Hi, Fetchmail 6.3.1 was released a couple of days ago. I haven't seen a security update for SUSE 10.0 yet and havent found a new src rpm on: http://ftp.opensuse.org/pub/opensuse/distribution/SL-OSS-factory/inst-source... so I can build it myself easily. Any plans? Otherwise I will get the src. Have a pleasent year end, Aschwin Marsman -- aschwin@marsman.org http://www.marsman.org
On Thu, Dec 29, 2005 at 09:19:04PM +0100, Aschwin Marsman wrote:
Hi,
Fetchmail 6.3.1 was released a couple of days ago. I haven't seen a security update for SUSE 10.0 yet and havent found a new src rpm on: http://ftp.opensuse.org/pub/opensuse/distribution/SL-OSS-factory/inst-source... so I can build it myself easily.
Any plans?
Otherwise I will get the src.
In factory it will get once our developers are back from their well earned christmas vacation :) The security fixes for fetchmail will also be provided in the new year. Ciao, Marcus
On Thu, 29 Dec 2005, Marcus Meissner wrote:
On Thu, Dec 29, 2005 at 09:19:04PM +0100, Aschwin Marsman wrote:
Fetchmail 6.3.1 was released a couple of days ago. I haven't seen a security update for SUSE 10.0 yet and havent found a new src rpm on: http://ftp.opensuse.org/pub/opensuse/distribution/SL-OSS-factory/inst-source... so I can build it myself easily.
It's in factory, compiled the src rpm for SUSE 10.0, works fine.
Any plans?
Otherwise I will get the src.
In factory it will get once our developers are back from their well earned christmas vacation :)
The security fixes for fetchmail will also be provided in the new year.
I haven't seen it yet, still in the works? In the latest summary I saw no list of open security issues, is that intentional?
Ciao, Marcus
Best regards, Aschwin Marsman -- aschwin@marsman.org http://www.marsman.org
On Wed, Jan 18, 2006 at 10:59:46AM +0100, Aschwin Marsman wrote:
On Thu, 29 Dec 2005, Marcus Meissner wrote:
On Thu, Dec 29, 2005 at 09:19:04PM +0100, Aschwin Marsman wrote:
Fetchmail 6.3.1 was released a couple of days ago. I haven't seen a security update for SUSE 10.0 yet and havent found a new src rpm on: http://ftp.opensuse.org/pub/opensuse/distribution/SL-OSS-factory/inst-source... so I can build it myself easily.
It's in factory, compiled the src rpm for SUSE 10.0, works fine.
Any plans?
Otherwise I will get the src.
In factory it will get once our developers are back from their well earned christmas vacation :)
The security fixes for fetchmail will also be provided in the new year.
I haven't seen it yet, still in the works?
In the latest summary I saw no list of open security issues, is that intentional?
We are still considering this. As far as I can see this is the one where you actually need to connect to a bad server in multidrop mode ... and it will only cause a crash. We will likely postpone this fix until a more serious issue is uncovered. Ciao, Marcus
On Tue, 24 Jan 2006, Marcus Meissner wrote:
On Wed, Jan 18, 2006 at 10:59:46AM +0100, Aschwin Marsman wrote:
On Thu, 29 Dec 2005, Marcus Meissner wrote:
On Thu, Dec 29, 2005 at 09:19:04PM +0100, Aschwin Marsman wrote:
Fetchmail 6.3.1 was released a couple of days ago. I haven't seen a security update for SUSE 10.0 yet and havent found a new src rpm on: http://ftp.opensuse.org/pub/opensuse/distribution/SL-OSS-factory/inst-source... so I can build it myself easily.
In the latest summary I saw no list of open security issues, is that intentional?
Thanks for your reply.
We are still considering this.
As far as I can see this is the one where you actually need to connect to a bad server in multidrop mode ... and it will only cause a crash.
Fetchmail was found to crash after bouncing a message with bad addresses. This bug was introduced with fetchmail 6.3.0 and fixed in fetchmail 6.3.2. I upgraded to 6.3.2 a couple of days ago. See http://fetchmail.berlios.de/ for those who are interested.
We will likely postpone this fix until a more serious issue is uncovered.
That's up to you.
Ciao, Marcus
Best regards, Aschwin Marsman -- aschwin@marsman.org http://www.marsman.org
participants (2)
-
Aschwin Marsman -
Marcus Meissner