tags 212762 + pending security Hi, the bug offers a remote exploitation of fetchmail with a manipulated pop3 server. The CAN is: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2335
Until it is available on the website you can have a look at: http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt All versions in debian apart from oldstable are affected. I will upload a new package as soon as possible. Mail to security-team sent. Regards Nico -- Nico Golde - JAB: [EMAIL PROTECTED] | GPG: 0x73647CFF http://www.ngolde.de | http://www.muttng.org | http://grml.org VIM has two modes - the one in which it beeps and the one in which it doesn't -- encrypted mail preferred -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]