http://www.fetchmail.info/fetchmail-SA-2009-01.txt 6.3.11 is in the tree.
Arches, please test and mark stable: =net-mail/fetchmail-6.3.11 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
USE=krb4 requires app-crypt/mit-krb5 built with USE=krb4, which is only available for < mit-krb5-1.7. I adjusted the dependency. x86 stable.
ppc64 done
CVE-2009-2666 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2666): socket.c in fetchmail before 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Stable for HPPA.
ppc stable
alpha/arm/ia64/s390/sh/sparc stable
amd64 stable, all arches done.
GLSA voting: yes
Yes, too. Request filed.
GLSA 201006-12