A new update is available for Fedora Core - [SECURITY] Fedora Core 3 Update: fetchmail-6.2.5.5-1.fc3. Here the announcement:
Fedora Update Notification
FEDORA-2005-1186
2005-12-20
---------------------------------------------------------------------
Product : Fedora Core 3
Name : fetchmail
Version : 6.2.5.5
Release : 1.fc3
Summary : A remote mail retrieval and forwarding utility.
Description :
Fetchmail is a remote mail retrieval and forwarding utility intended
for use over on-demand TCP/IP links, like SLIP or PPP connections.
Fetchmail supports every remote-mail protocol currently in use on the
Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6,
and IPSEC) for retrieval. Then Fetchmail forwards the mail through
SMTP so you can read it through your favorite mail client.
Install fetchmail if you need to retrieve mail over SLIP or PPP
connections.
---------------------------------------------------------------------
Update Information:
Fetchmail contains a bug where when running in multidrop
mode, a
malicious mail server can crash the client by sending a message
without headers.
This update fixes the issue.
---------------------------------------------------------------------
* Tue Dec 20 2005 Miloslav Trmac <mitr@redhat.com> - 6.2.5.5-1.fc3
- Update to fetchmail-6.2.5.5 (#176267, CVE-2005-4348)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
daba16d4cbf462e3b1bac38df7bbb892 SRPMS/fetchmail-6.2.5.5-1.fc3.src.rpm
ae0ea3ac26ce62758c407f24858e8ba2 x86_64/fetchmail-6.2.5.5-1.fc3.x86_64.rpm
02257f602e4b1b7367af678e0dcd523c x86_64/debug/fetchmail-debuginfo-6.2.5.5-1.fc3.x86_64.rpm
a70fcf8a0c625591dcccd53d2c4c004b i386/fetchmail-6.2.5.5-1.fc3.i386.rpm
fa4640af3727723284cc7e24164fd1ab i386/debug/fetchmail-debuginfo-6.2.5.5-1.fc3.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
