Package: fetchmail Severity: important Tags: security Hi!
A DoS attack in fetchmail has been publicised: > fetchmail before 6.3.9 allows context-dependent attackers to cause a denial > of service (NULL dereference and application crash) by refusing certain > warning messages that are sent over SMTP. This upstream URL has details and references which commit fixes it: http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2007-02.txt Please update your package, and mention CVE-2007-4565 in your changelog. It would be good if you could assess the severity of this attack in the light of updating stable/oldstable. thanks Thijs
pgpjeNwwrIP8h.pgp
Description: PGP signature