aboutsummaryrefslogtreecommitdiffstats
path: root/fetchmail-SA-2005-02.txt
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2005-10-27 08:15:47 +0000
committerMatthias Andree <matthias.andree@gmx.de>2005-10-27 08:15:47 +0000
commit2839204e8160dc13d57e861fe0374410cebd3de2 (patch)
treee71e3976251a45ff18e866f7398487f848426181 /fetchmail-SA-2005-02.txt
parent92fd7b20390af30051fc4bb87e222cf389948dd3 (diff)
downloadfetchmail-2839204e8160dc13d57e861fe0374410cebd3de2.tar.gz
fetchmail-2839204e8160dc13d57e861fe0374410cebd3de2.tar.bz2
fetchmail-2839204e8160dc13d57e861fe0374410cebd3de2.zip
Update.
svn path=/trunk/; revision=4367
Diffstat (limited to 'fetchmail-SA-2005-02.txt')
-rw-r--r--fetchmail-SA-2005-02.txt13
1 files changed, 8 insertions, 5 deletions
diff --git a/fetchmail-SA-2005-02.txt b/fetchmail-SA-2005-02.txt
index 68131d63..375c8ef4 100644
--- a/fetchmail-SA-2005-02.txt
+++ b/fetchmail-SA-2005-02.txt
@@ -3,14 +3,14 @@ fetchmail-SA-2005-02: security announcement
Topic: password exposure in fetchmailconf
Author: Matthias Andree
-Version: 1.01
+Version: 1.02
Announced: 2005-10-21
Type: insecure creation of file
Impact: passwords are written to a world-readable file
Danger: medium
Credits: Thomas Wolff, Miloslav Trmac for pointing out
that fetchmailconf 1.43.1 was also flawed
-CVE Name: CAN-2005-3088
+CVE Name: CVE-2005-3088
URL: http://fetchmail.berlios.de/fetchmail-SA-2005-02.txt
Affects: fetchmail version 6.2.5.2
@@ -32,9 +32,12 @@ Corrected: 2005-09-28 01:14 UTC (SVN) - committed bugfix (r4351)
0. Release history
==================
-2005-10-21 1.00 (shipped with -rc6)
-2005-10-21 1.01 (marked 1.43.1 vulnerable, revised section 4,
- added Credits)
+2005-10-21 1.00 - initial version (shipped with -rc6)
+2005-10-21 1.01 - marked 1.43.1 vulnerable
+ - revised section 4
+ - added Credits
+2005-10-27 1.02 - reformatted section 0
+ - updated CVE Name to new naming scheme
1. Background
=============
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-21 19:41:22 +0000