aboutsummaryrefslogtreecommitdiffstats
path: root/website/index.html
diff options
context:
space:
mode:
Diffstat (limited to 'website/index.html')
-rw-r--r--website/index.html18
1 files changed, 11 insertions, 7 deletions
diff --git a/website/index.html b/website/index.html
index 1f06c5d4..e517d10e 100644
--- a/website/index.html
+++ b/website/index.html
@@ -15,7 +15,7 @@
<table width="100%" cellpadding="0" summary="Canned page header">
<tr>
<td>Fetchmail</td>
-<td align="right"><!-- update date -->2009-10-30</td>
+<td align="right"><!-- update date -->2010-02-05</td>
</tr>
</table>
</div>
@@ -41,13 +41,16 @@
<h1>Fetchmail</h1>
<div style="background-color:#c0ffc0;color:#000000;">
- <h1>NEWS: FETCHMAIL 6.3.13 RELEASE</h1>
- <p>On 2009-10-30, <a
- href="http://developer.berlios.de/project/showfiles.php?group_id=1824">fetchmail-6.3.13
- has been released (this is the download link),</a> fixing a
- regression in the 6.3.12 SMTP multiline fix and updating translations.
+ <h1>NEWS: FETCHMAIL 6.3.14 RELEASE</h1>
+ <p>On 2010-02-05, <a
+ href="http://developer.berlios.de/project/showfiles.php?group_id=1824">fetchmail-6.3.14
+ has been released (this is the download link),</a> fixing a security
+ issue (see below) and some IMAP client bugs. Notably, IMAP2 functionality
+ has been restored and servers that refuse the SEARCH command are now
+ supported.
+
It is a recommended update for all users. <a
- href="http://developer.berlios.de/project/shownotes.php?group_id=1824&amp;release_id=16867">Click
+ href="http://developer.berlios.de/project/shownotes.php?group_id=1824&amp;release_id=17213">Click
here to see the change details.</a>
</p>
</div>
@@ -59,6 +62,7 @@
some of the problems mentioned below, even if they aren't mentioned
in the security announcements:</p>
<ul>
+ <li>CVE-XXXX-XXXX: Fetchmail <a href="fetchmail-SA-2010-01.txt">would overrun the heap when displaying X.509 TLS/SSL certificates with characters with high bit set in verbose mode on platforms where char is a signed type.</a> This bug was introduced in release 6.3.11 and has been fixed in release 6.3.14.</li>
<li><a name="cve-2009-2666" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666">CVE-2009-2666:</a> Fetchmail <a href="fetchmail-SA-2009-01.txt">was found to validate SSL/TLS X.509 certificates improperly and allow man-in-the-middle-attacks to go undetected.</a> This bug has been fixed in release 6.3.11. For previous versions, use the <a href="fetchmail-SA-2009-01.txt">patch contained in the security announcement.</a></li>
<li><a name="cve-2008-2711" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711">CVE-2008-2711:</a> Fetchmail can <a href="fetchmail-SA-2008-01.txt">crash in verbose mode when logging long message headers.</a> This bug has been fixed in release 6.3.9. For 6.3.8, use the <a href="fetchmail-SA-2008-01.txt">patch contained in the security announcement.</a></li>
<li><a name="cve-2007-4565" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4565">CVE-2007-4565:</a> Fetchmail can <a href="fetchmail-SA-2007-02.txt">crash when the SMTP server refuses a warning message generated by fetchmail.</a> This bug was introduced in fetchmail 4.6.8 and has been fixed in release 6.3.9. For 6.3.8, use the <a href="fetchmail-SA-2007-02.txt">patch contained in this security announcement.</a></li>