aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2011-06-07 00:21:47 +0200
committerMatthias Andree <matthias.andree@gmx.de>2011-06-07 00:21:47 +0200
commit284f73ad6dea66b7f553f19b1ca3db62831b3ad4 (patch)
treec24cc59f3d71500fea4dac66d041093838010018
parenta27bf9ec2bc3220e53792fb9b204ed0d81d3c681 (diff)
parentca33378e6f2b88dbab8beac0b72da9d45e2c3338 (diff)
downloadfetchmail-284f73ad6dea66b7f553f19b1ca3db62831b3ad4.tar.gz
fetchmail-284f73ad6dea66b7f553f19b1ca3db62831b3ad4.tar.bz2
fetchmail-284f73ad6dea66b7f553f19b1ca3db62831b3ad4.zip
Merge branch 'legacy_63' of gitorious.org:fetchmail/fetchmail into legacy_63
-rw-r--r--fetchmail-SA-2011-01.txt10
l---------website/fetchmail-SA-2011-01.txt1
-rw-r--r--website/index.html33
-rw-r--r--website/security.html8
4 files changed, 26 insertions, 26 deletions
diff --git a/fetchmail-SA-2011-01.txt b/fetchmail-SA-2011-01.txt
index 09aa90f6..c50ab932 100644
--- a/fetchmail-SA-2011-01.txt
+++ b/fetchmail-SA-2011-01.txt
@@ -1,3 +1,6 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
fetchmail-SA-2011-01: Denial of service possible in STARTTLS mode
Topics: fetchmail denial of service in STARTTLS protocol phases
@@ -127,3 +130,10 @@ THIS WORK IS PROVIDED FREE OF CHARGE AND WITHOUT ANY WARRANTIES.
Use the information herein at your own risk.
END of fetchmail-SA-2011-01
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.16 (GNU/Linux)
+
+iEYEARECAAYFAk3swwUACgkQvmGDOQUufZWaBACdHHSAiQZ5OIOur3vflKbzbIi2
+WbkAni+ROgf+9IU1rE0j8RJKvzZrJfIP
+=d/Bl
+-----END PGP SIGNATURE-----
diff --git a/website/fetchmail-SA-2011-01.txt b/website/fetchmail-SA-2011-01.txt
new file mode 120000
index 00000000..9f8c296c
--- /dev/null
+++ b/website/fetchmail-SA-2011-01.txt
@@ -0,0 +1 @@
+../fetchmail-SA-2011-01.txt \ No newline at end of file
diff --git a/website/index.html b/website/index.html
index 23a9aa62..72bc85c2 100644
--- a/website/index.html
+++ b/website/index.html
@@ -15,7 +15,7 @@
<table width="100%" cellpadding="0" summary="Canned page header">
<tr>
<td>Fetchmail</td>
-<td align="right"><!-- update date -->2010-12-10</td>
+<td align="right"><!-- update date -->2011-06-06</td>
</tr>
</table>
</div>
@@ -42,35 +42,18 @@
<h1>Fetchmail</h1>
<div style="background-color:#c0ffc0;color:#000000;">
- <h1>NEWS: FETCHMAIL 6.3.19 RELEASE</h1>
- <p>On 2010-10-16, <a
- href="fetchmail-EN-2010-03.txt">an erratum notice was issued</a>
- to document important fixes made in the 6.3.18 release.
- Distributors are advised to upgrade their packages to
- 6.3.19 (which fixes a few more bugs than 6.3.18 did).</p>
- <p>On 2010-12-10, <a
- href="http://developer.berlios.de/project/showfiles.php?group_id=1824">fetchmail-6.3.19
+ <h1>NEWS: FETCHMAIL 6.3.20 RELEASE</h1>
+ <p>On 2011-06-06, <a
+ href="http://developer.berlios.de/project/showfiles.php?group_id=1824">fetchmail-6.3.20
has been released (this is the download link),</a> fixing a
- Yahoo incompatibility (that was fetchmail's fault), improves
- configuration for multidrop settings, restores --antispam function
- on the command line, allows forcing SSL/TLS/STARTTLS negotiation,
- and reduces GSSAPI verbose/debug chatter in syslog.
- <br>It is a recommended update for all users and
+ denial-of service in STARTTLS and makes --keep configurations log
+ less verbosely.
+ <br>It is a recommended <strong>security update</strong> for all users and
distributors. <a
- href="http://developer.berlios.de/project/shownotes.php?group_id=1824&amp;release_id=18137">Click
+ href="http://developer.berlios.de/project/shownotes.php?group_id=1824&amp;release_id=18583">Click
here to see the change details.</a>
</p>
- <h1>UTF7 in mailbox names (developer document)</h1>
- <p>There is a <a href="Mailbox-Names-UTF7.html">new document about
- mailbox name encoding in IMAP,</a>
- an invited contribution by Mark Crispin. It applies to all IMAP
- clients and servers and is not limited to fetchmail, and arose after
- a discussion on the getmail mailing list. Note that as of
- 2010-05-25, neither fetchmail nor getmail currently supports this
- directly; for the nonce, you need to manually encode the mailbox
- name in UTF-7 for both applications.</p>
-
<h1>SSL issues after upgrade to OpenSSL 1.0.0?</h1>
<p>If your fetchmail upgrade entails an upgrade of the OpenSSL
library to 1.0.0, remember to re-run <kbd>c_rehash
diff --git a/website/security.html b/website/security.html
index 7f823fc9..ec9df3a8 100644
--- a/website/security.html
+++ b/website/security.html
@@ -14,7 +14,7 @@
<table width="100%" cellpadding="0" summary="Canned page header">
<tr>
<td>Fetchmail</td>
-<td align="right"><!-- update date -->2010-05-06</td>
+<td align="right"><!-- update date -->2011-06-06</td>
</tr>
</table>
</div>
@@ -45,6 +45,12 @@
some of the problems mentioned below, even if they aren't mentioned
in the security announcements:</p>
<ul>
+ <li><a name="cve-2011-1947"
+ href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1947">CVE-2011-1947:</a>
+ Fetchmail <a href="fetchmail-SA-2011-01.txt"> could hang for
+ indefinite amounts of time during STARTTLS negotiations</a>,
+ causing mail fetches to stall. This was a long-standing bug
+ fixed in release 6.3.20.</li>
<li><a name="fetchmail-EN-2010-03">EN-2010-03</a>: Fetchmail <a href="fetchmail-EN-2010-03.txt">fails
POP3/IMAP authentication by not performing SASL AUTH
properly.</a> This was a long-standing bug fixed in release