Your message dated Sun, 21 May 2006 11:47:11 -0700 with message-id <[EMAIL PROTECTED]> and subject line Bug#364766: fixed in dovecot 1.0.beta8-2 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: dovecot-common Version: 1.0.beta7-1 Severity: important I have edited dovecot.conf to use a non-default SSL certificate and key, instead of /etc/ssl/{private,certs}/dovecot.pem. My cert+key is shared between multiple services, not only Dovecot. The Dovecot postinst gets the cert/key paths from the config file, and then unconditionally chowns/chmods them - this is BAD! It breaks some of my other services. Dovecot should NOT tamper with the permissions on files which it does not own. Max.
--- End Message ---
--- Begin Message ---Source: dovecot Source-Version: 1.0.beta8-2 We believe that the bug you reported is fixed in the latest version of dovecot, which is due to be installed in the Debian FTP archive: dovecot-common_1.0.beta8-2_i386.deb to pool/main/d/dovecot/dovecot-common_1.0.beta8-2_i386.deb dovecot-imapd_1.0.beta8-2_i386.deb to pool/main/d/dovecot/dovecot-imapd_1.0.beta8-2_i386.deb dovecot-pop3d_1.0.beta8-2_i386.deb to pool/main/d/dovecot/dovecot-pop3d_1.0.beta8-2_i386.deb dovecot_1.0.beta8-2.diff.gz to pool/main/d/dovecot/dovecot_1.0.beta8-2.diff.gz dovecot_1.0.beta8-2.dsc to pool/main/d/dovecot/dovecot_1.0.beta8-2.dsc A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jaldhar H. Vyas <[EMAIL PROTECTED]> (supplier of updated dovecot package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sun, 21 May 2006 13:16:17 -0400 Source: dovecot Binary: dovecot-common dovecot-pop3d dovecot-imapd Architecture: source i386 Version: 1.0.beta8-2 Distribution: unstable Urgency: high Maintainer: Jaldhar H. Vyas <[EMAIL PROTECTED]> Changed-By: Jaldhar H. Vyas <[EMAIL PROTECTED]> Description: dovecot-common - secure mail server that supports mbox and maildir mailboxes dovecot-imapd - secure IMAP server that supports mbox and maildir mailboxes dovecot-pop3d - secure POP3 server that supports mbox and maildir mailboxes Closes: 361536 364766 Changes: dovecot (1.0.beta8-2) unstable; urgency=high . * Don't chown/chmod ssl certificate unless we created it. (Closes: #364766) * Upstream fixed the crash if passwd-file had entries without passwords. (Closes: #361536) * fixed up the last versions changelog to better describe the security problem which was fixed there. Files: 5990eaed5a4f2c6006644d24535126cc 890 mail optional dovecot_1.0.beta8-2.dsc 8fe5e01f2a636aff4bb844239bab16e5 117597 mail optional dovecot_1.0.beta8-2.diff.gz af009054143c3838216e5c5ced3643eb 953898 mail optional dovecot-common_1.0.beta8-2_i386.deb 8a5cc11a328d78f6e25849ca49e32d19 532438 mail optional dovecot-imapd_1.0.beta8-2_i386.deb 402a3aec66177ff2931652dc2827a8a8 500324 mail optional dovecot-pop3d_1.0.beta8-2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFEcLUC2kYOR+5txmoRAlABAJ4m+OOnvsKf3UnIb05YNKDA4YyUtgCeLoNl blcesCApGp/7cJKGTDrDsBo= =NO1F -----END PGP SIGNATURE-----
--- End Message ---
