aboutsummaryrefslogtreecommitdiffstats
path: root/website/security.html
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2010-10-16 10:51:08 +0200
committerMatthias Andree <matthias.andree@gmx.de>2010-10-16 10:51:08 +0200
commit293a45fe95947d84cc87f3211cd1adeacf5654d4 (patch)
tree0fb1518f8ade0b2a0799e661c0d2a0ba14222826 /website/security.html
parent57ec1b07268bdafdda83ab301ec12ed3c5344bd1 (diff)
downloadfetchmail-293a45fe95947d84cc87f3211cd1adeacf5654d4.tar.gz
fetchmail-293a45fe95947d84cc87f3211cd1adeacf5654d4.tar.bz2
fetchmail-293a45fe95947d84cc87f3211cd1adeacf5654d4.zip
Link fetchmail-EN-2010-03 and update front page.
Diffstat (limited to 'website/security.html')
-rw-r--r--website/security.html15
1 files changed, 11 insertions, 4 deletions
diff --git a/website/security.html b/website/security.html
index d1edefa6..7f823fc9 100644
--- a/website/security.html
+++ b/website/security.html
@@ -28,6 +28,7 @@
<a href="fetchmail-FAQ.pdf" title="Fetchmail FAQ as PDF">FAQ (PDF)</a><br>
<a href="design-notes.html">Design Notes</a><br>
<a href="http://developer.berlios.de/project/showfiles.php?group_id=1824">Download</a><br>
+ Security/Errata<br>
<a href="http://gitorious.org/fetchmail/fetchmail/">Development</a><br>
<a href="http://developer.berlios.de/projects/fetchmail/">Project Page</a><br>
<hr>
@@ -35,13 +36,19 @@
<div id="Content">
- <h1>Fetchmail Security Information</h1>
- <p>These security issues (listed immediately below) have become
- known to the fetchmail maintainer to the date mentioned above. Note
- that fetchmail 6.2.X and older are no longer supported and contain
+ <h1>Fetchmail Security and Errata Information</h1>
+ <p>These security issues (listed immediately below) and critical
+ issues have become
+ known to the fetchmail maintainer to the date mentioned above.</p>
+
+ <p>Note that fetchmail 6.2.X and older are no longer supported and contain
some of the problems mentioned below, even if they aren't mentioned
in the security announcements:</p>
<ul>
+ <li><a name="fetchmail-EN-2010-03">EN-2010-03</a>: Fetchmail <a href="fetchmail-EN-2010-03.txt">fails
+ POP3/IMAP authentication by not performing SASL AUTH
+ properly.</a> This was a long-standing bug fixed in release
+ 6.3.18.</li>
<li><a name="cve-2010-1167"
href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1167">CVE-2010-1167:</a>
Fetchmail <a href="fetchmail-SA-2010-02.txt">could exhaust all