diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -59,7 +59,8 @@ removed from a 6.4.0 or newer release.) fetchmail-6.3.20 (not yet released): # SECURITY BUG FIXES -* Fetchmail runs the IMAP STARTTLS or POP3 STLS negotiation with the set timeout +* CVE-2011-1947: + Fetchmail runs the IMAP STARTTLS or POP3 STLS negotiation with the set timeout (default five minutes) now. This was reported missing, from fetchmail freezes beyond a week, by Thomas Jarosch. SSL-wrapped connections were unaffected by this timeout, so users of older |