diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | fetchmail-SA-2006-01.txt | 5 |
2 files changed, 4 insertions, 3 deletions
@@ -27,7 +27,7 @@ fetchmail 6.3.2 (to be released): Unless otherwise noted, changes to this release were made by Matthias Andree. # SECURITY FIX IN THIS RELEASE -* CVE-2006-XXXX: Fix segfault or bus error after bouncing a message. This bug +* CVE-2006-0321: Fix segfault or bus error after bouncing a message. This bug was introduced into 6.3.0 when removing alloca(); it caused fetchmail to free random memory. Reported by Nathaniel W. Turner, Debian Bug#348747. See fetchmail-SA-2006-01.txt diff --git a/fetchmail-SA-2006-01.txt b/fetchmail-SA-2006-01.txt index d929c6b5..a4e8c4d2 100644 --- a/fetchmail-SA-2006-01.txt +++ b/fetchmail-SA-2006-01.txt @@ -10,7 +10,7 @@ Type: free() with bogus pointer Impact: fetchmail crashes Danger: low Credits: Nathaniel W. Turner (bug report) -CVE Name: XXX +CVE Name: CVE-2006-0321 URL: http://fetchmail.berlios.de/fetchmail-SA-2006-01.txt http://bugs.debian.org/348747 Project URL: http://fetchmail.berlios.de/ @@ -23,13 +23,14 @@ Not affected: fetchmail 6.3.2 other versions not mentioned here or in the previous sections have not been checked -Corrected: XXX +Corrected: 2006-01-19 fetchmail 6.3.2-rc4 0. Release history ================== 2006-01-19 internal review draft +2006-01-20 add CVE ID 1. Background |