Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Sun, 15 Jun 2008 11:44:39 +0200
From: Robert Buchholz <rbu@...too.org>
To: oss-security@...ts.openwall.com
Cc: Matthias Andree <matthias.andree@....de>
Subject: Re: CVE Id Request: fetchmail <= 6.3.8 DoS when logging long headers in -v -v mode

Hi Matthias,

On Friday 13 June 2008, Matthias Andree wrote:
> Affects:        fetchmail release < 6.3.9 exclusively
>
> Not affected:   fetchmail release 6.3.9 and newer
>                 systems without varargs (stdargs.h) support.
>
> Corrected:      2008-06-13 fetchmail SVN (rev XXX)

Is there an ETA for the 6.3.9 release? The last advisory in 2007-09 also 
recommended to upgrade to this still unreleased version.


Robert


[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux