mailing list archives
rPSA-2008-0235-1 fetchmail fetchmailconf
From: rPath Update Announcements <announce-noreply () rpath com>
Date: Mon, 28 Jul 2008 21:06:18 -0400
rPath Security Advisory: 2008-0235-1
rPath Linux 1
rPath Linux 2
Exposure Level Classification:
Indirect User Deterministic Denial of Service
fetchmail=conary.rpath.com () rpl:1/6.3.8-0.4-1
fetchmail=conary.rpath.com () rpl:2/6.3.8-5-0.1
fetchmailconf=conary.rpath.com () rpl:2/6.3.8-5-0.1
rPath Issue Tracking System:
Previous versions of the fetchmail package are vulnerable to a Denial
of Service attack due to a buffer-resizing error when handling mail
messages with large headers. It is not believed that this weakness
can be exploited to execute malicious code.
Copyright 2008 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- rPSA-2008-0235-1 fetchmail fetchmailconf rPath Update Announcements (Jul 29)