---------------------------------------------------------------------Fedora Update Notification
FEDORA-2005-614
2005-07-21
---------------------------------------------------------------------Product     : Fedora Core 3
Name        : fetchmail
Version     : 6.2.5                      
Release     : 7.fc3.1                  
Summary     : A remote mail retrieval and forwarding utility.
Description :
Fetchmail is a remote mail retrieval and forwarding utility intended
for use over on-demand TCP/IP links, like SLIP or PPP connections.
Fetchmail supports every remote-mail protocol currently in use on the
Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6,
and IPSEC) for retrieval. Then Fetchmail forwards the mail through
SMTP so you can read it through your favorite mail client.

Install fetchmail if you need to retrieve mail over SLIP or PPP
connections.

---------------------------------------------------------------------Update Information:

A buffer overflow was discovered in fetchmail's POP3 client. A malicious
server could cause fetchmail to execute arbitrary code.

The Common Vulnerabilities and Exposures project has assigned the name
CAN-2005-2355 to this issue.

All fetchmail users should upgrade to the updated package, which fixes this issue.
---------------------------------------------------------------------* Thu Jul 21 2005 Miloslav Trmac  - 6.2.5-7.fc4.1
- Fix CAN-2005-2355 (#163819, patch by Ludwig Nussel)

* Wed Mar 16 2005 Nalin Dahyabhai  6.2.5-7
- stop using one of the libkrb5 private functions


---------------------------------------------------------------------This update can be downloaded from:
  
550fbe893b901e7fc028765819409b8a  SRPMS/fetchmail-6.2.5-7.fc3.1.src.rpm
14376533cb1e770d8019960596f29dd1  x86_64/fetchmail-6.2.5-7.fc3.1.x86_64.rpm
372ec66fb81998200b4ba0228f77b943  x86_64/debug/fetchmail-debuginfo-6.2.5-7.fc3.1.x86_64.rpm
62947fe15ecc12933cbcdbdfcb87412b  i386/fetchmail-6.2.5-7.fc3.1.i386.rpm
69b34d188aaa91ca770789eb582dc8ca  i386/debug/fetchmail-debuginfo-6.2.5-7.fc3.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
-----------------------------------------------------------------------fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

Fedora Core 3 Update: fetchmail-6.2.5-7.fc3.1

July 21, 2005
A buffer overflow was discovered in fetchmail's POP3 client

Summary

Fetchmail is a remote mail retrieval and forwarding utility intended

for use over on-demand TCP/IP links, like SLIP or PPP connections.

Fetchmail supports every remote-mail protocol currently in use on the

Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6,

and IPSEC) for retrieval. Then Fetchmail forwards the mail through

SMTP so you can read it through your favorite mail client.

Install fetchmail if you need to retrieve mail over SLIP or PPP

connections.

A buffer overflow was discovered in fetchmail's POP3 client. A malicious

server could cause fetchmail to execute arbitrary code.

The Common Vulnerabilities and Exposures project has assigned the name

CAN-2005-2355 to this issue.

All fetchmail users should upgrade to the updated package, which fixes this issue.

- Fix CAN-2005-2355 (#163819, patch by Ludwig Nussel)

* Wed Mar 16 2005 Nalin Dahyabhai 6.2.5-7

- stop using one of the libkrb5 private functions

550fbe893b901e7fc028765819409b8a SRPMS/fetchmail-6.2.5-7.fc3.1.src.rpm

14376533cb1e770d8019960596f29dd1 x86_64/fetchmail-6.2.5-7.fc3.1.x86_64.rpm

372ec66fb81998200b4ba0228f77b943 x86_64/debug/fetchmail-debuginfo-6.2.5-7.fc3.1.x86_64.rpm

62947fe15ecc12933cbcdbdfcb87412b i386/fetchmail-6.2.5-7.fc3.1.i386.rpm

69b34d188aaa91ca770789eb582dc8ca i386/debug/fetchmail-debuginfo-6.2.5-7.fc3.1.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-announce-list

Change Log

References

Update Instructions

Severity
Name : fetchmail
Version : 6.2.5
Release : 7.fc3.1
Summary : A remote mail retrieval and forwarding utility.

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved