diff options
| author | Matthias Andree <matthias.andree@gmx.de> | 2009-08-17 17:16:35 +0000 |
|---|---|---|
| committer | Matthias Andree <matthias.andree@gmx.de> | 2009-08-17 17:16:35 +0000 |
| commit | d7db335df7367b96b094e8b886c161f4de11f525 (patch) | |
| tree | e73b83133e55d71befc282adf0827090acdc4f0e /NEWS | |
| parent | 7ba08582a30fab03ccf6ac78232d6bbd1be55cd0 (diff) | |
| download | fetchmail-d7db335df7367b96b094e8b886c161f4de11f525.tar.gz fetchmail-d7db335df7367b96b094e8b886c161f4de11f525.tar.bz2 fetchmail-d7db335df7367b96b094e8b886c161f4de11f525.zip | |
Fix free() of unallocated memory on intact/non-verbose SSL-connections.
Problem was improper scoping of xfree(tt). Patch courtesy of Thomas Heinz.
Fixes Gentoo bug #280760.
svn path=/branches/BRANCH_6-3/; revision=5415
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 9 |
1 files changed, 9 insertions, 0 deletions
@@ -51,6 +51,15 @@ removed from a 6.4.0 or newer release.) fetchmail 6.3.12 (released XXXX-XX-XX - not yet): +# REGRESSION FIXES +* The CVS-2009-2666 fix in fetchmail release 6.3.11 caused a free() of + unallocated memory on SSL connections, which caused crashes or program aborts + on some systems (depending on how initialization and free() of unallocated + memory is handled in compiler and libc). + Patch courtesy of Thomas Heinz, fixes Gentoo Bug #280760. + This regression affected only the 6.3.11 release, but not the patch that was + part of the security announcement fetchmail-SA-2009-01. + # TRANSLATION UPDATES AND ADDITIONS (ordered by language name): * [ca] Catalan (Ernest Adrogué Calveras) * [cs] Czech (Petr Pisar) |