OESA-2021-1314

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1314
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2021-1314.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2021-1314
Upstream
Published
2021-08-20T11:03:08Z
Modified
2025-08-12T05:09:15.102379Z
Summary
fetchmail security update
Details

Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6, and IPSEC) for retrieval. Then Fetchmail forwards the mail through SMTP so you can read it through your favorite mail client. Install fetchmail if you need to retrieve mail over SLIP or PPP connections.

Security Fix(es):

reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any realistic platform results in an impact beyond an inconvenience to the client user.(CVE-2021-36386)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:20.03-LTS-SP1 / fetchmail

Package

Name
fetchmail
Purl
pkg:rpm/openEuler/fetchmail&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.20-1.oe1

Ecosystem specific 

{
    "x86_64": [
        "fetchmail-debugsource-6.4.20-1.oe1.x86_64.rpm",
        "fetchmail-6.4.20-1.oe1.x86_64.rpm",
        "fetchmail-debuginfo-6.4.20-1.oe1.x86_64.rpm"
    ],
    "src": [
        "fetchmail-6.4.20-1.oe1.src.rpm"
    ],
    "aarch64": [
        "fetchmail-debuginfo-6.4.20-1.oe1.aarch64.rpm",
        "fetchmail-debugsource-6.4.20-1.oe1.aarch64.rpm",
        "fetchmail-6.4.20-1.oe1.aarch64.rpm"
    ],
    "noarch": [
        "fetchmail-help-6.4.20-1.oe1.noarch.rpm"
    ]
}

openEuler:20.03-LTS-SP2 / fetchmail

Package

Name
fetchmail
Purl
pkg:rpm/openEuler/fetchmail&distro=openEuler-20.03-LTS-SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.20-1.oe1

Ecosystem specific 

{
    "x86_64": [
        "fetchmail-debugsource-6.4.20-1.oe1.x86_64.rpm",
        "fetchmail-6.4.20-1.oe1.x86_64.rpm",
        "fetchmail-debuginfo-6.4.20-1.oe1.x86_64.rpm"
    ],
    "src": [
        "fetchmail-6.4.20-1.oe1.src.rpm"
    ],
    "aarch64": [
        "fetchmail-6.4.20-1.oe1.aarch64.rpm",
        "fetchmail-debuginfo-6.4.20-1.oe1.aarch64.rpm",
        "fetchmail-debugsource-6.4.20-1.oe1.aarch64.rpm"
    ],
    "noarch": [
        "fetchmail-help-6.4.20-1.oe1.noarch.rpm"
    ]
}