1 issue left for the package maintainer to handle:
CVE-2021-39272:
(needs triaging)
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
Among the 4 debian patches
available in version 6.4.37-1 of the package,
we noticed the following issues:
4 patches
where the metadata indicates that the patch has not yet been forwarded
upstream. You should either forward the patch upstream or update the
metadata to document its real status.
![[bug history graph]](https://qa.debian.org/data/bts/graphs/f/fetchmail.png){kind=link}