FS#6958 : Warning on dovecot

FS#6958 - Warning on dovecot

Attached to Project: Arch Linux
Opened by DaNiMoTh (DaNiMoTh) - Thursday, 19 April 2007, 12:39 GMT
Last edited by Paul Mattal (paul) - Friday, 04 May 2007, 05:22 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Paul Mattal (paul)
Architecture	All
Severity	Medium
Priority	Normal
Reported Version	0.8 Voodoo
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

------------------------------------------------------------
Arch Linux Security Warning ALSW 2007-#25
------------------------------------------------------------

Name: dovecot
Date: 2007-04-19
Severity: Medium
Warning #: 2007-#25

------------------------------------------------------------

Product Background
===================
Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems, written with security primarily in mind

Problem Background - Impact
===================
If zlib plugin was loaded, it was possible to open gzipped mbox files outside the user's mail directory.

Problem Packages
===================
Package: dovecot
Repo: extra
Group: network
Unsafe: <= 1.0rc29
Safe: >=1.0rc29

On the dovecot home ( http://www.dovecot.org/ ) is out the 1.0.0 version, that contain patch for this bug.

Package Fix
===================
Upgrade to 1.0rc29 or 1.0.0

===================

Unofficial ArchLinux Security Bug Tracker:
http://jjdanimoth.netsons.org/alsw.html

Reference(s)
===================
http://dovecot.org/pipermail/dovecot-news/2007-March/000039.html

This task depends upon

Closed by Paul Mattal (paul)
Friday, 04 May 2007, 05:22 GMT
Reason for closing: Fixed
Additional comments about closing: Updated to 1.0.0

Comment by Andreas Radke (AndyRTR) - Thursday, 26 April 2007, 21:33 GMT

x86_64 pkg updated

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#6958 - Warning on dovecot

Details

Loading...