Merge branch 'legacy_63'

[~andy/fetchmail] / fetchmail-SA-2012-01.txt

diff --git a/fetchmail-SA-2012-01.txt b/fetchmail-SA-2012-01.txt
index bac7368c872ba86527aa610ba7852f77575df4c8..47d12ae569dd5f18f891eb2c0edaf52d7eb4b084 100644 (file)
--- a/fetchmail-SA-2012-01.txt
+++ b/fetchmail-SA-2012-01.txt
@@ -1,13 +1,13 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA1
 
-fetchmail-SA-2012-01: Denial of service possible in STARTTLS mode
+fetchmail-SA-2012-01: Information disclosure under active attack
 
-Topics:                fetchmail denial of service in STARTTLS protocol phases
+Topics:                Information disclosure under active attack with block ciphers
 
 Author:                Matthias Andree
-Version:       draft
-Announced:     2012-04-06
+Version:       1.0
+Announced:     2012-08-29
 Type:          information disclosure under active attack
 Impact:                chosen plaintext attack theoretically possible
 Danger:                low
@@ -34,13 +34,13 @@ Not affected:       - fetchmail releases 5.1.3 up to and including 6.3.8
 Corrected in:  2012-04-06 Git, among others, see commit
                4af941d4a4318ba3149316aaa7ffaf24bb959e93
 
-               2012-04-06 fetchmail 6.3.22 release tarball
+               2012-08-29 fetchmail 6.3.22 release tarball
 
 
 0. Release history
 ==================
 
-2012-04-06 1.0 release
+2012-08-29 1.0 release
 
 
 1. Background
@@ -120,7 +120,7 @@ END of fetchmail-SA-2012-01
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
-iEYEARECAAYFAk9/Yg4ACgkQvmGDOQUufZU1jACg0bUmT0FCQ2I+wybSvOvPpZVr
-eiAAoPXRoz8oXnCMnY0xlzQ5oJlmmeMo
-=sRzf
+iEUEARECAAYFAlA+h6EACgkQvmGDOQUufZVxcQCWJ4Oza6u2OtWZErSf415uBneQ
+0gCfbaE1JSkrd0uXzwWDMAbBnSqY9lY=
+=2BVL
 -----END PGP SIGNATURE-----