diff options
author | Matthias Andree <matthias.andree@gmx.de> | 2010-10-16 10:51:08 +0200 |
---|---|---|
committer | Matthias Andree <matthias.andree@gmx.de> | 2010-10-16 10:51:08 +0200 |
commit | 293a45fe95947d84cc87f3211cd1adeacf5654d4 (patch) | |
tree | 0fb1518f8ade0b2a0799e661c0d2a0ba14222826 /website/security.html | |
parent | 57ec1b07268bdafdda83ab301ec12ed3c5344bd1 (diff) | |
download | fetchmail-293a45fe95947d84cc87f3211cd1adeacf5654d4.tar.gz fetchmail-293a45fe95947d84cc87f3211cd1adeacf5654d4.tar.bz2 fetchmail-293a45fe95947d84cc87f3211cd1adeacf5654d4.zip |
Link fetchmail-EN-2010-03 and update front page.
Diffstat (limited to 'website/security.html')
-rw-r--r-- | website/security.html | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/website/security.html b/website/security.html index d1edefa6..7f823fc9 100644 --- a/website/security.html +++ b/website/security.html @@ -28,6 +28,7 @@ <a href="fetchmail-FAQ.pdf" title="Fetchmail FAQ as PDF">FAQ (PDF)</a><br> <a href="design-notes.html">Design Notes</a><br> <a href="http://developer.berlios.de/project/showfiles.php?group_id=1824">Download</a><br> + Security/Errata<br> <a href="http://gitorious.org/fetchmail/fetchmail/">Development</a><br> <a href="http://developer.berlios.de/projects/fetchmail/">Project Page</a><br> <hr> @@ -35,13 +36,19 @@ <div id="Content"> - <h1>Fetchmail Security Information</h1> - <p>These security issues (listed immediately below) have become - known to the fetchmail maintainer to the date mentioned above. Note - that fetchmail 6.2.X and older are no longer supported and contain + <h1>Fetchmail Security and Errata Information</h1> + <p>These security issues (listed immediately below) and critical + issues have become + known to the fetchmail maintainer to the date mentioned above.</p> + + <p>Note that fetchmail 6.2.X and older are no longer supported and contain some of the problems mentioned below, even if they aren't mentioned in the security announcements:</p> <ul> + <li><a name="fetchmail-EN-2010-03">EN-2010-03</a>: Fetchmail <a href="fetchmail-EN-2010-03.txt">fails + POP3/IMAP authentication by not performing SASL AUTH + properly.</a> This was a long-standing bug fixed in release + 6.3.18.</li> <li><a name="cve-2010-1167" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1167">CVE-2010-1167:</a> Fetchmail <a href="fetchmail-SA-2010-02.txt">could exhaust all |