From e75ef8f8b5480be6ef8fcc84214228860bb48752 Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Wed, 21 Mar 2007 09:40:59 +0000
Subject: Add CVE-2007-1558 to APOP attack.

svn path=/branches/BRANCH_6-3/; revision=5064
---
 NEWS | 1 +
 1 file changed, 1 insertion(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index 46f0c550..1d7c8ca7 100644
--- a/NEWS
+++ b/NEWS
@@ -48,6 +48,7 @@ fetchmail 6.3.8 (not yet released):
 * Make the APOP challenge parser more distrustful and have it reject challenges
   that do not conform to RFC-822 msg-id format, in the hope to make mounting
   man-in-the-middle attacks (MITM) against APOP a bit more difficult.
+  (CVE-2007-1558)
 
   APOP is claimed insecure by Gaëtan Leurent for MITM scenarios for typical
   setups: based on MD5 collisions, it is purportedly possible to recover the
-- 
cgit v1.2.3