The problem can be corrected by upgrading the affected package to
version 6.2.5-8ubuntu2.3 (for Ubuntu 4.10), 6.2.5-12ubuntu1.3 (for
Ubuntu 5.04), or 6.2.5-13ubuntu3.2 (for Ubuntu 5.10). In general, a
standard system upgrade is sufficient to effect the necessary changes.
Steve Fosdick discovered a remote Denial of Service vulnerability in
fetchmail. When using fetchmail in 'multidrop' mode, a malicious email
server could cause a crash by sending an email without any headers.
Since fetchmail is commonly called automatically (with cron, for
example), this crash could go unnoticed.