ports/145857: [security] fetchmail denial of service (verbose mode)
niels
niels at FreeBSD.org
Mon Apr 19 18:20:01 UTC 2010
>Number: 145857
>Category: ports
>Synopsis: [security] fetchmail denial of service (verbose mode)
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Apr 19 18:20:00 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: niels
>Release: 8.0-STABLE
>Organization:
>Environment:
n/a
>Description:
Please refer to the following oss-security post that describes a denial of service vulnerability in fetchmail: http://seclists.org/oss-sec/2010/q2/76
fetchmail 6.3.17 will contain a fix for this issue but is not released. So perhaps the port maintainer can apply the proposed patch to our port (which is at 6.3.16)?
Niels
>How-To-Repeat:
n/a
>Fix:
Apply proposed patch or upgrade to 6.3.17
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list