fetchmail vulnerabilities in the last year or so

Posted Feb 23, 2007 6:52 UTC (Fri) by rfunk (subscriber, #4054)
In reply to: fetchmail vulnerabilities in the last year or so by DonDiego
Parent article: ESR's goodbye note

This is getting ridiculous. I said one of two DoS and one encryption
issue, in the past year or so. You listed one encryption issue from
2006, two DoS from 2006, and a DoS from 2005. It's now 2007. By my
count the situation is exactly as I said, but if you want to include the
2005 DoS in there then you can have a cookie or whatever for counting
three DoS instead of 1-2.

Look, I couldn't care less if you prefer getmail over fetchmail. But if
you're going to push getmail or criticize fetchmail, please do it with
something approximating the truth. Fetchmail's post-ESR security record
of a handful of low-risk vulnerabilities is far better than your
characterization of "a fresh exploit every other week."