~ubuntu-branches/ubuntu/edgy/dovecot/edgy-security

Viewing changes to debian/patches/00list

Committer: Bazaar Package Importer
Author(s): Kees Cook
Date: 2008-03-24 14:26:07 UTC
Revision ID: james.westby@ubuntu.com-20080324142607-8ai73r4me8hs9rnl

Tags: 1.0.rc2-1ubuntu2.3

* SECURITY UPDATE: mailboxes of other users could be read via symlinks.
* Add upstream-mail-group-fixes.dpatch: upstream fixes (CVE-2008-1199).
* Add upstream-invalid-password-fixes.dpatch: proactive upstream fixes
  to avoid future issues in underlying passdb (CVE-2008-1218).
* References
  http://dovecot.org/list/dovecot-news/2008-March/000060.html
  http://dovecot.org/list/dovecot-news/2008-March/000064.html

files added:
debian/patches/upstream-invalid-password-fixes.dpatch

debian/patches/upstream-mail-group-fixes.dpatch

files modified:
debian/changelog

debian/patches/00list

Show diffs side-by-side

added added

removed removed

debian/patches/00list

ssl-cert-snakeoil

security-off-by-one

compressed-folders

upstream-mail-group-fixes.dpatch

upstream-invalid-password-fixes.dpatch

Older »