diff options
| author | Matthias Andree <matthias.andree@gmx.de> | 2006-01-19 23:45:51 +0000 |
|---|---|---|
| committer | Matthias Andree <matthias.andree@gmx.de> | 2006-01-19 23:45:51 +0000 |
| commit | 00c418250df72707c9d9e7ad194393bc2552d4f0 (patch) | |
| tree | faf4f3835f44278da2b5d0d4c9f072e14e668d7b | |
| parent | 0556623f1709f08b89d3fd5170d772c8f8523d8f (diff) | |
| download | fetchmail-00c418250df72707c9d9e7ad194393bc2552d4f0.tar.gz fetchmail-00c418250df72707c9d9e7ad194393bc2552d4f0.tar.bz2 fetchmail-00c418250df72707c9d9e7ad194393bc2552d4f0.zip | |
Add CVE ID for recent DoS: CVE-2006-0321
svn path=/branches/BRANCH_6-3/; revision=4664
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | fetchmail-SA-2006-01.txt | 5 |
2 files changed, 4 insertions, 3 deletions
@@ -27,7 +27,7 @@ fetchmail 6.3.2 (to be released): Unless otherwise noted, changes to this release were made by Matthias Andree. # SECURITY FIX IN THIS RELEASE -* CVE-2006-XXXX: Fix segfault or bus error after bouncing a message. This bug +* CVE-2006-0321: Fix segfault or bus error after bouncing a message. This bug was introduced into 6.3.0 when removing alloca(); it caused fetchmail to free random memory. Reported by Nathaniel W. Turner, Debian Bug#348747. See fetchmail-SA-2006-01.txt diff --git a/fetchmail-SA-2006-01.txt b/fetchmail-SA-2006-01.txt index d929c6b5..a4e8c4d2 100644 --- a/fetchmail-SA-2006-01.txt +++ b/fetchmail-SA-2006-01.txt @@ -10,7 +10,7 @@ Type: free() with bogus pointer Impact: fetchmail crashes Danger: low Credits: Nathaniel W. Turner (bug report) -CVE Name: XXX +CVE Name: CVE-2006-0321 URL: http://fetchmail.berlios.de/fetchmail-SA-2006-01.txt http://bugs.debian.org/348747 Project URL: http://fetchmail.berlios.de/ @@ -23,13 +23,14 @@ Not affected: fetchmail 6.3.2 other versions not mentioned here or in the previous sections have not been checked -Corrected: XXX +Corrected: 2006-01-19 fetchmail 6.3.2-rc4 0. Release history ================== 2006-01-19 internal review draft +2006-01-20 add CVE ID 1. Background |