Version 6.3.6 of fetchmail

Release Notes: This release fixes a password disclosure vulnerability (CVE-2006-5867) and a crash in certain situations (CVE-2006-5974). It re-reads /etc/resolv.conf at the beginning of a poll cycle, solving DNS issues on computers in changing network environments. The --logfile and --user options had been broken in 6.3.5, and have been repaired. Kerberos/GSSAPI error messages have been improved when support for these systems was not compiled in. Assorted minor fixes have been made.

Other releases

  •  13 Sep 2013 21:53

    Release Notes: This release fixes a few minor bugs, improves OpenSSL error reporting, and adds an Esperanto translation.

    •  16 Dec 2012 18:38

    Release Notes: Compilation with OpenSSL implementations before 0.9.8m lacking SSL_CTX_clear_options() works again, but is neither supported nor recommended. The combination of "--plugin" and "-f -" was fixed. Logfile vs. syslog handling was cleaned up. Other minor changes were made.

    Release Notes: A security issue where a misinterpreted server response could allow DoS and data theft in NTLM authentication was fixed. This issue was reported as CVE-2012-3482. The false disabling of a countermeasure against plaintext attacks in block ciphers was fixed. Various other minor fixes were made.

    •  22 Aug 2011 12:25

    Release Notes: A NUL byte insertion bug in the IMAP client, which occurred when the last line of the input had no LF and no CRLF termination, was fixed.

    •  06 Jun 2011 13:57

    Release Notes: This release fixes a STARTTLS denial of service vulnerability (CVE-2011-1947). It reduces repetitions in "unseen" message logging and speeds up IMAP fetches with full mailboxes quite a bit. Fetchmail now sets its Internet sockets to keepalive mode, to detect disconnections, and resolves MD5-related build problems.


    Project Spotlight


    Virtual server management software.


    Project Spotlight

    Model Railroad System

    A software package that can help you run your railroad.