pool/fetchmail
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fetchmail/fetchmail-6.4.20.tar.xz
Dirk Stoecker 79e260e2ae Accepting request 909104 from home:pmonrealgonzalez:branches:server:mail 
- Update to 6.4.20: [bsc#1188875, CVE-2021-36386]
  * CVE-2021-36386: DoS or information disclosure in some configurations.
    When a log message exceeds c. 2 kByte in size, for instance,
    with very long header contents, and depending on verbosity
    option, fetchmail can crash or misreport each first log message
    that requires a buffer reallocation. fetchmail then reallocates
    memory and re-runs vsnprintf() without another call to va_start(),
    so it reads garbage. The exact impact depends on many factors
    around the compiler and operating system configurations used and
    the implementation details of the stdarg.h interfaces of the two
    functions mentioned before.

OBS-URL: https://build.opensuse.org/request/show/909104
OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=117
2021-08-03 08:51:27 +00:00

4 lines
132 B
Plaintext
Raw Blame History

version https://git-lfs.github.com/spec/v1
oid sha256:c82141ae2e8f0039ceb0c5c2eda43c5e93ad0bf7f9c6bb628092b3be74386176
size 1317204
Reference in New Issue View Git Blame Copy Permalink