Gentoo Security Advisory GLSA 200409-32 (getmail)

Summary
The remote host is missing updates announced in advisory GLSA 200409-32.
Solution
All getmail users should upgrade to the latest version: # emerge sync # emerge -pv '>=net-mail/getmail-4.2.0' # emerge '>=net-mail/getmail-4.2.0' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200409-32 http://bugs.gentoo.org/show_bug.cgi?id=64643 http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG http://article.gmane.org/gmane.mail.getmail.user/1430
Insight
getmail contains a vulnerability that could potentially allow any local user to create or overwrite files in any directory on the system. This flaw can be escalated further and possibly lead to a complete system compromise.