Bump version for security release.

[~andy/fetchmail] / website / index.html

diff --git a/website/index.html b/website/index.html
index 90ce83808c986a76751319297cee31ae8e4ba7a3..0ba5712692db7450c1c0e34b0398a64e246041d9 100644 (file)
--- a/website/index.html
+++ b/website/index.html
@@ -15,7 +15,7 @@
 <table width="100%" cellpadding="0" summary="Canned page header">
 <tr>
 <td>Fetchmail</td>
-<td align="right"><!-- update date -->2009-07-02</td>
+<td align="right"><!-- update date -->2009-08-06</td>
 </tr>
 </table>
 </div>
@@ -39,18 +39,13 @@
 <img src="bighand.png" width="100" height="71" alt="logo: a hand presenting an envelope" align="right">
 
 <h1>Fetchmail</h1>
-<!--
-<div style="background-color:#ffffff;color:#008000;"> <h1>fetchmail 6.3.6 release candidate #5</h1>
-<p>On 2006-12-19, <a
-href="http://mandree.home.pages.de/fetchmail/">fetchmail-6.3.6-rc5 was released</a>, fixing several annoying bugs. <a href="http://mandree.home.pages.de/fetchmail/NEWS-6.3.6-rc5.txt">Click here for details.</a></p> </div>
--->
 
 <div style="background-color:#c0ffc0;color:#000000;">
-    <h1>NEWS: FETCHMAIL 6.3.10 RELEASE</h1>
-    <p>On 2009-07-02, <a
-       href="http://developer.berlios.de/project/showfiles.php?group_id=1824">fetchmail-6.3.10
+    <h1>NEWS: FETCHMAIL 6.3.11 RELEASE</h1>
+    <p>On 2009-08-06, <a
+       href="http://developer.berlios.de/project/showfiles.php?group_id=1824">fetchmail-6.3.11
        has been released (this is the download link),</a> fixing
-    various bugs. It is a recommended update for all users. <a
+    various bugs. It is a recommended security update for all users. <a
        href="http://developer.berlios.de/project/shownotes.php?group_id=1824&amp;release_id=16448">Click
        here to see the change details.</a>
     </p>
@@ -63,6 +58,7 @@ href="http://mandree.home.pages.de/fetchmail/">fetchmail-6.3.6-rc5 was released<
     some of the problems mentioned below, even if they aren't mentioned
     in the security announcements:</p>
     <ul>
+       <li><a name="cve-2009-2666" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666">CVE-2009-2666:</a> Fetchmail <a href="fetchmail-SA-2009-01.txt">was found to validate SSL/TLS X.509 certificates improperly and allow man-in-the-middle-attacks to go undetected.</a> This bug has been fixed in release 6.3.11. For previous versions, use the <a href="fetchmail-SA-2009-01.txt">patch contained in the security announcement.</a></li>
        <li><a name="cve-2008-2711" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711">CVE-2008-2711:</a> Fetchmail can <a href="fetchmail-SA-2008-01.txt">crash in verbose mode when logging long message headers.</a> This bug has been fixed in release 6.3.9. For 6.3.8, use the <a href="fetchmail-SA-2008-01.txt">patch contained in the security announcement.</a></li>
        <li><a name="cve-2007-4565" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4565">CVE-2007-4565:</a> Fetchmail can <a href="fetchmail-SA-2007-02.txt">crash when the SMTP server refuses a warning message generated by fetchmail.</a> This bug was introduced in fetchmail 4.6.8 and has been fixed in release 6.3.9. For 6.3.8, use the <a href="fetchmail-SA-2007-02.txt">patch contained in this security announcement.</a></li>
        <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558">CVE-2007-1558:</a> Fetchmail's APOP client was found to <a href="fetchmail-SA-2007-01.txt">validate APOP challenges insufficiently, making man-in-the-middle attacks on APOP secrets unnecessarily easier than need be.</a> This bug was long-standing, fetchmail 6.3.8 and newer validate the APOP challenge more strictly.</li>