Hi, This month fetchmail 6.3.0 was released. I think the following applies to SUSE 10.0:
http://fetchmail.berlios.de/ -----------8<----------8<----------8<----------8<----------8<--------- CVE-2005-3088: Fetchmailconf was found to open the configuration files world-readable, writing data to them, and only then tightening up permissions, which may cause password information to be visible to other users. This bug affected fetchmail 6.2.0, 6.2.5 and 6.2.5.2. The bug is fixed in fetchmail 6.2.5.4 and 6.3.0. Please update to fetchmail version 6.3.0, or, if your local updating policy does not permit so, to 6.2.5.4 -----------8<----------8<----------8<----------8<----------8<--------- Is it correct that this is not yet solved for SUSE 10.0? Will it be corrected by going to 6.3.0 (recommended)? Otherwise I will use the factory src rpm to upgrade myself. http://ftp.opensuse.org/pub/opensuse/distribution/SL-OSS-factory/\ inst-source/suse/src/fetchmail-6.3.0-3.src.rpm Best regards, Aschwin Marsman -- [EMAIL PROTECTED] http://www.marsman.org --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
