downloads: http://developer.berlios.de/project/showfiles.php?group_id=1824&release_id=18583 Best regards, Matthias Andree Hat: fetchmail maintainer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.