A new update is available for Fedora Core - [SECURITY] Fedora Core 4 Update: libc-client-2002e-17. Here the announcement:
Fedora Update Notification
FEDORA-2005-1115
2005-12-08
---------------------------------------------------------------------
Product : Fedora Core 4
Name : libc-client
Version : 2002e
Release : 17
Summary : C-client mail access routines for IMAP and POP protocols
Description :
C-client is a common API for accessing mailboxes. It is used internally by
the popular PINE mail reader, the University of Washington's IMAP server
and PHP.
---------------------------------------------------------------------
Update Information:
The c-client library provides an API which allows
applications to access and manipulate remote mail boxes.
The library contains a bug in its mail_valid_net_parse()
function. If an application allows untrusted input to be
supplied to this function, its stack may become corrupted.
This update backports the fix from imap-2004g which resolves
this issue.
---------------------------------------------------------------------
* Thu Dec 1 2005 Nalin Dahyabhai <nalin@redhat.com> 2002e-17
- account for the /usr/share/ssl -> /etc/pki/tls move in the patch which
sets the locations at compile-time (more of #165967)
* Wed Nov 23 2005 Nalin Dahyabhai <nalin@redhat.com> 2002e-16
- rebuild
* Wed Nov 23 2005 Nalin Dahyabhai <nalin@redhat.com> 2002e-15
- rebuild
* Wed Nov 23 2005 Nalin Dahyabhai <nalin@redhat.com> 2002e-14
- rebuild
* Wed Nov 23 2005 Nalin Dahyabhai <nalin@redhat.com> 2002e-13
- apply fix for CVE-2005-2933: buffer overflow (#171345)
* Wed Nov 9 2005 Tomas Mraz <tmraz@redhat.com> 2002e-12
- rebuilt against new openssl
* Sat Oct 15 2005 Florian La Roche <laroche@redhat.com>
- fix to rebuild at least, seems the way to specify the
include dir is a bit broken
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
74e71a958021a53edfd632ca92145e8f SRPMS/libc-client-2002e-17.src.rpm
52839d60a1dedda6cec987bbf4590b07 ppc/libc-client-2002e-17.ppc.rpm
7b0f2cbe941bbb3abc4d0f54779ae217 ppc/libc-client-devel-2002e-17.ppc.rpm
c6568ccc39240ec5bcf5613a8ab94aa7 ppc/debug/libc-client-debuginfo-2002e-17.ppc.rpm
8d2660b1ce5d70f750760a1a69950d74 ppc/libc-client-2002e-17.ppc64.rpm
8791383ebfca4a12feecc83235d69352 x86_64/libc-client-2002e-17.x86_64.rpm
2323d4fe60fcf342ac0366aef688e52d x86_64/libc-client-devel-2002e-17.x86_64.rpm
293dddb99622975f39ad268453a27743 x86_64/debug/libc-client-debuginfo-2002e-17.x86_64.rpm
4a344561de695b7f15f979d640046694 x86_64/libc-client-2002e-17.i386.rpm
4a344561de695b7f15f979d640046694 i386/libc-client-2002e-17.i386.rpm
1bf275133ec054b1567fb74db13ffe7d i386/libc-client-devel-2002e-17.i386.rpm
3926fefbe75d22da13e5fdb924056396 i386/debug/libc-client-debuginfo-2002e-17.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.