[Technik] [SECURITY] [DSA 1101-1] New courier packages fix
denial of service
Noèl Köthe
technik@hostsharing.net
Tue Jul 4 14:57:55 CEST 2006
--=-11/EK80yttJZK8Xux+pt
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Am Freitag, den 23.06.2006, 07:28 +0200 schrieb Martin Schulze:
> Debian Security Advisory DSA 1101-1 security@debian.or=
g
> http://www.debian.org/security/ Martin Schulz=
e
> June 23rd, 2006 http://www.debian.org/security/fa=
q
>=20
> Package : courier
> Vulnerability : programming error
> Problem type : remote
> Debian-specific: no
> CVE ID : CVE-2006-2659
> Debian Bug : 368834
auf pima, pomo und cusa aktualisiert.
Die E-Mails hingen leider wegen der Gr=C3=B6=C3=9Fe in der Spamqueue, darum=
kam
die erst jetzt.
> For the old stable distribution (woody) this problem has been fixed in
> version 0.37.3-2.9.
changelog:
courier (0.37.3-2.9hostsharing.drac0) woody; urgency=3Dhigh
* added drac patch for POP before SMTP
-- No=C3=A8l K=C3=B6the <noel@hostsharing.net> Tue, 4 Jul 2006 13:18:35 =
+0200
courier (0.37.3-2.9) oldstable-security; urgency=3Dhigh
* Non-maintainer upload by the Security Team
* Backported upstream patch to fix an encoding bug in connection with
the '=3D' sign in addresses [courier/libs/comverp.c, CVE-2006-2659]
-- Martin Schulze <joey@infodrom.org> Thu, 25 May 2006 17:53:56 +0200
--=20
No=C3=A8l K=C3=B6the <noel debian.org>
Debian GNU/Linux, www.debian.org
--=-11/EK80yttJZK8Xux+pt
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: Dies ist ein digital signierter Nachrichtenteil
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQBEqnPj9/DnDzB9Vu0RAuv7AJ9P+mS6NF/fLoqwMQjHAQMYoom6jgCcCDbv
638GtDyZIjrk7hsglB2llBQ=
=r2hl
-----END PGP SIGNATURE-----
--=-11/EK80yttJZK8Xux+pt--
More information about the Technik
mailing list