Subject: Re: Fwd: Advisory 03/2002: Fetchmail remote vulnerabilities
To: Alan Post <>
From: Thorsten Frueauf <>
List: tech-pkg
Date: 09/30/2002 22:59:04

> As seen on bugtraq today.  Seems rather serious to me, as control of the mail
> server is not required to exploit this.
> The version of fetchmail in pkgsrc is 5.9.13.

Thanx for reporting. I updated fetchmail{conf} in pkgsrc to 6.1.0,
updated /pub/NetBSD/packages/distfiles/vulnerabilities on
and copied the new src tarball to /pub/NetBSD/packages/distfiles.