svn path=/branches/BRANCH_6-3/; revision=4664
Unless otherwise noted, changes to this release were made by Matthias Andree.
# SECURITY FIX IN THIS RELEASE
-* CVE-2006-XXXX: Fix segfault or bus error after bouncing a message. This bug
+* CVE-2006-0321: Fix segfault or bus error after bouncing a message. This bug
was introduced into 6.3.0 when removing alloca(); it caused fetchmail to free
random memory. Reported by Nathaniel W. Turner, Debian Bug#348747.
See fetchmail-SA-2006-01.txt
Impact: fetchmail crashes
Danger: low
Credits: Nathaniel W. Turner (bug report)
-CVE Name: XXX
+CVE Name: CVE-2006-0321
URL: http://fetchmail.berlios.de/fetchmail-SA-2006-01.txt
http://bugs.debian.org/348747
Project URL: http://fetchmail.berlios.de/
other versions not mentioned here or in the previous
sections have not been checked
-Corrected: XXX
+Corrected: 2006-01-19 fetchmail 6.3.2-rc4
0. Release history
==================
2006-01-19 internal review draft
+2006-01-20 add CVE ID
1. Background