5cc5034daa
For more details have a look at http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt Changes listed within the NEWS file since 6.2.5: fetchmail-6.2.5.2 (Fri Jul 22 01:52 GMT 2005): * NOTE: Due to a Makefile.in bug, you may need to use GNU make. * SECURITY FIX: truncate UIDL replies, lest malicious or compromised POP3 servers overflow fetchmail's stack. Debian bug #212762. This is a remote root exploit. CVE Name: CAN-2005-2335. Thanks: Miloslav Trmac for pointing out the fix in 6.2.5.1 was buggy. Thanks: Ludwig Nussel for a much simpler fix. * Critical fix: omit blank between MAIL FROM: and <user@example.org>, as this causes mail loss with some listeners. * Fix: POP2 driver wouldn't properly check authentication failure. * Sunil Shetye's fix to force fetchsizelimit to 1 for APOP and RPOP.
12 lines
667 B
Text
12 lines
667 B
Text
$NetBSD: distinfo,v 1.31 2005/07/22 14:27:52 frueauf Exp $
|
|
|
|
SHA1 (fetchmail-6.2.5.tar.gz) = 4656ec4393ccd1c137fe7b331f77cb26b576ac0e
|
|
RMD160 (fetchmail-6.2.5.tar.gz) = e32b91a959d0e80c4bd45a8758811cbe95a98180
|
|
Size (fetchmail-6.2.5.tar.gz) = 1257376 bytes
|
|
SHA1 (patch-aa) = 3c8aaac5d53c1069995ab74ad99bc5e64843a507
|
|
SHA1 (patch-ab) = 009a97639502365f8b6ec4e854622620391a812f
|
|
SHA1 (patch-ac) = ef0e651807bb0942ca79ed3b10ffc000f71bd330
|
|
SHA1 (patch-ad) = b6bffc59f28992fa0d3de0f9dad250c73bbeffc6
|
|
SHA1 (patch-ae) = 3acbacee78ab2084a615b0c02b7f83e563bfc7ac
|
|
SHA1 (patch-af) = 06e7b84566b0d3ed50b56f88baf23f15ae21eb21
|
|
SHA1 (patch-ag) = e27a4769dc804bec71b449bed7ff318d15ae8bdf
|