-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thu, 1 Feb 2007 12:08:55 +0100 Source: fetchmail Binary: fetchmailconf fetchmail-ssl fetchmail Architecture: source i386 all Version: 6.2.5-12sarge5 Distribution: stable-security Urgency: high Maintainer: Graham Wilson <graham@debian.org> Changed-By: Hector Garcia <hector@debian.org> Description: fetchmail - SSL enabled POP3, APOP, IMAP mail gatherer/forwarder fetchmail-ssl - SSL enabled POP3, APOP, IMAP mail gatherer/forwarder fetchmailconf - fetchmail configurator Changes: fetchmail (6.2.5-12sarge5) stable-security; urgency=high . * SECURITY UPDATE: password can leak in cleartext when SSL configured. * Makefile.in, tls.c, pop2.c, pop3.c, imap.c, smtp.c, fetchmail.h: fixes extracted from Ubuntu who got it backporting from upstream. [CVE-2006-5867] Files: 6f33289df330ad5d6b73a970a131717d 650 mail optional fetchmail_6.2.5-12sarge5.dsc 092b1d26d52b001b85b5afb66936fe90 155433 mail optional fetchmail_6.2.5-12sarge5.diff.gz 2afde54d68ae7174551613028c91403d 101492 mail optional fetchmailconf_6.2.5-12sarge5_all.deb da1c1f925e68bf2385b071648db81f66 42390 mail optional fetchmail-ssl_6.2.5-12sarge5_all.deb 6fc67ff75514e65d15c1ccd78f471046 548738 mail optional fetchmail_6.2.5-12sarge5_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFFz1sbXm3vHE4uyloRAoRoAKDOi8g/FCwNDfpKcKxlsnQgGglkzACfcWJO Iyhj4fYpizfQ6gxkt7g6WIc= =J+V9 -----END PGP SIGNATURE----- Accepted: fetchmail-ssl_6.2.5-12sarge5_all.deb to pool/main/f/fetchmail/fetchmail-ssl_6.2.5-12sarge5_all.deb fetchmail_6.2.5-12sarge5.diff.gz to pool/main/f/fetchmail/fetchmail_6.2.5-12sarge5.diff.gz fetchmail_6.2.5-12sarge5.dsc to pool/main/f/fetchmail/fetchmail_6.2.5-12sarge5.dsc fetchmail_6.2.5-12sarge5_i386.deb to pool/main/f/fetchmail/fetchmail_6.2.5-12sarge5_i386.deb fetchmailconf_6.2.5-12sarge5_all.deb to pool/main/f/fetchmail/fetchmailconf_6.2.5-12sarge5_all.deb