diff options
author | Matthias Andree <matthias.andree@gmx.de> | 2021-08-29 17:33:45 +0200 |
---|---|---|
committer | Matthias Andree <matthias.andree@gmx.de> | 2021-08-29 17:33:45 +0200 |
commit | c863e9dbcc5e6c71ee6d160f811532583627d1ac (patch) | |
tree | bd4c51b452ce212df8098b0c0bce46dd7dfd0bc6 | |
parent | 5b31e6e3c44770d6337c0dc29b21337746575453 (diff) | |
download | fetchmail-c863e9dbcc5e6c71ee6d160f811532583627d1ac.tar.gz fetchmail-c863e9dbcc5e6c71ee6d160f811532583627d1ac.tar.bz2 fetchmail-c863e9dbcc5e6c71ee6d160f811532583627d1ac.zip |
update SA-2021-02
-rw-r--r-- | fetchmail-SA-2021-02.txt | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/fetchmail-SA-2021-02.txt b/fetchmail-SA-2021-02.txt index 93397ec8..d1b07898 100644 --- a/fetchmail-SA-2021-02.txt +++ b/fetchmail-SA-2021-02.txt @@ -3,8 +3,8 @@ fetchmail-SA-2021-02: STARTTLS session encryption bypassing Topics: fetchmail fails to enforce an encrypted connection Author: Matthias Andree -Version: 0.9.1 -Announced: 2021-08-26 +Version: 0.9.2 +Announced: 2021-08-26 (0.9) Type: failure to enforce configured security policy Impact: fetchmail continues an unencrypted connection, thus reading unauthenticated input and sending @@ -22,7 +22,7 @@ Affects: - fetchmail releases up to and including 6.4.21 Not affected: - fetchmail releases 6.4.22 and newer -Corrected in: 2021-08-27 fetchmail 6.4.22.rc2 release candidate +Corrected in: 2021-08-29 fetchmail 6.4.22.rc3 release candidate TBD fetchmail 6.4.22 release tarball 0. History of this announcement @@ -34,7 +34,8 @@ Corrected in: 2021-08-27 fetchmail 6.4.22.rc2 release candidate (see section 3b. below) to mitigate impact was sent to the fetchmail mailing lists 2021-08-26 0.9 initial release along with fetchmail 6.4.22.rc1 -2021-08-26 0.9.1 update references to 6.4.22.rc2. +2021-08-27 0.9.1 update references to 6.4.22.rc2. +2021-08-29 0.9.2 update references to 6.4.22.rc3 and correct 0.9.1 date. 1. Background |