aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2010-10-16 10:51:08 +0200
committerMatthias Andree <matthias.andree@gmx.de>2010-10-16 10:51:08 +0200
commit293a45fe95947d84cc87f3211cd1adeacf5654d4 (patch)
tree0fb1518f8ade0b2a0799e661c0d2a0ba14222826
parent57ec1b07268bdafdda83ab301ec12ed3c5344bd1 (diff)
downloadfetchmail-293a45fe95947d84cc87f3211cd1adeacf5654d4.tar.gz
fetchmail-293a45fe95947d84cc87f3211cd1adeacf5654d4.tar.bz2
fetchmail-293a45fe95947d84cc87f3211cd1adeacf5654d4.zip
Link fetchmail-EN-2010-03 and update front page.
l---------website/fetchmail-EN-2010-03.txt1
-rw-r--r--website/index.html12
-rw-r--r--website/security.html15
3 files changed, 21 insertions, 7 deletions
diff --git a/website/fetchmail-EN-2010-03.txt b/website/fetchmail-EN-2010-03.txt
new file mode 120000
index 00000000..da4a5608
--- /dev/null
+++ b/website/fetchmail-EN-2010-03.txt
@@ -0,0 +1 @@
+../fetchmail-EN-2010-03.txt \ No newline at end of file
diff --git a/website/index.html b/website/index.html
index 57d88803..903a64b9 100644
--- a/website/index.html
+++ b/website/index.html
@@ -15,7 +15,7 @@
<table width="100%" cellpadding="0" summary="Canned page header">
<tr>
<td>Fetchmail</td>
-<td align="right"><!-- update date -->2010-10-09</td>
+<td align="right"><!-- update date -->2010-10-16</td>
</tr>
</table>
</div>
@@ -29,7 +29,7 @@
<a href="fetchmail-FAQ.pdf" title="Fetchmail FAQ as PDF">FAQ (PDF)</a><br>
<a href="design-notes.html">Design Notes</a><br>
<a href="http://developer.berlios.de/project/showfiles.php?group_id=1824">Download</a><br>
- <a href="security.html">Security</a><br>
+ <a href="security.html">Security/Errata</a><br>
<a href="http://gitorious.org/fetchmail/fetchmail/">Development</a><br>
<a href="http://developer.berlios.de/projects/fetchmail/">Project Page</a><br>
<hr>
@@ -43,12 +43,18 @@
<div style="background-color:#c0ffc0;color:#000000;">
<h1>NEWS: FETCHMAIL 6.3.18 RELEASE</h1>
+ <p style="background-color:#ffc0c0;color:#000000;">On 2010-10-16, <a
+ href="fetchmail-EN-2010-03.txt">an erratum notice was issued</a>
+ to document important fixes made in the 6.3.18 release listed
+ below. Distributors are advised to upgrade their packages to
+ 6.3.18.</p>
<p>On 2010-10-09, <a
href="http://developer.berlios.de/project/showfiles.php?group_id=1824">fetchmail-6.3.18
has been released (this is the download link),</a> fixing a
regression of the rcfile parser from 6.3.0, a security bug in debug
output that can cause memory exhaustion and abort, and improves SSL
- usability. It is a recommended update for all users. <a
+ usability. It is a recommended update for all users and
+ distributors. <a
href="http://developer.berlios.de/project/shownotes.php?group_id=1824&amp;release_id=17957">Click
here to see the change details.</a>
</p>
diff --git a/website/security.html b/website/security.html
index d1edefa6..7f823fc9 100644
--- a/website/security.html
+++ b/website/security.html
@@ -28,6 +28,7 @@
<a href="fetchmail-FAQ.pdf" title="Fetchmail FAQ as PDF">FAQ (PDF)</a><br>
<a href="design-notes.html">Design Notes</a><br>
<a href="http://developer.berlios.de/project/showfiles.php?group_id=1824">Download</a><br>
+ Security/Errata<br>
<a href="http://gitorious.org/fetchmail/fetchmail/">Development</a><br>
<a href="http://developer.berlios.de/projects/fetchmail/">Project Page</a><br>
<hr>
@@ -35,13 +36,19 @@
<div id="Content">
- <h1>Fetchmail Security Information</h1>
- <p>These security issues (listed immediately below) have become
- known to the fetchmail maintainer to the date mentioned above. Note
- that fetchmail 6.2.X and older are no longer supported and contain
+ <h1>Fetchmail Security and Errata Information</h1>
+ <p>These security issues (listed immediately below) and critical
+ issues have become
+ known to the fetchmail maintainer to the date mentioned above.</p>
+
+ <p>Note that fetchmail 6.2.X and older are no longer supported and contain
some of the problems mentioned below, even if they aren't mentioned
in the security announcements:</p>
<ul>
+ <li><a name="fetchmail-EN-2010-03">EN-2010-03</a>: Fetchmail <a href="fetchmail-EN-2010-03.txt">fails
+ POP3/IMAP authentication by not performing SASL AUTH
+ properly.</a> This was a long-standing bug fixed in release
+ 6.3.18.</li>
<li><a name="cve-2010-1167"
href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1167">CVE-2010-1167:</a>
Fetchmail <a href="fetchmail-SA-2010-02.txt">could exhaust all