------------------------------------------------------------ Arch Linux Security Warning ALSW 2007-#25 ------------------------------------------------------------
Name: dovecot Date: 2007-04-19 Severity: Medium Warning #: 2007-#25 ------------------------------------------------------------ Product Background =================== Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems, written with security primarily in mind Problem Background - Impact =================== If zlib plugin was loaded, it was possible to open gzipped mbox files outside the user's mail directory. Problem Packages =================== Package: dovecot Repo: extra Group: network Unsafe: <= 1.0rc29 Safe: >=1.0rc29 On the dovecot home ( http://www.dovecot.org/ ) is out the 1.0.0 version, that contain patch for this bug. Package Fix =================== Upgrade to 1.0.0 =================== Unofficial ArchLinux Security Bug Tracker: http://jjdanimoth.netsons.org/alsw.html Reference(s) =================== http://dovecot.org/pipermail/dovecot-news/2007-March/000039.html
signature.asc
Description: OpenPGP digital signature
_______________________________________________ arch mailing list [email protected] http://archlinux.org/mailman/listinfo/arch
