diff options
| -rw-r--r-- | NEWS | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -45,7 +45,7 @@ be removed from a 6.4.0 or newer release.) fetchmail 6.3.9 (not yet released): # SECURITY FIX: -* CVE-2007-XXXX: Denial of service: When fetchmail tries to inject a warning +* CVE-2007-4565: Denial of service: When fetchmail tries to inject a warning message it created itself, and the message is refused by the SMTP listener, fetchmail dereferences a NULL pointer and crashes. Report & fix by Earl Chew. Note while this is theoretically a remote denial of service attack vector, @@ -53,7 +53,7 @@ fetchmail 6.3.9 (not yet released): rather low. This bug was apparently introduced on 1998-11-27 when the bouncemail facility was modularized. The bug made then its appearance in fetchmail release 4.6.8. - See fetchmail-SA-2007-02.txt. + See also fetchmail-SA-2007-02.txt. # BUG FIXES: * The configure script will additionally check for 'dn_skipname', to fix build |