Nom du paquet
fetchmail
Date
2008-06-19
Advisory ID
MDVSA-2008:117
Affected versions
CS4.0 i586 , CS4.0 x86_64 , 2008.0 i586 , 2007.1 i586 , CS3.0 x86_64 , 2008.0 x86_64 , CS3.0 i586 , 2008.1 x86_64 , 2008.1 i586 , 2007.1 x86_64

Problem description

A flaw in fetchmail was discovered that allowed remote attackers
to cause a denial of service (crash and persistent mail failure)
via a malformed message with long headers. The crash only occured
when fetchmail was called in '-v -v' mode (CVE-2008-2711).

The updated packages have been patched to prevent this issue.

Updated packages

CS4.0 i586

 1f69a551eb9f1afbbe6e42be597b1ba1  corporate/4.0/i586/fetchmail-6.2.5-11.6.20060mlcs4.i586.rpm
 421360e6dee540b9d4e28b274724e604  corporate/4.0/i586/fetchmailconf-6.2.5-11.6.20060mlcs4.i586.rpm
 6451f4757de94be5d5a5c8542c8e703b  corporate/4.0/i586/fetchmail-daemon-6.2.5-11.6.20060mlcs4.i586.rpm 
 1c3a942647354d1de2b6abe0253e02b0  corporate/4.0/SRPMS/fetchmail-6.2.5-11.6.20060mlcs4.src.rpm

CS4.0 x86_64

 c9101af89574256bba203cd4f7e215c1  corporate/4.0/x86_64/fetchmail-6.2.5-11.6.20060mlcs4.x86_64.rpm
 938b40ccf9dcade9edf7347fdd42324b  corporate/4.0/x86_64/fetchmailconf-6.2.5-11.6.20060mlcs4.x86_64.rpm
 990a1f0e7642ce75a4923a24990b0b68  corporate/4.0/x86_64/fetchmail-daemon-6.2.5-11.6.20060mlcs4.x86_64.rpm 
 1c3a942647354d1de2b6abe0253e02b0  corporate/4.0/SRPMS/fetchmail-6.2.5-11.6.20060mlcs4.src.rpm

2008.0 i586

 44bf754420177032e7720aa6385d92dd  2008.0/i586/fetchmail-6.3.8-4.1mdv2008.0.i586.rpm
 090719d821a64ebc3ac486bfc1b90363  2008.0/i586/fetchmailconf-6.3.8-4.1mdv2008.0.i586.rpm
 836dbd2dda8acb1267bfaedfb342a1b7  2008.0/i586/fetchmail-daemon-6.3.8-4.1mdv2008.0.i586.rpm 
 67ccd52b855904cdab9c59403ca75144  2008.0/SRPMS/fetchmail-6.3.8-4.1mdv2008.0.src.rpm

2007.1 i586

 77b20fed31ffc8f26b91b289b1735742  2007.1/i586/fetchmail-6.3.6-1.3mdv2007.1.i586.rpm
 48d0099eb291e7ed6de0ee268f483be4  2007.1/i586/fetchmailconf-6.3.6-1.3mdv2007.1.i586.rpm
 efc2563d1ab82b6d0f32762caefa2439  2007.1/i586/fetchmail-daemon-6.3.6-1.3mdv2007.1.i586.rpm 
 a208f8c8096e5204fa17f749c369fa4c  2007.1/SRPMS/fetchmail-6.3.6-1.3mdv2007.1.src.rpm

CS3.0 x86_64

 84203e2a84ad1772a78ba5b5c9c33a2f  corporate/3.0/x86_64/fetchmail-6.2.5-3.7.C30mdk.x86_64.rpm
 3d6dbf92ffc9101a765decbe530437c9  corporate/3.0/x86_64/fetchmailconf-6.2.5-3.7.C30mdk.x86_64.rpm
 156c24d040be43da88842d5ee27b40ba  corporate/3.0/x86_64/fetchmail-daemon-6.2.5-3.7.C30mdk.x86_64.rpm 
 9b1b9c5cab6b2c81b11f26b7587aa096  corporate/3.0/SRPMS/fetchmail-6.2.5-3.7.C30mdk.src.rpm

2008.0 x86_64

 ffd538cbfe8476577c172088e6ab6ccd  2008.0/x86_64/fetchmail-6.3.8-4.1mdv2008.0.x86_64.rpm
 bba7c59daafdf2b922fdc49c8289e950  2008.0/x86_64/fetchmailconf-6.3.8-4.1mdv2008.0.x86_64.rpm
 5ba2c860cdf76975243aa95f637e5bfa  2008.0/x86_64/fetchmail-daemon-6.3.8-4.1mdv2008.0.x86_64.rpm 
 67ccd52b855904cdab9c59403ca75144  2008.0/SRPMS/fetchmail-6.3.8-4.1mdv2008.0.src.rpm

CS3.0 i586

 8ea71c3755960b09d7f24de64d26f8cd  corporate/3.0/i586/fetchmail-6.2.5-3.7.C30mdk.i586.rpm
 d56338486e23c1b4bed562feaeaa9a7b  corporate/3.0/i586/fetchmailconf-6.2.5-3.7.C30mdk.i586.rpm
 2a9a1ea5b35a6079de582d4a023263e3  corporate/3.0/i586/fetchmail-daemon-6.2.5-3.7.C30mdk.i586.rpm 
 9b1b9c5cab6b2c81b11f26b7587aa096  corporate/3.0/SRPMS/fetchmail-6.2.5-3.7.C30mdk.src.rpm

2008.1 x86_64

 afa1fe93700e16c207b26466c379dba0  2008.1/x86_64/fetchmail-6.3.8-7.1mdv2008.1.x86_64.rpm
 38fc1cb8e9b6a838fd7aaac05cbdfd6c  2008.1/x86_64/fetchmailconf-6.3.8-7.1mdv2008.1.x86_64.rpm
 96413fc60a0d5c961e69c5ecae03001c  2008.1/x86_64/fetchmail-daemon-6.3.8-7.1mdv2008.1.x86_64.rpm 
 b4625b074ae3f30016eca5beedddda85  2008.1/SRPMS/fetchmail-6.3.8-7.1mdv2008.1.src.rpm

2008.1 i586

 3183a6eecffd1d3f28cc653d7c1154cb  2008.1/i586/fetchmail-6.3.8-7.1mdv2008.1.i586.rpm
 332305442e6617b3c6e8477b8873d671  2008.1/i586/fetchmailconf-6.3.8-7.1mdv2008.1.i586.rpm
 64f5cd910f5e25a82eb673fc3e017f7d  2008.1/i586/fetchmail-daemon-6.3.8-7.1mdv2008.1.i586.rpm 
 b4625b074ae3f30016eca5beedddda85  2008.1/SRPMS/fetchmail-6.3.8-7.1mdv2008.1.src.rpm

2007.1 x86_64

 f9a9f4086f217c01330a39db69976a80  2007.1/x86_64/fetchmail-6.3.6-1.3mdv2007.1.x86_64.rpm
 64fbf2cba15a7871884859263832effa  2007.1/x86_64/fetchmailconf-6.3.6-1.3mdv2007.1.x86_64.rpm
 826669b445b5107862a07d9b0e75bfb9  2007.1/x86_64/fetchmail-daemon-6.3.6-1.3mdv2007.1.x86_64.rpm 
 a208f8c8096e5204fa17f749c369fa4c  2007.1/SRPMS/fetchmail-6.3.6-1.3mdv2007.1.src.rpm

References