From e75c62b234a699557c023970466a8accd0b5a7b2 Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Wed, 15 Aug 2012 01:19:47 +0200 Subject: Correct title/topic, remove dates (6.3.22 isn't out yet), and re-sign. --- fetchmail-SA-2012-01.txt | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/fetchmail-SA-2012-01.txt b/fetchmail-SA-2012-01.txt index bac7368c..1e7ee71a 100644 --- a/fetchmail-SA-2012-01.txt +++ b/fetchmail-SA-2012-01.txt @@ -1,13 +1,13 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -fetchmail-SA-2012-01: Denial of service possible in STARTTLS mode +fetchmail-SA-2012-01: Information disclosure under active attack -Topics: fetchmail denial of service in STARTTLS protocol phases +Topics: Information disclosure under active attack with block ciphers Author: Matthias Andree -Version: draft -Announced: 2012-04-06 +Version: 1.0 +Announced: 2012-xx-xx Type: information disclosure under active attack Impact: chosen plaintext attack theoretically possible Danger: low @@ -34,13 +34,13 @@ Not affected: - fetchmail releases 5.1.3 up to and including 6.3.8 Corrected in: 2012-04-06 Git, among others, see commit 4af941d4a4318ba3149316aaa7ffaf24bb959e93 - 2012-04-06 fetchmail 6.3.22 release tarball + 2012-xx-xx fetchmail 6.3.22 release tarball 0. Release history ================== -2012-04-06 1.0 release +2012-xx-xx 1.0 release 1. Background @@ -120,7 +120,7 @@ END of fetchmail-SA-2012-01 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) -iEYEARECAAYFAk9/Yg4ACgkQvmGDOQUufZU1jACg0bUmT0FCQ2I+wybSvOvPpZVr -eiAAoPXRoz8oXnCMnY0xlzQ5oJlmmeMo -=sRzf +iEYEARECAAYFAlAq3PsACgkQvmGDOQUufZW9SgCfRlOMwbhIVFWyAf14Bi5L0rHo +6roAn04SSSZ5CNSkNXpgE8mNhzLL2zd0 +=+01n -----END PGP SIGNATURE----- -- cgit v1.2.3