diff options
| l--------- | website/fetchmail-EN-2010-03.txt | 1 | ||||
| -rw-r--r-- | website/index.html | 12 | ||||
| -rw-r--r-- | website/security.html | 15 |
3 files changed, 21 insertions, 7 deletions
diff --git a/website/fetchmail-EN-2010-03.txt b/website/fetchmail-EN-2010-03.txt new file mode 120000 index 00000000..da4a5608 --- /dev/null +++ b/website/fetchmail-EN-2010-03.txt @@ -0,0 +1 @@ +../fetchmail-EN-2010-03.txt
\ No newline at end of file diff --git a/website/index.html b/website/index.html index 57d88803..903a64b9 100644 --- a/website/index.html +++ b/website/index.html @@ -15,7 +15,7 @@ <table width="100%" cellpadding="0" summary="Canned page header"> <tr> <td>Fetchmail</td> -<td align="right"><!-- update date -->2010-10-09</td> +<td align="right"><!-- update date -->2010-10-16</td> </tr> </table> </div> @@ -29,7 +29,7 @@ <a href="fetchmail-FAQ.pdf" title="Fetchmail FAQ as PDF">FAQ (PDF)</a><br> <a href="design-notes.html">Design Notes</a><br> <a href="http://developer.berlios.de/project/showfiles.php?group_id=1824">Download</a><br> - <a href="security.html">Security</a><br> + <a href="security.html">Security/Errata</a><br> <a href="http://gitorious.org/fetchmail/fetchmail/">Development</a><br> <a href="http://developer.berlios.de/projects/fetchmail/">Project Page</a><br> <hr> @@ -43,12 +43,18 @@ <div style="background-color:#c0ffc0;color:#000000;"> <h1>NEWS: FETCHMAIL 6.3.18 RELEASE</h1> + <p style="background-color:#ffc0c0;color:#000000;">On 2010-10-16, <a + href="fetchmail-EN-2010-03.txt">an erratum notice was issued</a> + to document important fixes made in the 6.3.18 release listed + below. Distributors are advised to upgrade their packages to + 6.3.18.</p> <p>On 2010-10-09, <a href="http://developer.berlios.de/project/showfiles.php?group_id=1824">fetchmail-6.3.18 has been released (this is the download link),</a> fixing a regression of the rcfile parser from 6.3.0, a security bug in debug output that can cause memory exhaustion and abort, and improves SSL - usability. It is a recommended update for all users. <a + usability. It is a recommended update for all users and + distributors. <a href="http://developer.berlios.de/project/shownotes.php?group_id=1824&release_id=17957">Click here to see the change details.</a> </p> diff --git a/website/security.html b/website/security.html index d1edefa6..7f823fc9 100644 --- a/website/security.html +++ b/website/security.html @@ -28,6 +28,7 @@ <a href="fetchmail-FAQ.pdf" title="Fetchmail FAQ as PDF">FAQ (PDF)</a><br> <a href="design-notes.html">Design Notes</a><br> <a href="http://developer.berlios.de/project/showfiles.php?group_id=1824">Download</a><br> + Security/Errata<br> <a href="http://gitorious.org/fetchmail/fetchmail/">Development</a><br> <a href="http://developer.berlios.de/projects/fetchmail/">Project Page</a><br> <hr> @@ -35,13 +36,19 @@ <div id="Content"> - <h1>Fetchmail Security Information</h1> - <p>These security issues (listed immediately below) have become - known to the fetchmail maintainer to the date mentioned above. Note - that fetchmail 6.2.X and older are no longer supported and contain + <h1>Fetchmail Security and Errata Information</h1> + <p>These security issues (listed immediately below) and critical + issues have become + known to the fetchmail maintainer to the date mentioned above.</p> + + <p>Note that fetchmail 6.2.X and older are no longer supported and contain some of the problems mentioned below, even if they aren't mentioned in the security announcements:</p> <ul> + <li><a name="fetchmail-EN-2010-03">EN-2010-03</a>: Fetchmail <a href="fetchmail-EN-2010-03.txt">fails + POP3/IMAP authentication by not performing SASL AUTH + properly.</a> This was a long-standing bug fixed in release + 6.3.18.</li> <li><a name="cve-2010-1167" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1167">CVE-2010-1167:</a> Fetchmail <a href="fetchmail-SA-2010-02.txt">could exhaust all |