OESA-2021-1360

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1360

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2021-1360.json

JSON Data

https://api.test.osv.dev/v1/vulns/OESA-2021-1360

Upstream

CVE-2021-39272

Published

2021-09-30T11:03:13Z

Modified

2025-08-12T05:09:46.197934Z

Summary

fetchmail security update

Details

Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6, and IPSEC) for retrieval. Then Fetchmail forwards the mail through SMTP so you can read it through your favorite mail client. Install fetchmail if you need to retrieve mail over SLIP or PPP connections.

Security Fix(es):

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.(CVE-2021-39272)

Database specific

{
    "severity": "Medium"
}

References

Affected packages

openEuler:20.03-LTS-SP1 / fetchmail

Package

Name: fetchmail
Purl: pkg:rpm/openEuler/fetchmail&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.22-1.oe1

Ecosystem specific

{
    "aarch64": [
        "fetchmail-debuginfo-6.4.22-1.oe1.aarch64.rpm",
        "fetchmail-debugsource-6.4.22-1.oe1.aarch64.rpm",
        "fetchmail-6.4.22-1.oe1.aarch64.rpm"
    ],
    "src": [
        "fetchmail-6.4.22-1.oe1.src.rpm"
    ],
    "x86_64": [
        "fetchmail-debugsource-6.4.22-1.oe1.x86_64.rpm",
        "fetchmail-6.4.22-1.oe1.x86_64.rpm",
        "fetchmail-debuginfo-6.4.22-1.oe1.x86_64.rpm"
    ],
    "noarch": [
        "fetchmail-help-6.4.22-1.oe1.noarch.rpm"
    ]
}

openEuler:20.03-LTS-SP2 / fetchmail

Package

Name: fetchmail
Purl: pkg:rpm/openEuler/fetchmail&distro=openEuler-20.03-LTS-SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.22-1.oe1

Ecosystem specific

{
    "aarch64": [
        "fetchmail-debugsource-6.4.22-1.oe1.aarch64.rpm",
        "fetchmail-debuginfo-6.4.22-1.oe1.aarch64.rpm",
        "fetchmail-6.4.22-1.oe1.aarch64.rpm"
    ],
    "src": [
        "fetchmail-6.4.22-1.oe1.src.rpm"
    ],
    "x86_64": [
        "fetchmail-6.4.22-1.oe1.x86_64.rpm",
        "fetchmail-debuginfo-6.4.22-1.oe1.x86_64.rpm",
        "fetchmail-debugsource-6.4.22-1.oe1.x86_64.rpm"
    ],
    "noarch": [
        "fetchmail-help-6.4.22-1.oe1.noarch.rpm"
    ]
}