dovecot 1:2.2.13-12~deb8u3 source package in Debian
Changelog
dovecot (1:2.2.13-12~deb8u3) jessie-security; urgency=high * Non-maintainer upload by the Security Team. * Revert "auth: Do not double-expand key in passdb dict when authenticating (CVE-2017-2669)" This reverts the applied patch which resulted in no longer interpreting placeholders in the keys even once with dict-based userdb or passdb. The actual vulnerability was introduced later with "auth-db-dict: Allow key name expansion" in 2.2.26. Thanks to Nick Thomas <email address hidden> and Aki Tuomi <email address hidden> -- Salvatore Bonaccorso <email address hidden> Tue, 11 Apr 2017 09:25:59 +0200
Upload details
- Uploaded by:
- Jaldhar H. Vyas
- Uploaded to:
- Jessie
- Original maintainer:
- Jaldhar H. Vyas
- Architectures:
- any
- Section:
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
dovecot_2.2.13-12~deb8u3.dsc | 3.3 KiB | f2e11d0735258596e3adee992eaf98709a3f95b135f0513ae6d8bab9e55e97c6 |
dovecot_2.2.13.orig.tar.gz | 4.4 MiB | 133cf3d2aa81733f6688ec986c91dbe07602fad81e856ba3d8046ffca85d9dce |
dovecot_2.2.13-12~deb8u3.debian.tar.xz | 718.7 KiB | 180a9a609771e91132e319c17bab612983104158ba5d378e418b1f21634331e9 |
No changes file available.