Viewing all changes in revision 48.
- Committer: Bazaar Package Importer
- Date: 2009-09-24 08:28:12 UTC
- Revision ID: james.westby@ubuntu.com-20090924082812-1bkeaj0scok62gzn
* SECURITY UPDATE: directory traversal vulnerability in the the
ManageSieve implementation (LP: #307291)
- debian/patches/security-CVE-2008-5301.dpatch: filter out slashes in
script names in dovecot-managesieve/src/lib-sievestorage/
{sieve-storage-save.c,sieve-storage-script.c}.
- CVE-2008-5301
* SECURITY UPDATE: arbitrary code execution via buffer overlows in
the Sieve plugin
- debian/patches/security-CVE-2009-3235.dpatch: increase scount size in
dovecot-sieve/src/libsieve/bc_eval.c, use snprintf in
dovecot-sieve/src/libsieve/sieve.y, use snprintf and calculate the
right length in dovecot-sieve/src/libsieve/script.c.
- CVE-2009-2632
- CVE-2009-3235
ManageSieve implementation (LP: #307291)
- debian/patches/security-CVE-2008-5301.dpatch: filter out slashes in
script names in dovecot-managesieve/src/lib-sievestorage/
{sieve-storage-save.c,sieve-storage-script.c}.
- CVE-2008-5301
* SECURITY UPDATE: arbitrary code execution via buffer overlows in
the Sieve plugin
- debian/patches/security-CVE-2009-3235.dpatch: increase scount size in
dovecot-sieve/src/libsieve/bc_eval.c, use snprintf in
dovecot-sieve/src/libsieve/sieve.y, use snprintf and calculate the
right length in dovecot-sieve/src/libsieve/script.c.
- CVE-2009-2632
- CVE-2009-3235
- files added:
- debian/patches/security-CVE-2008-5301.dpatch
- files modified:
- debian/changelog
expand all
collapse all
added
removed
