X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=fetchmail-SA-2012-01.txt;h=47d12ae569dd5f18f891eb2c0edaf52d7eb4b084;hb=87bcf29364c4640edb87cc2186b965d1a564d70c;hp=bac7368c872ba86527aa610ba7852f77575df4c8;hpb=5698169f15c7d3a020f583f88fcc2c793d7a45c4;p=~andy%2Ffetchmail

diff --git a/fetchmail-SA-2012-01.txt b/fetchmail-SA-2012-01.txt
index bac7368c..47d12ae5 100644
--- a/fetchmail-SA-2012-01.txt
+++ b/fetchmail-SA-2012-01.txt
@@ -1,13 +1,13 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA1
 
-fetchmail-SA-2012-01: Denial of service possible in STARTTLS mode
+fetchmail-SA-2012-01: Information disclosure under active attack
 
-Topics:		fetchmail denial of service in STARTTLS protocol phases
+Topics:		Information disclosure under active attack with block ciphers
 
 Author:		Matthias Andree
-Version:	draft
-Announced:	2012-04-06
+Version:	1.0
+Announced:	2012-08-29
 Type:		information disclosure under active attack
 Impact:		chosen plaintext attack theoretically possible
 Danger:		low
@@ -34,13 +34,13 @@ Not affected:	- fetchmail releases 5.1.3 up to and including 6.3.8
 Corrected in:	2012-04-06 Git, among others, see commit
 		4af941d4a4318ba3149316aaa7ffaf24bb959e93
 
-		2012-04-06 fetchmail 6.3.22 release tarball
+		2012-08-29 fetchmail 6.3.22 release tarball
 
 
 0. Release history
 ==================
 
-2012-04-06 1.0	release
+2012-08-29 1.0	release
 
 
 1. Background
@@ -120,7 +120,7 @@ END of fetchmail-SA-2012-01
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
-iEYEARECAAYFAk9/Yg4ACgkQvmGDOQUufZU1jACg0bUmT0FCQ2I+wybSvOvPpZVr
-eiAAoPXRoz8oXnCMnY0xlzQ5oJlmmeMo
-=sRzf
+iEUEARECAAYFAlA+h6EACgkQvmGDOQUufZVxcQCWJ4Oza6u2OtWZErSf415uBneQ
+0gCfbaE1JSkrd0uXzwWDMAbBnSqY9lY=
+=2BVL
 -----END PGP SIGNATURE-----