diff options
author | Matthias Andree <matthias.andree@gmx.de> | 2007-08-29 11:28:04 +0000 |
---|---|---|
committer | Matthias Andree <matthias.andree@gmx.de> | 2007-08-29 11:28:04 +0000 |
commit | 8ce089207a5f2cdd352b33989407c80a27c5fbf7 (patch) | |
tree | 1b3fbdacda8cef5f169dcc1d9dc00742c33ab588 | |
parent | 5f54ceb284bf427a3cdbd2a11b446c3ee6fc72e4 (diff) | |
download | fetchmail-8ce089207a5f2cdd352b33989407c80a27c5fbf7.tar.gz fetchmail-8ce089207a5f2cdd352b33989407c80a27c5fbf7.tar.bz2 fetchmail-8ce089207a5f2cdd352b33989407c80a27c5fbf7.zip |
Add CVE number.
svn path=/branches/BRANCH_6-3/; revision=5126
-rw-r--r-- | NEWS | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -45,7 +45,7 @@ be removed from a 6.4.0 or newer release.) fetchmail 6.3.9 (not yet released): # SECURITY FIX: -* CVE-2007-XXXX: Denial of service: When fetchmail tries to inject a warning +* CVE-2007-4565: Denial of service: When fetchmail tries to inject a warning message it created itself, and the message is refused by the SMTP listener, fetchmail dereferences a NULL pointer and crashes. Report & fix by Earl Chew. Note while this is theoretically a remote denial of service attack vector, @@ -53,7 +53,7 @@ fetchmail 6.3.9 (not yet released): rather low. This bug was apparently introduced on 1998-11-27 when the bouncemail facility was modularized. The bug made then its appearance in fetchmail release 4.6.8. - See fetchmail-SA-2007-02.txt. + See also fetchmail-SA-2007-02.txt. # BUG FIXES: * The configure script will additionally check for 'dn_skipname', to fix build |