[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

am I a sitting duck for fetchmail hole because can't upgrade?

Just curious, we see a security bulletin that fetchmail should be
upgraded to avoid a malformed hostname threat.

I could wget the new fetchmail .deb with my flimsy modem but I see it
depends on libc6 that is newer than the one on the sid cd set of
2002.10.10 that I have installed.

If I also get the new libc6 that probably means I got to make a lot of
other changes too which means I really should have a new CD set? Which
means I have to go to town and ask my friend to burn a new set which
is something I didn't want to have to do more than once a year.

So I am a sitting duck for a malformed mail message?  Perhaps as at
least my other pal runs an spamassassin and exim filter on my mail
before I download it with fetchmail, perhaps I can change a rule in
.exim/filter to protect myself?  Or maybe something can be done in

P.S. on http://packages.debian.org/unstable/mail/fetchmail-ssl.html
it says it depends on "fetchmail-common (= 6.1.2-1) (NOT AVAILABLE)"
Does that mean one is screwed either way?
http://jidanni.org/ Taiwan(04)25854780

Reply to: