From f78abd402964b9fea113da5c7660b9dddaa0c06e Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Tue, 24 Jun 2008 13:06:51 +0000
Subject: Fix one more CVE-2008-2711 va_start() messup. Found by Petr Uzel.
 Bump release to -rc2.

svn path=/branches/BRANCH_6-3/; revision=5205
---
 NEWS | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index d326c5a6..415e96dd 100644
--- a/NEWS
+++ b/NEWS
@@ -61,6 +61,8 @@ fetchmail 6.3.9 (not yet released):
   random memory location (it calls va_arg() too often without
   resetting it with va_start()). Based on a patch (BerliOS patch #2492)
   by Petr Uzel, fixes Novell Bug #354291.
+  Note 6.3.9-rc1 did not completely fix this issue, so it was redrawn a few 
+  hours after its release.
   See also fetchmail-SA-2008-01.txt.
 * When expunging, mark the right messages as seen to avoid message loss in "keep
   flush" configurations.  Workaround for previous versions: "expunge 0".
-- 
cgit v1.2.3