Ubuntu
dovecot package

dovecot 1:1.2.9-1ubuntu6.3 source package in Ubuntu

Changelog

dovecot (1:1.2.9-1ubuntu6.3) lucid-security; urgency=low

  * SECURITY UPDATE: information disclosure via newly created mailboxes
    with incorrect ACLs
    - debian/patches/CVE-2010-3304.patch: verify the directory isn't the
      same as the INBOX's directory in src/plugins/acl/acl-backend-vfile.c.
    - CVE-2010-3304
  * SECURITY UPDATE: ACL bypass via incorrect ACL merging
    - debian/patches/CVE-2010-370x.patch: fix logic of merging multiple
      ACLs in src/plugins/acl/{acl-api.h,acl-backend-vfile.c,acl-backend.c,
      acl-cache.c}.
    - CVE-2010-3706
    - CVE-2010-3707
  * SECURITY UPDATE: restriction bypass via mailbox ACL changing
    - debian/patches/CVE-2010-3779.patch: don't give admin rights to all
      owner mailboxes in src/plugins/acl/acl-backend-vfile.c.
    - CVE-2010-3779
  * SECURITY UPDATE: denial of service via many simultaneous disconnects.
    - debian/patches/CVE-2010-3780.patch: don't die after three failed
      writes to log in src/lib/failures.c.
    - CVE-2010-3780
  * debian/control: removed linux-kernel-headers from Build-Conflicts to
    resolve building with sbuild.
  * This update does not contain the changes from 1:1.2.9-1ubuntu6.2 that
    was in -proposed.
 -- Marc Deslauriers <email address hidden>   Mon, 31 Jan 2011 13:53:14 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Lucid
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
mail
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
dovecot_1.2.9.orig.tar.gz 2.8 MiB b4661e2e839ec2dde27e74c596d1157530b80c767ce42566c894553cb16a6887
dovecot_1.2.9-1ubuntu6.3.debian.tar.gz 1.4 MiB 29f6e4901bad4247c2e07ff8ad2dcee01c2c7afd1a33beafe68059f29e8d0bb5
dovecot_1.2.9-1ubuntu6.3.dsc 2.3 KiB f95d48ba219c799d910cfa89243cd154951b966446f1cbac487d8c73f06c8f8f

View changes file

Binary packages built by this source

dovecot-common: No summary available for dovecot-common in ubuntu lucid.

No description available for dovecot-common in ubuntu lucid.

dovecot-dbg: No summary available for dovecot-dbg in ubuntu lucid.

No description available for dovecot-dbg in ubuntu lucid.

dovecot-dev: No summary available for dovecot-dev in ubuntu lucid.

No description available for dovecot-dev in ubuntu lucid.

dovecot-imapd: No summary available for dovecot-imapd in ubuntu lucid.

No description available for dovecot-imapd in ubuntu lucid.

dovecot-pop3d: No summary available for dovecot-pop3d in ubuntu lucid.

No description available for dovecot-pop3d in ubuntu lucid.

dovecot-postfix: No summary available for dovecot-postfix in ubuntu lucid.

No description available for dovecot-postfix in ubuntu lucid.