X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=fetchmail-SA-2012-01.txt;h=47d12ae569dd5f18f891eb2c0edaf52d7eb4b084;hb=91644ff0b2e6eb3b26c5544a4a769ca4aaf08a14;hp=2ab89fbe4149469adda668e13be19ffee904eb06;hpb=53f8f7ebbe57de54df9c4efbcabef2681c4c17a7;p=~andy%2Ffetchmail

diff --git a/fetchmail-SA-2012-01.txt b/fetchmail-SA-2012-01.txt
index 2ab89fbe..47d12ae5 100644
--- a/fetchmail-SA-2012-01.txt
+++ b/fetchmail-SA-2012-01.txt
@@ -1,10 +1,13 @@
-fetchmail-SA-2012-01: Denial of service possible in STARTTLS mode
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
 
-Topics:		fetchmail denial of service in STARTTLS protocol phases
+fetchmail-SA-2012-01: Information disclosure under active attack
+
+Topics:		Information disclosure under active attack with block ciphers
 
 Author:		Matthias Andree
-Version:	draft
-Announced:	2012-04-06
+Version:	1.0
+Announced:	2012-08-29
 Type:		information disclosure under active attack
 Impact:		chosen plaintext attack theoretically possible
 Danger:		low
@@ -31,13 +34,13 @@ Not affected:	- fetchmail releases 5.1.3 up to and including 6.3.8
 Corrected in:	2012-04-06 Git, among others, see commit
 		4af941d4a4318ba3149316aaa7ffaf24bb959e93
 
-		2012-04-06 fetchmail 6.3.22 release tarball
+		2012-08-29 fetchmail 6.3.22 release tarball
 
 
 0. Release history
 ==================
 
-2012-04-06 1.0	release
+2012-08-29 1.0	release
 
 
 1. Background
@@ -96,16 +99,28 @@ A. Copyright, License and Non-Warranty
 (C) Copyright 2012 by Matthias Andree, <matthias.andree@gmx.de>.
 Some rights reserved.
 
-This work is licensed under the Creative Commons Attribution-NoDerivs
-3.0 Germany License (CC BY-ND 3.0).
+This work is licensed under the
+Creative Commons Attribution-NoDerivs 3.0 Germany License (CC BY-ND 3.0).
 
 To view a copy of this license, visit
 http://creativecommons.org/licenses/by-nd/3.0/de/deed.en
 or send a letter to:
-Creative Commons, 444 Castro Street, Suite 900,
-Mountain View, California, 94041, USA.
+
+Creative Commons
+444 Castro Street
+Suite 900
+MOUNTAIN VIEW, CALIFORNIA 94041
+USA
+
 
 THIS WORK IS PROVIDED FREE OF CHARGE AND WITHOUT ANY WARRANTIES.
 Use the information herein at your own risk.
 
 END of fetchmail-SA-2012-01
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iEUEARECAAYFAlA+h6EACgkQvmGDOQUufZVxcQCWJ4Oza6u2OtWZErSf415uBneQ
+0gCfbaE1JSkrd0uXzwWDMAbBnSqY9lY=
+=2BVL
+-----END PGP SIGNATURE-----