Netzwerk Sicherheits Prüfungen / Anfälligkeitsfeststellung von SecuritySpace

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-9202
2008-10-30 11:38:51
--------------------------------------------------------------------------------

Name        : dovecot
Product     : Fedora 9
Version     : 1.0.15
Release     : 14.fc9
URL         : http://www.dovecot.org/
Summary     : Dovecot Secure imap server
Description :
Dovecot is an IMAP server for Linux/UNIX-like systems, written with security
primarily in mind.  It also contains a small POP3 server.  It supports mail
in either of maildir or mbox formats.

The SQL drivers and authentication plugins are in their subpackages.

--------------------------------------------------------------------------------
Update Information:

fix handling of negative rights in the ACL plugin
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 29 2008 Michal Hlavinka <mhlavink@redhat.com> - 1:1.0.15-14
- fix handling of negative rights in the ACL plugin (Resolves: CVE-2008-4577)
* Thu Aug 14 2008 Dan Horak <dan[at]danny.cz> - 1:1.0.15-13
- add missing defattr into subpackages
- remove unused patches from CVS
* Tue Jul 29 2008 Dan Horak <dan[at]danny.cz> - 1:1.0.15-12
- really ask for the password during start-up
* Tue Jul 29 2008 Dan Horák <dan[at]danny.cz> - 1:1.0.15-11
- final solution for #445200 (put the password into /etc/sysconfig/dovecot)
* Tue Jul  1 2008 Dan Horák <dan[at]danny.cz> - 1:1.0.15-10
- bump release
* Sun Jun 22 2008 Dan Horák <dan[at]danny.cz> - 1:1.0.15-1
- update to latest upstream 1.0.15
- Resolves: #452088
* Wed Jun 18 2008 Dan Horak <dan[at]danny.cz> - 1:1.0.14-9
- update init script (Resolves: #451838)
* Sat Jun  7 2008 Dan Horak <dan[at]danny.cz> - 1:1.0.14-8
- build devel subpackage (Resolves: #306881)
* Fri Jun  6 2008 Dan Horák <dan[at]danny.cz> - 1:1.0.14-7
- update to latest upstream stable (dovecot 1.0.14, sieve plugin 1.0.3)
- Resolves: #445200, #448095, #450010
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #467436 - CVE-2008-4577 dovecot: incorrect handling of negative rights in the ACL plugin
        https://bugzilla.redhat.com/show_bug.cgi?id=467436
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update dovecot' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce