-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2009-09-24 08:10:42 UTC
-
Revision ID:
james.westby@ubuntu.com-20090924081042-p0f1vmszz27d67fo
Tags: 1:1.1.11-0ubuntu9
* SECURITY UPDATE: arbitrary code execution via buffer overlows in
the Sieve plugin
- debian/patches/security-CVE-2009-3235.dpatch: increase scount size in
dovecot-sieve/src/libsieve/bc_eval.c, use snprintf in
dovecot-sieve/src/libsieve/sieve.y, use snprintf and calculate the
right length in dovecot-sieve/src/libsieve/script.c.
- CVE-2009-2632
- CVE-2009-3235