A new update is available for Fedora Core - [SECURITY] Fedora Core 4 Update: fetchmail-6.2.5.5-1.fc4. Here the announcement:
Fedora Update Notification
FEDORA-2005-1187
2005-12-20
---------------------------------------------------------------------
Product : Fedora Core 4
Name : fetchmail
Version : 6.2.5.5
Release : 1.fc4
Summary : A remote mail retrieval and forwarding utility.
Description :
Fetchmail is a remote mail retrieval and forwarding utility intended
for use over on-demand TCP/IP links, like SLIP or PPP connections.
Fetchmail supports every remote-mail protocol currently in use on the
Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6,
and IPSEC) for retrieval. Then Fetchmail forwards the mail through
SMTP so you can read it through your favorite mail client.
Install fetchmail if you need to retrieve mail over SLIP or PPP
connections.
---------------------------------------------------------------------
Update Information:
Fetchmail contains a bug where when running in multidrop
mode, a
malicious mail server can crash the client by sending a message
without headers.
This update fixes the issue.
---------------------------------------------------------------------
* Tue Dec 20 2005 Miloslav Trmac <mitr@redhat.com> - 6.2.5.5-1.fc4
- Update to fetchmail-6.2.5.5 (#176267, CVE-2005-4348)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
b6ae10bb03c0d7772d77d607045fecc5 SRPMS/fetchmail-6.2.5.5-1.fc4.src.rpm
e1ee3d162be7c26575a7400588178b53 ppc/fetchmail-6.2.5.5-1.fc4.ppc.rpm
ecf46353c5dcdcbda53463687d1d60a0 ppc/debug/fetchmail-debuginfo-6.2.5.5-1.fc4.ppc.rpm
4b7270f4e090b48010102a3291576b56 x86_64/fetchmail-6.2.5.5-1.fc4.x86_64.rpm
9c47aafa233cc0823f4962f71b1eef14 x86_64/debug/fetchmail-debuginfo-6.2.5.5-1.fc4.x86_64.rpm
7ffdaf79e697d2037e8a1e2d681b35bf i386/fetchmail-6.2.5.5-1.fc4.i386.rpm
635f0b5b65056809db38de02c89c6be9 i386/debug/fetchmail-debuginfo-6.2.5.5-1.fc4.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.