On Wed, Nov 19, 2008 at 05:32:24PM +0000, Dominic Hargreaves wrote:

> I'm not sure what the solution to this is; it's rather unfortunate that
> lenny contains what's now an old branch of code that probably won't be
> maintained any more.
> 
> Might be worth asking on the dovecot list to see if anyone is able to
> offer a backport?

For completeness, Redhat decision on this:

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-4578

"The risks associated with fixing this bug are greater than the low
severity security risk. We therefore currently have no plans to fix
this flaw in Red Hat Enterprise Linux 5."

-- 
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to