SECURITY FIX: DoS on EILSEQ in report_*() in -vv and multibyte-locales.

author: Matthias Andree <matthias.andree@gmx.de> 2010-04-18 18:01:38 +0200
committer: Matthias Andree <matthias.andree@gmx.de> 2010-04-18 18:06:35 +0200
commit: ec06293134b85876f9201d8a52b844c41581b2b3 (patch)
tree: 3fec8f3fea397c3c47f9ca1c73d73dd560a3bb55 /NEWS
parent: 414a380974f78d0bb62ca953398bf1f54b28a58d (diff)
download: fetchmail-ec06293134b85876f9201d8a52b844c41581b2b3.tar.gz
fetchmail-ec06293134b85876f9201d8a52b844c41581b2b3.tar.bz2
fetchmail-ec06293134b85876f9201d8a52b844c41581b2b3.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 223811ad..802309cf 100644
--- a/NEWS
+++ b/NEWS
@@ -54,6 +54,14 @@ removed from a 6.4.0 or newer release.)
 
 fetchmail-6.3.17 (not yet released):
 
+# SECURITY FIX
+* Fetchmail before release 6.3.17 did not properly sanitize external input
+  (mail headers and UID). When a multi-character locale (such as UTF-8) was in use, 
+  this could cause memory exhaustion and thus a denial of service, because
+  fetchmail's report.c functions assumed that non-success of [v]snprintf was
+  due to insufficient buffer size allocation. It would then repeatedly reallocate
+  a larger buffer and fail formatting again. See fetchmail-SA-2010-02.txt.
+
 # REGRESSION FIX
 * Fix string handling in rcfile scanner, which caused fetchmail to misparse a
   run control file in certain circumstances.  Fixes BerliOS bug #14257.
author	Matthias Andree <matthias.andree@gmx.de>	2010-04-18 18:01:38 +0200
committer	Matthias Andree <matthias.andree@gmx.de>	2010-04-18 18:06:35 +0200
commit	ec06293134b85876f9201d8a52b844c41581b2b3 (patch)
tree	3fec8f3fea397c3c47f9ca1c73d73dd560a3bb55 /NEWS
parent	414a380974f78d0bb62ca953398bf1f54b28a58d (diff)
download	fetchmail-ec06293134b85876f9201d8a52b844c41581b2b3.tar.gz fetchmail-ec06293134b85876f9201d8a52b844c41581b2b3.tar.bz2 fetchmail-ec06293134b85876f9201d8a52b844c41581b2b3.zip