Topics: fetchmail denial of service/data theft in NTLM protocol phase
Author: Matthias Andree
-Version: draft
+Version: 1.0
Announced: 2012-08-13
Type: reading from bad memory locations
Impact: fetchmail segfaults and aborts, stalling inbound mail,
Corrected in: 2012-08-13 Git, among others, see commit
3fbc7cd331602c76f882d1b507cd05c1d824ba8b
- 2012-08-xx fetchmail 6.3.22 release tarball
+ 2012-08-29 fetchmail 6.3.22 release tarball
0. Release history
==================
-2012-08-13 0.1 draft
-2012-08-14 0.2 added CVE ID
-2012-08-14 0.3 mention data theft
+2012-08-29 1.0 release
1. Background
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
-iEYEARECAAYFAlAqnJ0ACgkQvmGDOQUufZURKQCgtarBW3fr0uR/ANpNma7QiAd0
-dFMAoPMNVYwTitZG/gkvwhr7QBGB59pj
-=HBRo
+iEYEARECAAYFAlA+n3kACgkQvmGDOQUufZWzKwCfcOJF35eJ/bOio0VRfFFOiBsq
+dNwAnicBBiqQOq9i7atwBr4gdZ5x+SUM
+=+hqO
-----END PGP SIGNATURE-----