Ubuntu Security Notice USN-233-1
2nd January, 2006
fetchmail vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 5.10
- Ubuntu 5.04
- Ubuntu 4.10
Details
Steve Fosdick discovered a remote Denial of Service vulnerability in
fetchmail. When using fetchmail in 'multidrop' mode, a malicious email
server could cause a crash by sending an email without any headers.
Since fetchmail is commonly called automatically (with cron, for
example), this crash could go unnoticed.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 5.10:
- fetchmail
- Ubuntu 5.04:
- fetchmail
- Ubuntu 4.10:
- fetchmail
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
None