Add CVE ID for recent DoS: CVE-2006-0321

svn path=/branches/BRANCH_6-3/; revision=4664

diff --git a/NEWS b/NEWS
index d919f3157e4540f840c0449bc23594830078f460..7529c693d1b62b13a3fb2ebca8ee200eac2c995c 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -27,7 +27,7 @@ fetchmail 6.3.2 (to be released):
 Unless otherwise noted, changes to this release were made by Matthias Andree.
 
 # SECURITY FIX IN THIS RELEASE
-* CVE-2006-XXXX: Fix segfault or bus error after bouncing a message.  This bug
+* CVE-2006-0321: Fix segfault or bus error after bouncing a message.  This bug
   was introduced into 6.3.0 when removing alloca(); it caused fetchmail to free
   random memory.  Reported by Nathaniel W. Turner, Debian Bug#348747.
   See fetchmail-SA-2006-01.txt

diff --git a/fetchmail-SA-2006-01.txt b/fetchmail-SA-2006-01.txt
index d929c6b5077fa5ffa7f16f24de850a999f8430e5..a4e8c4d2ff64630dd0f4048929bcbbba1d0674d4 100644 (file)
--- a/fetchmail-SA-2006-01.txt
+++ b/fetchmail-SA-2006-01.txt
@@ -10,7 +10,7 @@ Type:         free() with bogus pointer
 Impact:                fetchmail crashes
 Danger:                low
 Credits:       Nathaniel W. Turner (bug report)
-CVE Name:      XXX
+CVE Name:      CVE-2006-0321
 URL:           http://fetchmail.berlios.de/fetchmail-SA-2006-01.txt
                http://bugs.debian.org/348747
 Project URL:   http://fetchmail.berlios.de/
@@ -23,13 +23,14 @@ Not affected:       fetchmail 6.3.2
                other versions not mentioned here or in the previous
                sections have not been checked
 
-Corrected:     XXX
+Corrected:     2006-01-19 fetchmail 6.3.2-rc4
 
 
 0. Release history
 ==================
 
 2006-01-19     internal review draft
+2006-01-20     add CVE ID
 
 
 1. Background