-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
-fetchmail-SA-2012-01: Denial of service possible in STARTTLS mode
+fetchmail-SA-2012-01: Information disclosure under active attack
-Topics: fetchmail denial of service in STARTTLS protocol phases
+Topics: Information disclosure under active attack with block ciphers
Author: Matthias Andree
-Version: draft
-Announced: 2012-04-06
+Version: 1.0
+Announced: 2012-xx-xx
Type: information disclosure under active attack
Impact: chosen plaintext attack theoretically possible
Danger: low
Corrected in: 2012-04-06 Git, among others, see commit
4af941d4a4318ba3149316aaa7ffaf24bb959e93
- 2012-04-06 fetchmail 6.3.22 release tarball
+ 2012-xx-xx fetchmail 6.3.22 release tarball
0. Release history
==================
-2012-04-06 1.0 release
+2012-xx-xx 1.0 release
1. Background
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
-iEYEARECAAYFAk9/Yg4ACgkQvmGDOQUufZU1jACg0bUmT0FCQ2I+wybSvOvPpZVr
-eiAAoPXRoz8oXnCMnY0xlzQ5oJlmmeMo
-=sRzf
+iEYEARECAAYFAlAq3PsACgkQvmGDOQUufZW9SgCfRlOMwbhIVFWyAf14Bi5L0rHo
+6roAn04SSSZ5CNSkNXpgE8mNhzLL2zd0
+=+01n
-----END PGP SIGNATURE-----