---------------------------------------------------------------------Fedora Update Notification
FEDORA-2005-614
2005-07-21
---------------------------------------------------------------------Product     : Fedora Core 3
Name        : fetchmail
Version     : 6.2.5                      
Release     : 7.fc3.1                  
Summary     : A remote mail retrieval and forwarding utility.
Description :
Fetchmail is a remote mail retrieval and forwarding utility intended
for use over on-demand TCP/IP links, like SLIP or PPP connections.
Fetchmail supports every remote-mail protocol currently in use on the
Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6,
and IPSEC) for retrieval. Then Fetchmail forwards the mail through
SMTP so you can read it through your favorite mail client.

Install fetchmail if you need to retrieve mail over SLIP or PPP
connections.

---------------------------------------------------------------------Update Information:

A buffer overflow was discovered in fetchmail's POP3 client. A malicious
server could cause fetchmail to execute arbitrary code.

The Common Vulnerabilities and Exposures project has assigned the name
CAN-2005-2355 to this issue.

All fetchmail users should upgrade to the updated package, which fixes this issue.
---------------------------------------------------------------------* Thu Jul 21 2005 Miloslav Trmac  - 6.2.5-7.fc4.1
- Fix CAN-2005-2355 (#163819, patch by Ludwig Nussel)

* Wed Mar 16 2005 Nalin Dahyabhai  6.2.5-7
- stop using one of the libkrb5 private functions


---------------------------------------------------------------------This update can be downloaded from:
  
550fbe893b901e7fc028765819409b8a  SRPMS/fetchmail-6.2.5-7.fc3.1.src.rpm
14376533cb1e770d8019960596f29dd1  x86_64/fetchmail-6.2.5-7.fc3.1.x86_64.rpm
372ec66fb81998200b4ba0228f77b943  x86_64/debug/fetchmail-debuginfo-6.2.5-7.fc3.1.x86_64.rpm
62947fe15ecc12933cbcdbdfcb87412b  i386/fetchmail-6.2.5-7.fc3.1.i386.rpm
69b34d188aaa91ca770789eb582dc8ca  i386/debug/fetchmail-debuginfo-6.2.5-7.fc3.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
-----------------------------------------------------------------------fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

Fedora Core 3 Update: fetchmail-6.2.5-7.fc3.1

July 21, 2005
A buffer overflow was discovered in fetchmail's POP3 client

Summary

Fetchmail is a remote mail retrieval and forwarding utility intended

for use over on-demand TCP/IP links, like SLIP or PPP connections.

Fetchmail supports every remote-mail protocol currently in use on the

Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6,

and IPSEC) for retrieval. Then Fetchmail forwards the mail through

SMTP so you can read it through your favorite mail client.

Install fetchmail if you need to retrieve mail over SLIP or PPP

connections.

A buffer overflow was discovered in fetchmail's POP3 client. A malicious

server could cause fetchmail to execute arbitrary code.

The Common Vulnerabilities and Exposures project has assigned the name

CAN-2005-2355 to this issue.

All fetchmail users should upgrade to the updated package, which fixes this issue.

- Fix CAN-2005-2355 (#163819, patch by Ludwig Nussel)

* Wed Mar 16 2005 Nalin Dahyabhai 6.2.5-7

- stop using one of the libkrb5 private functions

550fbe893b901e7fc028765819409b8a SRPMS/fetchmail-6.2.5-7.fc3.1.src.rpm

14376533cb1e770d8019960596f29dd1 x86_64/fetchmail-6.2.5-7.fc3.1.x86_64.rpm

372ec66fb81998200b4ba0228f77b943 x86_64/debug/fetchmail-debuginfo-6.2.5-7.fc3.1.x86_64.rpm

62947fe15ecc12933cbcdbdfcb87412b i386/fetchmail-6.2.5-7.fc3.1.i386.rpm

69b34d188aaa91ca770789eb582dc8ca i386/debug/fetchmail-debuginfo-6.2.5-7.fc3.1.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-announce-list

FEDORA-2005-614 2005-07-21 Name : fetchmail Version : 6.2.5 Release : 7.fc3.1 Summary : A remote mail retrieval and forwarding utility. Description : Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6, and IPSEC) for retrieval. Then Fetchmail forwards the mail through SMTP so you can read it through your favorite mail client. Install fetchmail if you need to retrieve mail over SLIP or PPP connections. A buffer overflow was discovered in fetchmail's POP3 client. A malicious server could cause fetchmail to execute arbitrary code. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2355 to this issue. All fetchmail users should upgrade to the updated package, which fixes this issue. - Fix CAN-2005-2355 (#163819, patch by Ludwig Nussel) * Wed Mar 16 2005 Nalin Dahyabhai 6.2.5-7 - stop using one of the libkrb5 private functions 550fbe893b901e7fc028765819409b8a SRPMS/fetchmail-6.2.5-7.fc3.1.src.rpm 14376533cb1e770d8019960596f29dd1 x86_64/fetchmail-6.2.5-7.fc3.1.x86_64.rpm 372ec66fb81998200b4ba0228f77b943 x86_64/debug/fetchmail-debuginfo-6.2.5-7.fc3.1.x86_64.rpm 62947fe15ecc12933cbcdbdfcb87412b i386/fetchmail-6.2.5-7.fc3.1.i386.rpm 69b34d188aaa91ca770789eb582dc8ca i386/debug/fetchmail-debuginfo-6.2.5-7.fc3.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list

Change Log

References

Update Instructions

Severity
Name : fetchmail
Version : 6.2.5
Release : 7.fc3.1
Summary : A remote mail retrieval and forwarding utility.

Related News

28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
1.Penguin Landscape Esm H320
1 - 2 min read
There are compelling arguments in favor of Linux over Windows for desktop usage. Let's explore some advantages of choosing Linux over Windows for
4.Lock AbstractDigital Esm H320
2 - 3 min read
Canonical , the company behind Ubuntu , has introduced Netplan 1.0 , a network configuration tool that simplifies networking configuration on Linux

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved