Viewing all changes in revision 34.
- Committer: Bazaar Package Importer
- Date: 2009-09-24 08:39:39 UTC
- mfrom: (33.1.1 hardy-proposed)
- Revision ID: james.westby@ubuntu.com-20090924083939-zd1alaap9xkjeffe
* SECURITY UPDATE: access restriction bypass from negative access rights
being treated as positive access rights in the ACL plugin
- debian/patches/security-CVE-2008-4577.dpatch: fix rights mask in
src/plugins/acl/acl-cache.c.
- CVE-2008-4577
* SECURITY UPDATE: arbitrary code execution via buffer overlows in
the Sieve plugin
- debian/patches/security-CVE-2009-3235.dpatch: increase scount size in
dovecot-sieve/src/libsieve/bc_eval.c, use snprintf in
dovecot-sieve/src/libsieve/sieve.y, use snprintf and calculate the
right length in dovecot-sieve/src/libsieve/script.c.
- CVE-2009-2632
- CVE-2009-3235
being treated as positive access rights in the ACL plugin
- debian/patches/security-CVE-2008-4577.dpatch: fix rights mask in
src/plugins/acl/acl-cache.c.
- CVE-2008-4577
* SECURITY UPDATE: arbitrary code execution via buffer overlows in
the Sieve plugin
- debian/patches/security-CVE-2009-3235.dpatch: increase scount size in
dovecot-sieve/src/libsieve/bc_eval.c, use snprintf in
dovecot-sieve/src/libsieve/sieve.y, use snprintf and calculate the
right length in dovecot-sieve/src/libsieve/script.c.
- CVE-2009-2632
- CVE-2009-3235
expand all
collapse all
added
removed
