← Back to branch summary

~ubuntu-branches/ubuntu/edgy/dovecot/edgy-security

« back to all changes in this revision

Viewing changes to debian/changelog

  • Committer: Bazaar Package Importer
  • Author(s): Kees Cook
  • Date: 2008-03-24 14:26:07 UTC
  • Revision ID: james.westby@ubuntu.com-20080324142607-8ai73r4me8hs9rnl
Tags: 1.0.rc2-1ubuntu2.3
* SECURITY UPDATE: mailboxes of other users could be read via symlinks.
* Add upstream-mail-group-fixes.dpatch: upstream fixes (CVE-2008-1199).
* Add upstream-invalid-password-fixes.dpatch: proactive upstream fixes
  to avoid future issues in underlying passdb (CVE-2008-1218).
* References
  http://dovecot.org/list/dovecot-news/2008-March/000060.html
  http://dovecot.org/list/dovecot-news/2008-March/000064.html

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/changelog
 
1
dovecot (1.0.rc2-1ubuntu2.3) edgy-security; urgency=low
 
2
 
 
3
  * SECURITY UPDATE: mailboxes of other users could be read via symlinks.
 
4
  * Add upstream-mail-group-fixes.dpatch: upstream fixes (CVE-2008-1199).
 
5
  * Add upstream-invalid-password-fixes.dpatch: proactive upstream fixes
 
6
    to avoid future issues in underlying passdb (CVE-2008-1218).
 
7
  * References
 
8
    http://dovecot.org/list/dovecot-news/2008-March/000060.html
 
9
    http://dovecot.org/list/dovecot-news/2008-March/000064.html
 
10
 
 
11
 -- Kees Cook <kees@ubuntu.com>  Mon, 24 Mar 2008 14:26:07 -0700
 
12
 
1
13
dovecot (1.0.rc2-1ubuntu2.2) edgy-security; urgency=low
2
14
 
3
15
  * SECURITY UPDATE: path traversal in shared spool configurations.