Subject: Re: Fwd: Advisory 03/2002: Fetchmail remote vulnerabilities
To: Alan Post <apost@interwoven.com>
From: Thorsten Frueauf <milano@zhadum.de>
List: tech-pkg
Date: 09/30/2002 22:59:04
Hello,

> As seen on bugtraq today.  Seems rather serious to me, as control of the mail
> server is not required to exploit this.
> The version of fetchmail in pkgsrc is 5.9.13.

Thanx for reporting. I updated fetchmail{conf} in pkgsrc to 6.1.0,
updated /pub/NetBSD/packages/distfiles/vulnerabilities on ftp.netbsd.org
and copied the new src tarball to /pub/NetBSD/packages/distfiles.

Greets
      Thorsten