From 8ce089207a5f2cdd352b33989407c80a27c5fbf7 Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Wed, 29 Aug 2007 11:28:04 +0000
Subject: Add CVE number.

svn path=/branches/BRANCH_6-3/; revision=5126
---
 NEWS | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index d8e26998..0ef1534d 100644
--- a/NEWS
+++ b/NEWS
@@ -45,7 +45,7 @@ be removed from a 6.4.0 or newer release.)
 fetchmail 6.3.9 (not yet released):
 
 # SECURITY FIX:
-* CVE-2007-XXXX: Denial of service: When fetchmail tries to inject a warning
+* CVE-2007-4565: Denial of service: When fetchmail tries to inject a warning
   message it created itself, and the message is refused by the SMTP listener,
   fetchmail dereferences a NULL pointer and crashes. Report & fix by Earl Chew.
   Note while this is theoretically a remote denial of service attack vector,
@@ -53,7 +53,7 @@ fetchmail 6.3.9 (not yet released):
   rather low.
   This bug was apparently introduced on 1998-11-27 when the bouncemail facility
   was modularized. The bug made then its appearance in fetchmail release 4.6.8.
-  See fetchmail-SA-2007-02.txt.
+  See also fetchmail-SA-2007-02.txt.
 
 # BUG FIXES:
 * The configure script will additionally check for 'dn_skipname', to fix build
-- 
cgit v1.2.3