From 33280d2b96b4010645c5e0a5f9e892ca9fddc1d0 Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Thu, 19 Jan 2006 02:47:15 +0000 Subject: Escalate recent fix to security and add preliminary announcement. svn path=/branches/BRANCH_6-3/; revision=4657 --- fetchmail-SA-2006-01.txt | 98 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 98 insertions(+) create mode 100644 fetchmail-SA-2006-01.txt (limited to 'fetchmail-SA-2006-01.txt') diff --git a/fetchmail-SA-2006-01.txt b/fetchmail-SA-2006-01.txt new file mode 100644 index 00000000..d929c6b5 --- /dev/null +++ b/fetchmail-SA-2006-01.txt @@ -0,0 +1,98 @@ +fetchmail-SA-2006-01: crash when bouncing messages. + +Topics: #1 crash when bouncing a message + #2 fetchmail 6.2.5.X end of life + +Author: Matthias Andree +Version: XXX +Announced: XXX +Type: free() with bogus pointer +Impact: fetchmail crashes +Danger: low +Credits: Nathaniel W. Turner (bug report) +CVE Name: XXX +URL: http://fetchmail.berlios.de/fetchmail-SA-2006-01.txt + http://bugs.debian.org/348747 +Project URL: http://fetchmail.berlios.de/ + +Affects: fetchmail version 6.3.0 + fetchmail version 6.3.1 + +Not affected: fetchmail 6.3.2 + fetchmail 6.2.5.5 + other versions not mentioned here or in the previous + sections have not been checked + +Corrected: XXX + + +0. Release history +================== + +2006-01-19 internal review draft + + +1. Background +============= + +fetchmail is a software package to retrieve mail from remote POP2, POP3, +IMAP, ETRN or ODMR servers and forward it to local SMTP, LMTP servers or +message delivery agents. + +fetchmail ships with a graphical, Python/Tkinter based configuration +utility named "fetchmailconf" to help the user create configuration (run +control) files for fetchmail. + + +2. Problem description and Impact +================================= + +Fetchmail contains a bug that causes itself to crash when bouncing a +message to the originator or to the local postmaster. Fetchmail crashes +when trying to free the dynamic array of failed addresses, and calls the +free() function with an invalid pointer. + +Note that such messages are not RFC-822 conformant, so if the server has +not been tampered with, the server software is faulty. + + +3. Workaround +============= + +None known at this time. + + +4. Solution +=========== + +Download and install fetchmail 6.3.2 or a newer stable release from +fetchmail's project site at +. + + +5. End of life announcement +=========================== + +The aged fetchmail 6.2.5.X branch is discontinued effective immediately. +No further releases from the 6.2.5.X branch will be made. + +The new 6.3.X stable branch has been available since 2005-11-30 +and will not change except for bugfixes, documentation and translations. + + +A. Copyright, License and Warranty +================================== + +(C) Copyright 2006 by Matthias Andree, . +Some rights reserved. + +This work is licensed under the Creative Commons +Attribution-NonCommercial-NoDerivs German License. To view a copy of +this license, visit http://creativecommons.org/licenses/by-nc-nd/2.0/de/ +or send a letter to Creative Commons; 559 Nathan Abbott Way; +Stanford, California 94305; USA. + +THIS WORK IS PROVIDED FREE OF CHARGE AND WITHOUT ANY WARRANTIES. +Use the information herein at your own risk. + +END OF fetchmail-SA-2006-01.txt -- cgit v1.2.3