Hi, courier-authlib bundles libltdl version 2.2.6. This version has security issues: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
This probably does not affect many users, because courier-authlib uses the system-wide libltdl if it's available. Anyway, the bundled version should probably get an update. Alternatively you could just throw away the bundled version and require libltdl to be installed system wide. Bundling librarys is a bad idea anyway imho (due to security issues like this one). -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail: [email protected] http://schokokeks.org - professional webhosting
signature.asc
Description: This is a digitally signed message part.
------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev
_______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
