Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves one vulnerability can now be installed.. # Security update for fetchmail Announcement ID: SUSE-SU-2026:20935-1 Release Date: 2026-03-26T09:57:56Z Rating: moderate References: * bsc#1251194 Cross-References: * CVE-2025-61962 CVSS scores: * CVE-2025-61962 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61962 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server - BCI 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for fetchmail fixes the following issues: * CVE-2025-61962: Fixed denial of service (bsc#1251194) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server - BCI 16.0 zypper in -t patch SUSE-SLES-16.0-449=1 ## Package List: * SUSE Linux Enterprise Server - BCI 16.0 (aarch64 ppc64le s390x x86_64) * fetchmail-debugsource-6.5.2-160000.3.1 * fetchmail-6.5.2-160000.3.1 * fetchmail-debuginfo-6.5.2-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-61962.html * https://bugzilla.suse.com/show_bug.cgi?id=1251194 . This SUSE advisory addresses a moderate issue in fetchmail related to a denial of service vulnerability, providing the necessary update details.. SUSE fetchmail update, security advisory, denial of service bug. . LinuxSecurity.com Team
* bsc#1251194 Cross-References: * CVE-2025-61962 . # Security update for fetchmail Announcement ID: SUSE-SU-2025:3966-1 Release Date: 2025-11-06T10:48:18Z Rating: moderate References: * bsc#1251194 Cross-References: * CVE-2025-61962 CVSS scores: * CVE-2025-61962 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61962 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for fetchmail fixes the following issues: * CVE-2025-61962: fixed a denial of service condition (bsc#1251194) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3966=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * fetchmail-debuginfo-6.3.26-13.21.1 * fetchmail-6.3.26-13.21.1 * fetchmail-debugsource-6.3.26-13.21.1 * fetchmailconf-6.3.26-13.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-61962.html * https://bugzilla.suse.com/show_bug.cgi?id=1251194 . Fetchmail on SUSE requires a moderate security update for a denial of service issue. Install the recommended patch promptly.. Fetchmail update, SUSE security, denial of service, fetchmail fix. . LinuxSecurity.com Team
* bsc#1251194 Cross-References: * CVE-2025-61962 . # Security update for fetchmail Announcement ID: SUSE-SU-2025:3845-1 Release Date: 2025-10-28T16:43:04Z Rating: moderate References: * bsc#1251194 Cross-References: * CVE-2025-61962 CVSS scores: * CVE-2025-61962 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61962 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for fetchmail fixes the following issues: * CVE-2025-61962: fixed a denial of service condition (bsc#1251194) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3845=1 openSUSE-SLE-15.6-2025-3845=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3845=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3845=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3845=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-3845=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) *fetchmail-debugsource-6.4.22-150600.35.3.1 * fetchmail-debuginfo-6.4.22-150600.35.3.1 * fetchmailconf-6.4.22-150600.35.3.1 * fetchmail-6.4.22-150600.35.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * fetchmail-debugsource-6.4.22-150600.35.3.1 * fetchmail-debuginfo-6.4.22-150600.35.3.1 * fetchmail-6.4.22-150600.35.3.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * fetchmail-debugsource-6.4.22-150600.35.3.1 * fetchmail-debuginfo-6.4.22-150600.35.3.1 * fetchmail-6.4.22-150600.35.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * fetchmail-debugsource-6.4.22-150600.35.3.1 * fetchmail-debuginfo-6.4.22-150600.35.3.1 * fetchmailconf-6.4.22-150600.35.3.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * fetchmail-debugsource-6.4.22-150600.35.3.1 * fetchmail-debuginfo-6.4.22-150600.35.3.1 * fetchmailconf-6.4.22-150600.35.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-61962.html * https://bugzilla.suse.com/show_bug.cgi?id=1251194 . New SUSE update addresses fetchmail issues with moderate severity, involving a denial of service fix through CVE-2025-61962.. SUSE Fetchmail Update, Denial of Service, Software Security Fix. . LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for fetchmail Announcement ID: SUSE-SU-2025:3845-1 Release Date: 2025-10-28T16:43:04Z Rating: moderate References: * bsc#1251194 Cross-References: * CVE-2025-61962 CVSS scores: * CVE-2025-61962 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61962 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for fetchmail fixes the following issues: * CVE-2025-61962: fixed a denial of service condition (bsc#1251194) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3845=1 openSUSE-SLE-15.6-2025-3845=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3845=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3845=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3845=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-3845=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) *fetchmail-debugsource-6.4.22-150600.35.3.1 * fetchmail-debuginfo-6.4.22-150600.35.3.1 * fetchmailconf-6.4.22-150600.35.3.1 * fetchmail-6.4.22-150600.35.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * fetchmail-debugsource-6.4.22-150600.35.3.1 * fetchmail-debuginfo-6.4.22-150600.35.3.1 * fetchmail-6.4.22-150600.35.3.