Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Slackware 13.0: SSA:2010-136-01 Critical Fetchmail DoS Issue

slackware
Calendar Grey May 17, 2010
Dist Slackware Esm H88
Fetchmail software has received updates across various Slackware releases to resolve a significant denial of service vulnerability.
New fetchmail packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue

Summary

Here are the details from the Slackware 13.0 ChangeLog: patches/packages/fetchmail-6.3.17-i486-1_slack13.0.txz: Upgraded. A crafted header or POP3 UIDL list could cause a memory leak and crash leading to a denial of service. For more information, see: https://www.cve.org/CVERecord?id=CVE-2010-1167 (* Security fix *)

Topics%20covered

Topics Covered

security advisory denial of service critical issue fetchmail slackware

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 8.1:
Updated package for Slackware 9.0:
Updated package for Slackware 9.1:
Updated package for Slackware 10.0:
Updated package for Slackware 10.1:
Updated package for Slackware 10.2:
Updated package for Slackware 11.0:
Updated package for Slackware 12.0:
Updated package for Slackware 12.1:
Updated package for Slackware 12.2:
Updated package for Slackware 13.0:
Updated package for Slackware x86_64 13.0:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -curre...

Read the Full Advisory

MD5 Signatures

Slackware 8.1 package: 954d5af2d7a73d30e74f28a5d2daa271 fetchmail-6.3.17-i386-1_slack8.1.tgz
Slackware 9.0 package: 6e7602e1573181709cd1aa475d9d26e0 fetchmail-6.3.17-i386-1_slack9.0.tgz
Slackware 9.1 package: d45e5345faf0b365baa32a3af36a8045 fetchmail-6.3.17-i486-1_slack9.1.tgz
Slackware 10.0 package: 321a11f1e1463ec1c4727dd3046c1efa fetchmail-6.3.17-i486-1_slack10.0.tgz
Slackware 10.1 package: 06e126d0fe6e91048caa76d46462f9d9 fetchmail-6.3.17-i486-1_slack10.1.tgz
Slackware 10.2 package: 01471be554c3dcb74ee9291fa93ac73f fetchmail-6.3.17-i486-1_slack10.2.tgz
Slackware 11.0 package: a601fc584b65cdd76356861c8b70014e fetchmail-6.3.17-i486-1_slack11.0.tgz
Slackware 12.0 package: 240bec2e78149aad8bd324182345edab fetchmail-6.3.17-i486-1_slack12.0.tgz
Slackware 12.1 package: d645afc797b455c4a6d6d13f115696b6 fetchmail-6.3.17-i486-1_slack12.1.tgz
Slackware 12.2 package: 8fbdf6195fe2183bab784f507e5380ff fetchmail-6.3.17-i486-1_slack12.2.tgz
Slackware 13.0 package: 4df616b4e26ee1c1281fdd420faedade fetchmail-6.3.17-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: d805ea49a10834b8a057a86a3006f2d4 fetchmail-6.3.17-x86_64-1_slack13.0.txz
Slackware -current package: cf3846641063e520649b235888dfda44 n/fetchmail-6.3.17-i486-1.txz
Slackware x86_64 -current package: 410cd426c48dd47e0c4e4b27e2cfd913 n/fetchmail-6.3.17-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory denial of service critical issue fetchmail slackware

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg fetchmail-6.3.17-i486-1_slack13.0.txz

Related News

Your message here