aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2011-05-31 22:40:58 +0200
committerMatthias Andree <matthias.andree@gmx.de>2011-05-31 22:40:58 +0200
commitc0de97bb4f0024bf5f048ce239c3b40eb7ffbb38 (patch)
tree2b8a0b10c7ad87d3131091c1e66184c8d751d00c
parent23e90c690e8807f4bdb9d797e626fb32b013c34d (diff)
parente5a4131e735b5a59dbc3b4b8024e437bae84bc16 (diff)
downloadfetchmail-c0de97bb4f0024bf5f048ce239c3b40eb7ffbb38.tar.gz
fetchmail-c0de97bb4f0024bf5f048ce239c3b40eb7ffbb38.tar.bz2
fetchmail-c0de97bb4f0024bf5f048ce239c3b40eb7ffbb38.zip
Merge branch 'common-6x' into legacy_63
Conflicts: NEWS fetchmail-SA-2011-01.txt
Diffstat
-rw-r--r--NEWS3
-rw-r--r--fetchmail-SA-2011-01.txt2
2 files changed, 3 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index bd4c450d..53db19a0 100644
--- a/NEWS
+++ b/NEWS
@@ -59,7 +59,8 @@ removed from a 6.4.0 or newer release.)
fetchmail-6.3.20 (not yet released, 26005 LoC):
# SECURITY BUG FIXES
-* STARTTLS: Fetchmail runs the IMAP STARTTLS or POP3 STLS negotiation with the
+* CVE-2011-1947:
+ STARTTLS: Fetchmail runs the IMAP STARTTLS or POP3 STLS negotiation with the
set timeout (default five minutes) now. This was reported missing, with
observed fetchmail freezes beyond a week, by Thomas Jarosch.
SSL-wrapped connections were unaffected by this timeout, so users of older
diff --git a/fetchmail-SA-2011-01.txt b/fetchmail-SA-2011-01.txt
index fc627f65..915b3524 100644
--- a/fetchmail-SA-2011-01.txt
+++ b/fetchmail-SA-2011-01.txt
@@ -9,7 +9,7 @@ Type: Unguarded blocking I/O can cause indefinite application hang
Impact: Denial of service
Danger: low
-CVE Name:
+CVE Name: CVE-2011-1947
CVSSv2:
CVSS scores:
This is calculated without Environmental Score.
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-21 22:04:31 +0000