* SECURITY UPDATE: information disclosure via newly created mailboxes
  with incorrect ACLs
  - debian/patches/CVE-2010-3304.patch: verify the directory isn't the
    same as the INBOX's directory in src/plugins/acl/acl-backend-vfile.c.
  - CVE-2010-3304
* SECURITY UPDATE: ACL bypass via incorrect ACL merging
  - debian/patches/CVE-2010-370x.patch: fix logic of merging multiple
    ACLs in src/plugins/acl/{acl-api.h,acl-backend-vfile.c,acl-backend.c,
    acl-cache.c}.
  - CVE-2010-3706
  - CVE-2010-3707
* SECURITY UPDATE: restriction bypass via mailbox ACL changing
  - debian/patches/CVE-2010-3779.patch: don't give admin rights to all
    owner mailboxes in src/plugins/acl/acl-backend-vfile.c.
  - CVE-2010-3779
* SECURITY UPDATE: denial of service via many simultaneous disconnects.
  - debian/patches/CVE-2010-3780.patch: don't die after three failed
    writes to log in src/lib/failures.c.
  - CVE-2010-3780
* debian/control: removed linux-kernel-headers from Build-Conflicts to
  resolve building with sbuild.