Advisories
Mandriva Advisories
|
 |
| Problem Description |
A vulnerability was discovered in all versions of fetchmail prior to 6.2.0
that allows a remote attacker to crash fetchmail and potentially execute
arbitrary code by sending carefully crafted email wihch is then parsed by
fetchmail. The vulnerability has been fixed in these patched packages of
fetchmail.
| Updated Packages |
Mandrakelinux 7.2
09b09cfc1201855f7054b4a1220eb0ac 7.2/RPMS/fetchmail-6.1.0-1.1mdk.i586.rpm 55d00ec08f33259a9e5d53547d96cdef 7.2/RPMS/fetchmail-daemon-6.1.0-1.1mdk.i586.rpm e8692ed27f42565d8da8f2cf473be549 7.2/RPMS/fetchmailconf-6.1.0-1.1mdk.i586.rpm dc7f71e43fb30f75ee528248e98fa79e 7.2/SRPMS/fetchmail-6.1.0-1.1mdk.src.rpm
Mandrakelinux 8.0
30e487512f193b71028f179d6bbb3bc6 8.0/RPMS/fetchmail-6.1.0-1.1mdk.i586.rpm 47d08cab20307e381421bb5570b5164e 8.0/RPMS/fetchmail-daemon-6.1.0-1.1mdk.i586.rpm dc6f30643789abf9b73253711e4e8970 8.0/RPMS/fetchmailconf-6.1.0-1.1mdk.i586.rpm dc7f71e43fb30f75ee528248e98fa79e 8.0/SRPMS/fetchmail-6.1.0-1.1mdk.src.rpm
Mandrakelinux 8.0/PPC
eb00506275596e2918cf7981abfa065b ppc/8.0/RPMS/fetchmail-6.1.0-1.1mdk.ppc.rpm 22349788a64db2029a5f3f7530b1b821 ppc/8.0/RPMS/fetchmail-daemon-6.1.0-1.1mdk.ppc.rpm fbaa4b85c3c7dc56b40ca211eca60762 ppc/8.0/RPMS/fetchmailconf-6.1.0-1.1mdk.ppc.rpm dc7f71e43fb30f75ee528248e98fa79e ppc/8.0/SRPMS/fetchmail-6.1.0-1.1mdk.src.rpm
Mandrakelinux 8.1
daca21fc52493d1137741c65ba095a69 8.1/RPMS/fetchmail-6.1.0-1.1mdk.i586.rpm 82d822a517f40ee3fe55cdbd55f113cc 8.1/RPMS/fetchmail-daemon-6.1.0-1.1mdk.i586.rpm 0ee01bd3d00b4bc2c77280d0a47ab606 8.1/RPMS/fetchmailconf-6.1.0-1.1mdk.i586.rpm dc7f71e43fb30f75ee528248e98fa79e 8.1/SRPMS/fetchmail-6.1.0-1.1mdk.src.rpm
Mandrakelinux 8.1/IA64
da314f2e2e2155291d008cedabf742df ia64/8.1/RPMS/fetchmail-6.1.0-1.1mdk.ia64.rpm 04eacceb0e19945292c4230a3134ebfa ia64/8.1/RPMS/fetchmail-daemon-6.1.0-1.1mdk.ia64.rpm 689127d42916516e1fb2dfa518fb54ed ia64/8.1/RPMS/fetchmailconf-6.1.0-1.1mdk.ia64.rpm dc7f71e43fb30f75ee528248e98fa79e ia64/8.1/SRPMS/fetchmail-6.1.0-1.1mdk.src.rpm
Mandrakelinux 8.2
eb12f9ca8e39d0d39766651620fb9f6c 8.2/RPMS/fetchmail-6.1.0-1.1mdk.i586.rpm 19500ee98ef039fd1756eee0665d0316 8.2/RPMS/fetchmail-daemon-6.1.0-1.1mdk.i586.rpm 45155b86ff86c81dfdcaa4df143ae296 8.2/RPMS/fetchmailconf-6.1.0-1.1mdk.i586.rpm dc7f71e43fb30f75ee528248e98fa79e 8.2/SRPMS/fetchmail-6.1.0-1.1mdk.src.rpm
Mandrakelinux 8.2/PPC
a76d42428ce53c6167a9d34b542e726f ppc/8.2/RPMS/fetchmail-6.1.0-1.1mdk.ppc.rpm 31d22b48b55fbb69b473e45f75b96f68 ppc/8.2/RPMS/fetchmail-daemon-6.1.0-1.1mdk.ppc.rpm 9a1c7d26efd563c4612b8c92492a4e18 ppc/8.2/RPMS/fetchmailconf-6.1.0-1.1mdk.ppc.rpm dc7f71e43fb30f75ee528248e98fa79e ppc/8.2/SRPMS/fetchmail-6.1.0-1.1mdk.src.rpm
Mandrakelinux 9.0
0241b816670a5c34c5ac83a6f12caae5 9.0/RPMS/fetchmail-6.1.0-1.1mdk.i586.rpm cac767e27d2c40602276998a7caf8598 9.0/RPMS/fetchmail-daemon-6.1.0-1.1mdk.i586.rpm 4f73e40b76887ebf2aa532cf00fd95e8 9.0/RPMS/fetchmailconf-6.1.0-1.1mdk.i586.rpm dc7f71e43fb30f75ee528248e98fa79e 9.0/SRPMS/fetchmail-6.1.0-1.1mdk.src.rpm
| References |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1365
http://security.e-matters.de/advisories/052002.html
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.