Information on source package fetchmail

Available versions

ReleaseVersion
bullseye6.4.16-4+deb11u1
bookworm6.4.37-1
trixie6.4.39-1
sid6.4.39-1

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2021-39272vulnerable (no DSA)fixedfixedfixedFetchmail before 6.4.22 fails to enforce STARTTLS session encryption i ...

Resolved issues

BugDescription
CVE-2021-36386report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits i ...
CVE-2012-3482Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debu ...
CVE-2011-1947fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time a ...
CVE-2010-1167fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not p ...
CVE-2010-0562The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, ...
CVE-2009-2666socket.c in fetchmail before 6.3.11 does not properly handle a '\0' ch ...
CVE-2008-2711fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, ...
CVE-2007-4565sink.c in fetchmail before 6.3.9 allows context-dependent attackers to ...
CVE-2007-1558The APOP protocol allows remote attackers to guess the first 3 charact ...
CVE-2006-5974fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message de ...
CVE-2006-5867fetchmail before 6.3.6-rc4 does not properly enforce TLS and may trans ...
CVE-2006-0321fetchmail 6.3.0 and other versions before 6.3.2 allows remote attacker ...
CVE-2005-4348fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidr ...
CVE-2005-3088fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 create ...
CVE-2005-2335Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows ...
CVE-2003-0792Fetchmail 6.2.4 and earlier does not properly allocate memory for long ...
CVE-2002-1365Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not acc ...
CVE-2002-1175The getmxrecord function in Fetchmail 6.0.0 and earlier does not prope ...
CVE-2002-1174Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers ...

Security announcements

DSA / DLADescription
DSA-1852-1fetchmail - SSL certificate verification weakness
DSA-1377-2fetchmail - null pointer dereference
DSA-1259-1fetchmail
DSA-939-1fetchmail - programming error
DSA-900-3fetchmail - programming error
DSA-774-1fetchmail - buffer overflow
DSA-216fetchmail - buffer overflow
DSA-171fetchmail - buffer overflows

Search for package or bug name: Reporting problems