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * fetchmail-debugsource-6.4.22-150600.35.3.1 * fetchmail-debuginfo-6.4.22-150600.35.3.1 * fetchmail-6.4.22-150600.35.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * fetchmail-debugsource-6.4.22-150600.35.3.1 * fetchmail-debuginfo-6.4.22-150600.35.3.1 * fetchmailconf-6.4.22-150600.35.3.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * fetchmail-debugsource-6.4.22-150600.35.3.1 * fetchmail-debuginfo-6.4.22-150600.35.3.1 * fetchmailconf-6.4.22-150600.35.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-61962.html * https://bugzilla.suse.com/show_bug.cgi?id=1251194 . Update for fetchmail addresses a moderate denial of service issue with CVE-2025-61962 in openSUSE distributions.. fetchmail update, openSUSE advisory, security patch, denial of service. . LinuxSecurity.com Team
fetchmail could be made to crash if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-7838-1 October 23, 2025 fetchmail vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: fetchmail could be made to crash if it received specially crafted network traffic. Software Description: - fetchmail: SSL enabled POP3, APOP, IMAP mail gatherer/forwarder Details: It was discovered that the fetchmail SMTP client incorrectly handled certain status code messages. An attacker controlling a malicious server could possibly use this issue to cause fetchmail to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 fetchmail 6.4.39-1ubuntu0.1 Ubuntu 24.04 LTS fetchmail 6.4.38-1ubuntu4.1 Ubuntu 22.04 LTS fetchmail 6.4.27-1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7838-1 CVE-2025-61962 Package Information: https://launchpad.net/ubuntu/+source/fetchmail/6.4.39-1ubuntu0.1 https://launchpad.net/ubuntu/+source/fetchmail/6.4.38-1ubuntu4.1 https://launchpad.net/ubuntu/+source/fetchmail/6.4.27-1ubuntu0.1 . Fetchmail crash risk from malicious traffic. Important update required on Ubuntu 22.04, 24.04, and 25.04 LTS.. fetchmail update, Ubuntu security, DoS threat, fetchmail vulnerability, mail gatherer. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # fetchmail-6.5.6-1.1 on GA media Announcement ID: openSUSE-SU-2025:15653-1 Rating: moderate Cross-References: * CVE-2025-61962 CVSS scores: * CVE-2025-61962 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the fetchmail-6.5.6-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * fetchmail 6.5.6-1.1 * fetchmailconf 6.5.6-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-61962.html . Discover a moderate vulnerability in fetchmail for openSUSE Tumbleweed with security updates addressing CVE-2025-61962.. fetchmail update, openSUSE vulnerability, security patch, CVE-2025-61962, Linux security advisory. . LinuxSecurity.com Team
Update to fetchmail-6.5.6 (CVE-2025-61962). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-ab3c40c1f4 2025-10-18 01:16:41.291788+00:00 -------------------------------------------------------------------------------- Name : fetchmail Product : Fedora 42 Version : 6.5.6 Release : 1.fc42 URL : http://www.fetchmail.info/ Summary : A remote mail retrieval and forwarding utility Description : Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6, and IPSEC) for retrieval. Then Fetchmail forwards the mail through SMTP so you can read it through your favorite mail client. Install fetchmail if you need to retrieve mail over SLIP or PPP connections. -------------------------------------------------------------------------------- Update Information: Update to fetchmail-6.5.6 (CVE-2025-61962) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2025 Vitezslav Crhonek - 6.5.6-1 - Update to fetchmail-6.5.6 (CVE-2025-61962) Resolves: #2402010 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2402010 - CVE-2025-61962 fetchmail: Fetchmail denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2402010 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-ab3c40c1f4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. Moredetails on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Update to fetchmail-6.5.6 (CVE-2025-61962). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-fa8d0fb866 2025-10-18 00:58:49.259029+00:00 -------------------------------------------------------------------------------- Name : fetchmail Product : Fedora 41 Version : 6.5.6 Release : 1.fc41 URL : http://www.fetchmail.info/ Summary : A remote mail retrieval and forwarding utility Description : Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6, and IPSEC) for retrieval. Then Fetchmail forwards the mail through SMTP so you can read it through your favorite mail client. Install fetchmail if you need to retrieve mail over SLIP or PPP connections. -------------------------------------------------------------------------------- Update Information: Update to fetchmail-6.5.6 (CVE-2025-61962) -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2025 Vitezslav Crhonek - 6.5.6-1 - Update to fetchmail-6.5.6 (CVE-2025-61962) Resolves: #2402009 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2402009 - CVE-2025-61962 fetchmail: Fetchmail denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2402009 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-fa8d0fb866' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. Moredetails on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Get the latest Linux and open source security news straight to your inbox.