Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

fetchmail-6.3.8-2tr RPM for i586

From Trustix 3.0 for i586

Name: fetchmail Distribution: Trustix Secure Linux
Version: 6.3.8 Vendor: Comodo Trustix
Release: 2tr Build date: Thu Sep 20 11:57:43 2007
Group: Trustix Official Build host: ttrmgtnived.comodo.net
Size: 1090330 Source RPM: fetchmail-6.3.8-2tr.src.rpm
Packager: Comodo Trustix <http://www.trustix.com>
Summary: A remote mail retrieval and forwarding utility.
Fetchmail is a remote mail retrieval and forwarding utility intended
for use over on-demand TCP/IP links, like SLIP or PPP connections.
Fetchmail supports every remote-mail protocol currently in use on the
Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6,
and IPSEC) for retrieval. Then Fetchmail forwards the mail through
SMTP so you can read it through your favorite mail client.

Provides

Requires

License

GPL

Changelog

* Thu Sep 20 2007 Nived Gopalan <nived at trustix dot org> 6.3.8-2tr
  - SECURITY Fix: An error exists in fetchmail which allows
    context-dependent attackers to cause a denial of service (NULL
    dereference and application crash) by refusing certain warning
    messages that are sent over SMTP.
  
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the names CVE-2007-4565 to this issue.
* Fri May 18 2007 Bipin S <bipin at trustix dot org> 6.3.8-1tr
  - New upsteam.
  - SECURITY Fix: A weakness has been identified which is caused
    by an error in the APOP protocol that fails to properly prevent
    MD5 collisions, which could be exploited via man-in-the-middle
    attacks and specially crafted message-IDs to potentially disclose
    the first three characters of passwords.
                                                                                                                               
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the names CVE-2007-1558 to this issue.
* Fri Feb 09 2007 Bipin S <bipin at trustix dot org> 6.3.6-1tr
  - New Upstream.
  - SECURITY Fix: Fetchmail does not properly enforce TLS and may
    transmit cleartext passwords over unsecured links if certain
    circumstances occur, which allows remote attackers to obtain
    sensitive information via man-in-the-middle (MITM) attacks.
  - A vulnerability has been reported in Fetchmail caused due to
    a NULL pointer dereference error when rejecting a message sent
    to an MDA, which could be exploited by attackers to cause a
    denial of service.
                                                                                                                               
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the names CVE-2006-5867 and CVE-2006-5974 to these issues.
* Thu Jan 05 2006 Nived Gopalan <nived at trustix dot org> 6.2.5.5-1tr
  - New Upstream.
  - SECURITY Fix: A vulnerability has been reported in Fetchmail caused due
    to a null pointer dereferencing error when handling a message without 
    email headers. This can be exploited to crash Fetchmail when the 
    upstream mail server sends a message without headers.
  
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CVE-2005-4348 to this issue.
* Fri Oct 21 2005 Ajith Thampi <ajith at comodo dot com> 6.2.5.2-3tr
  - Added PreReq of chkconfig
* Tue Aug 02 2005 Ajith Thampi <ajith at comodo dot com> 6.2.5.2-2tr
  - Added fetchmail.init (by Olaf Rempel)
  - Enabled support for ipv6
  - Added a sample fetchmailrc for usage
  - Fixed BuildRequires, Bug #1138
* Mon Jul 25 2005 Syed Shabir Zakiullah <syedshabir at comodo dot com> 6.2.5.2-1tr
  - New Upstream
  - Security Fix: Remote code injection vulnerability in fetchmail
  - The POP3 code that deals with UIDs (from the UIDL) reads the responses returned 
    by the POP3 server into fixed-size buffers allocated on the stack, without 
    limiting the input length to the buffer size. A compromised or malicious POP3 
    server can thus overrun fetchmail's stack.  This affects POP3 and all of its
    variants, for instance but not limited to APOP
  
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2005-2335 to this issue.
* Mon May 30 2005 Bipin <bipin at comodo dot com> 6.2.5-1tr
  - New entry into TSL-3.0 official
* Fri May 27 2005 Ajith Thampi <ajith at comodo dot com> 6.2.5-2ta
  - Removed the fetchmailconf binary as it is no more needed.
  - Added ssl support and fallback to procmail
  - placing man pages into mandir as expected
* Wed Apr 13 2005 Thushara Gopalakrishnan <thushara at comodo dot com> 6.2.5-1th
  - Initial release

Files

/etc/fetchmailrc
/etc/init.d/fetchmail
/usr/bin/fetchmail
/usr/lib/python2.3/site-packages/fetchmailconf.py
/usr/lib/python2.3/site-packages/fetchmailconf.pyc
/usr/lib/python2.3/site-packages/fetchmailconf.pyo
/usr/share/doc/fetchmail-6.3.8
/usr/share/doc/fetchmail-6.3.8/COPYING
/usr/share/doc/fetchmail-6.3.8/FAQ
/usr/share/doc/fetchmail-6.3.8/FEATURES
/usr/share/doc/fetchmail-6.3.8/INSTALL
/usr/share/doc/fetchmail-6.3.8/NEWS
/usr/share/doc/fetchmail-6.3.8/NOTES
/usr/share/doc/fetchmail-6.3.8/README
/usr/share/doc/fetchmail-6.3.8/design-notes.html
/usr/share/doc/fetchmail-6.3.8/esrs-design-notes.html
/usr/share/doc/fetchmail-6.3.8/fetchmail-FAQ.html
/usr/share/doc/fetchmail-6.3.8/fetchmail-features.html
/usr/share/doc/fetchmail-6.3.8/fetchmail-man.html
/usr/share/doc/fetchmail-6.3.8/fetchmailrc.sample
/usr/share/doc/fetchmail-6.3.8/todo.html
/usr/share/man/man1/man1
/usr/share/man/man1/man1/fetchmail.1.gz
/usr/share/man/man1/man1/fetchmailconf.1.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Apr 10 13:04:25 2014