aboutsummaryrefslogtreecommitdiffstats
path: root/website
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2012-08-30 08:17:53 +0200
committerMatthias Andree <matthias.andree@gmx.de>2012-08-30 08:17:53 +0200
commit43515cd32a275ed67e5b85fdf42429deda4bd5be (patch)
treecb8db0d691a7c136ed7df84e679f9fc64918f011 /website
parentb72d07035e59dfcbad315012a25fad226c4eaef6 (diff)
downloadfetchmail-43515cd32a275ed67e5b85fdf42429deda4bd5be.tar.gz
fetchmail-43515cd32a275ed67e5b85fdf42429deda4bd5be.tar.bz2
fetchmail-43515cd32a275ed67e5b85fdf42429deda4bd5be.zip
Update security info on web site.
Diffstat (limited to 'website')
l---------website/fetchmail-SA-2012-01.txt1
l---------website/fetchmail-SA-2012-02.txt1
-rw-r--r--website/security.html14
3 files changed, 15 insertions, 1 deletions
diff --git a/website/fetchmail-SA-2012-01.txt b/website/fetchmail-SA-2012-01.txt
new file mode 120000
index 00000000..c4361fe4
--- /dev/null
+++ b/website/fetchmail-SA-2012-01.txt
@@ -0,0 +1 @@
+../fetchmail-SA-2012-01.txt \ No newline at end of file
diff --git a/website/fetchmail-SA-2012-02.txt b/website/fetchmail-SA-2012-02.txt
new file mode 120000
index 00000000..53c27332
--- /dev/null
+++ b/website/fetchmail-SA-2012-02.txt
@@ -0,0 +1 @@
+../fetchmail-SA-2012-02.txt \ No newline at end of file
diff --git a/website/security.html b/website/security.html
index ec9df3a8..33401115 100644
--- a/website/security.html
+++ b/website/security.html
@@ -14,7 +14,7 @@
<table width="100%" cellpadding="0" summary="Canned page header">
<tr>
<td>Fetchmail</td>
-<td align="right"><!-- update date -->2011-06-06</td>
+<td align="right"><!-- update date -->2012-08-30</td>
</tr>
</table>
</div>
@@ -45,6 +45,18 @@
some of the problems mentioned below, even if they aren't mentioned
in the security announcements:</p>
<ul>
+ <li><a name="cve-2012-3482"
+ href="http://web.nvd.dist.gov/view/vuln/Detail?vulnId=CVE-2012-3482">CVE-2012-3482:</a>
+ Fetchmail could <a href="fetchmail-SA-2012-02.txt">crash and
+ possibly reveal fragments of confidential data</a> during
+ NTLM authentication.</li>
+ <li><a name="cve-2011-3389"
+ href="http://web.nvd.dist.gov/view/vuln/Detail?vulnId=CVE-2011-3389">CVE-2011-3389:</a>
+ <a href="fetchmail-SA-2012-01.txt">Fetchmail was vulnerable
+ to chosen-plaintext attacks against cipher block
+ chaining initialization vectors because it disabled an
+ OpenSSL countermeasure against this attack.</a>
+ </li>
<li><a name="cve-2011-1947"
href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1947">CVE-2011-1947:</a>
Fetchmail <a href="fetchmail-SA-2011-01.txt"> could hang for