Fedora Core 4 Update: fetchmail-6.2.5-7.fc4.1 - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Advisory Watch: March 6th, 2010

Linux Advisory Watch: February 26th, 2010

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Fedora Core 4 Update: fetchmail-6.2.5-7.fc4.1

User Rating:

How can I rate this item?

Posted by Benjamin D. Thomas

A buffer overflow was discovered in fetchmail's POP3 client. A malicious server could cause fetchmail to execute arbitrary code. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2355 to this issue. All fetchmail users should upgrade to the updated package, which fixes this issue.

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-613
2005-07-21
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : fetchmail
Version     : 6.2.5                      
Release     : 7.fc4.1                  
Summary     : A remote mail retrieval and forwarding utility.
Description :
Fetchmail is a remote mail retrieval and forwarding utility intended
for use over on-demand TCP/IP links, like SLIP or PPP connections.
Fetchmail supports every remote-mail protocol currently in use on the
Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6,
and IPSEC) for retrieval. Then Fetchmail forwards the mail through
SMTP so you can read it through your favorite mail client.

Install fetchmail if you need to retrieve mail over SLIP or PPP
connections.

---------------------------------------------------------------------
Update Information:

A buffer overflow was discovered in fetchmail's POP3 client. A malicious
server could cause fetchmail to execute arbitrary code.

The Common Vulnerabilities and Exposures project has assigned the name
CAN-2005-2355 to this issue.

All fetchmail users should upgrade to the updated package, which fixes this issue.
---------------------------------------------------------------------
* Thu Jul 21 2005 Miloslav Trmac  - 6.2.5-7.fc4.1
- Fix CAN-2005-2355 (#163819, patch by Ludwig Nussel)


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

e00eaabfa00150c2001ca61a58a7845e  SRPMS/fetchmail-6.2.5-7.fc4.1.src.rpm
4528439141789d049cb2094162c92406  ppc/fetchmail-6.2.5-7.fc4.1.ppc.rpm
6bdcf129726571d6e3e2536c3dcc27a3  ppc/debug/fetchmail-debuginfo-6.2.5-7.fc4.1.ppc.rpm
2bebf8c785e918bc43e590a2f029ba48  x86_64/fetchmail-6.2.5-7.fc4.1.x86_64.rpm
3c590e5aa4af40cfa80590ce23b16958  x86_64/debug/fetchmail-debuginfo-6.2.5-7.fc4.1.x86_64.rpm
469b305b86b25c292876877432ce5ead  i386/fetchmail-6.2.5-7.fc4.1.i386.rpm
2635dfe61df68b358fb61803a7d12ca1  i386/debug/fetchmail-debuginfo-6.2.5-7.fc4.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list