Date: Mon, 19 Apr 2010 18:17:25 GMT From: niels <niels@FreeBSD.org> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/145857: [security] fetchmail denial of service (verbose mode) Message-ID: <201004191817.o3JIHPtl075700@www.freebsd.org> Resent-Message-ID: <201004191820.o3JIK1MH007254@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 145857 >Category: ports >Synopsis: [security] fetchmail denial of service (verbose mode) >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Apr 19 18:20:00 UTC 2010 >Closed-Date: >Last-Modified: >Originator: niels >Release: 8.0-STABLE >Organization: >Environment: n/a >Description: Please refer to the following oss-security post that describes a denial of service vulnerability in fetchmail: http://seclists.org/oss-sec/2010/q2/76 fetchmail 6.3.17 will contain a fix for this issue but is not released. So perhaps the port maintainer can apply the proposed patch to our port (which is at 6.3.16)? Niels >How-To-Repeat: n/a >Fix: Apply proposed patch or upgrade to 6.3.17 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201004191817.o3JIHPtl075700>