commit df546faaf196e0d3b12c55a2ac64617d921163d9
Author: Miklos Vajna <>
Date:   Tue Apr 27 13:48:13 2010 +0200


diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index f06a6d8..a7bbd02 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -26,6 +26,17 @@

+               <id>667</id>
+               <date>2010-04-27</date>
+               <author>Miklos Vajna</author>
+               <package>fetchmail</package>
+               <vulnerable>6.3.13-1</vulnerable>
+               <unaffected>6.3.16-1locris1</unaffected>
+               <bts></bts>
+               <desc>Fetchmail did not properly sanitize external input (mail 
headers and UID). When a multi-character locale (such as UTF-8) was in use, 
this could cause memory exhaustion and thus a denial of service, because 
fetchmail's report.c functions assumed that non-success of [v]snprintf was due 
to insufficient buffer size allocation. It would then repeatedly reallocate a 
larger buffer and fail formatting again.</desc>
+       </fsa>
+       <fsa>
<author>Miklos Vajna</author>
Frugalware-git mailing list

Reply via email to