diff options
| author | Matthias Andree <matthias.andree@gmx.de> | 2008-06-24 13:06:51 +0000 |
|---|---|---|
| committer | Matthias Andree <matthias.andree@gmx.de> | 2008-06-24 13:06:51 +0000 |
| commit | f78abd402964b9fea113da5c7660b9dddaa0c06e (patch) | |
| tree | b93ba2359be8cf9dd4390f9d76121c159ab2db7d /NEWS | |
| parent | 2346deb7de255d0111290413b37ce8bd69d1ed3a (diff) | |
| download | fetchmail-f78abd402964b9fea113da5c7660b9dddaa0c06e.tar.gz fetchmail-f78abd402964b9fea113da5c7660b9dddaa0c06e.tar.bz2 fetchmail-f78abd402964b9fea113da5c7660b9dddaa0c06e.zip | |
Fix one more CVE-2008-2711 va_start() messup. Found by Petr Uzel.
Bump release to -rc2.
svn path=/branches/BRANCH_6-3/; revision=5205
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -61,6 +61,8 @@ fetchmail 6.3.9 (not yet released): random memory location (it calls va_arg() too often without resetting it with va_start()). Based on a patch (BerliOS patch #2492) by Petr Uzel, fixes Novell Bug #354291. + Note 6.3.9-rc1 did not completely fix this issue, so it was redrawn a few + hours after its release. See also fetchmail-SA-2008-01.txt. * When expunging, mark the right messages as seen to avoid message loss in "keep flush" configurations. Workaround for previous versions: "expunge 0". |