~ubuntu-branches/ubuntu/natty/postfix/natty-security

Committer: Bazaar Package Importer
Author(s): Marc Deslauriers
Date: 2011-05-10 08:21:55 UTC
mfrom: (42.1.1 natty-proposed)
Revision ID: james.westby@ubuntu.com-20110510082155-1g69mia6bokcnhv3

Tags: 2.8.2-1ubuntu2.1

* SECURITY UPDATE: SASL memory corruption
  - src/smtpd/smtpd_sasl_proto.c: don't reuse the SASL handle after
    auth failure.
  - Origin: backported from postfix-2.8-patch03.gz
  - CVE-2011-1720

files modified:
debian/changelog

debian/init.d

html/postconf.1.html

html/postmap.1.html

html/smtp-sink.1.html

man/man1/postmap.1

src/smtpd/smtpd_sasl_proto.c

Show diffs side-by-side

added added

removed removed

debian/changelog

postfix (2.8.2-1ubuntu2.1) natty-security; urgency=low

* SECURITY UPDATE: SASL memory corruption

- src/smtpd/smtpd_sasl_proto.c: don't reuse the SASL handle after

auth failure.

- Origin: backported from postfix-2.8-patch03.gz

- CVE-2011-1720

-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 10 May 2011 08:21:55 -0400

postfix (2.8.2-1ubuntu2) natty-proposed; urgency=low

* debian/init.d: copy both /lib/libnss_*.so and /lib/*/libnss_*.so to the

chroot; this is overbroad since it will pick up NSS modules for

architectures other than our own, but avoids a runtime dep on dpkg-dev

or build-time munging of the init script. Thanks to Kevin Sumner for

the patch. LP: #764096.

-- Steve Langasek <steve.langasek@ubuntu.com> Wed, 04 May 2011 14:48:07 -0700

postfix (2.8.2-1ubuntu1) natty; urgency=low

* Merge from debian unstable. Remaining changes:

Older »