[SECURITY] Fedora Core 4 Test Update: libc-client-2002e-17

Nalin Dahyabhai nalin at redhat.com
Thu Dec 1 20:26:59 UTC 2005 

---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2005-1115
2005-12-01
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : libc-client
Version     : 2002e                      
Release     : 17                  
Summary     : C-client mail access routines for IMAP and POP protocols
Description :
C-client is a common API for accessing mailboxes. It is used internally by
the popular PINE mail reader, the University of Washington's IMAP server
and PHP.

---------------------------------------------------------------------
Update Information:

The c-client library provides an API which allows
applications to access and manipulate remote mail boxes.

The library contains a bug in its mail_valid_net_parse()
function. If an application allows untrusted input to be
supplied to this function, its stack may become corrupted.
This update backports the fix from imap-2004g which resolves
this issue.
---------------------------------------------------------------------
* Thu Dec  1 2005 Nalin Dahyabhai <nalin at redhat.com> 2002e-17
- account for the /usr/share/ssl -> /etc/pki/tls move in the patch which
  sets the locations at compile-time (more of #165967)

* Wed Nov 23 2005 Nalin Dahyabhai <nalin at redhat.com> 2002e-16
- rebuild

* Wed Nov 23 2005 Nalin Dahyabhai <nalin at redhat.com> 2002e-15
- rebuild

* Wed Nov 23 2005 Nalin Dahyabhai <nalin at redhat.com> 2002e-14
- rebuild

* Wed Nov 23 2005 Nalin Dahyabhai <nalin at redhat.com> 2002e-13
- apply fix for CVE-2005-2933: buffer overflow (#171345)

* Wed Nov  9 2005 Tomas Mraz <tmraz at redhat.com> 2002e-12
- rebuilt against new openssl

* Sat Oct 15 2005 Florian La Roche <laroche at redhat.com>
- fix to rebuild at least, seems the way to specify the
  include dir is a bit broken


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/4/

f923ec5883995dc3efd09066324c9e30  SRPMS/libc-client-2002e-17.src.rpm
8f27bfc6ae0569101de0f2c883356549  ppc/libc-client-2002e-17.ppc.rpm
9c9579e20d4aa75f5bfe84c989e4ab8f  ppc/libc-client-devel-2002e-17.ppc.rpm
0c42b57dfe9f049bf927975e94eb23f7  ppc/debug/libc-client-debuginfo-2002e-17.ppc.rpm
a5098520381adcb004f039b21f1dd844  ppc/libc-client-2002e-17.ppc64.rpm
c387e218b76939bfc047da12d6a549fd  x86_64/libc-client-2002e-17.x86_64.rpm
e6e1ceb04d7cbb3d7fcc610759d50685  x86_64/libc-client-devel-2002e-17.x86_64.rpm
4d7b4ce14210b611d7cbb492b8a32403  x86_64/debug/libc-client-debuginfo-2002e-17.x86_64.rpm
534e8eedf3f0ed21dca671e026eec4e3  x86_64/libc-client-2002e-17.i386.rpm
534e8eedf3f0ed21dca671e026eec4e3  i386/libc-client-2002e-17.i386.rpm
edcb2c8ca941da1417996da236b5bcd1  i386/libc-client-devel-2002e-17.i386.rpm
5cfb3b3ff4b66368e7c20ced8ab6c33c  i386/debug/libc-client-debuginfo-2002e-17.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  You may 
need to edit your up2date channels configuration.  Within 
/etc/sysconfig/rhn/sources enable the following line: 
yum updates-testing http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/4/$ARCH
---------------------------------------------------------------------

More information about the test mailing list